Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/fP5oB9nHpt_oFl86GqMwNR6nAbY.roa
File: fP5oB9nHpt_oFl86GqMwNR6nAbY.roa (raw, json)
Hash identifier: nWxC7Ju9CHUlZlYNmltAJgtzpMAMZsILZeGwWMTXri4=
Subject key identifier: 7C:FE:68:07:D9:C7:A6:DF:E8:16:5F:3A:1A:A3:30:35:1E:A7:01:B6
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42E5EBE860047BA17ED9369B99A390
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/fP5oB9nHpt_oFl86GqMwNR6nAbY.roa
Signing time: Sun 01 Jan 2023 21:35:33 +0000
ROA not before: Sun 01 Jan 2023 21:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60932
IP address blocks: 5.160.198.0/24 maxlen: 24
5.160.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e5:eb:e8:60:04:7b:a1:7e:d9:36:9b:99:a3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cfe6807d9c7a6dfe8165f3a1aa330351ea701b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:44:23:68:3d:be:50:f5:0f:da:b0:81:a6:b7:
78:6d:7b:f4:7d:6c:3f:28:a2:e4:20:3e:29:02:d0:
a8:9f:b1:8a:ca:85:82:37:a4:29:63:2c:37:7b:fb:
10:99:dd:5e:e4:75:d6:94:62:d1:1e:46:3b:60:8f:
bc:f8:09:21:47:95:86:73:e0:f5:34:eb:a2:c8:04:
07:21:6c:4d:df:dc:d4:0d:10:b4:60:f5:4a:b4:dd:
42:18:39:93:04:69:a2:53:5a:88:c0:95:08:e3:37:
9d:71:55:22:e9:7c:6d:54:0a:49:76:9e:3e:2c:62:
0d:e2:e5:d9:01:49:e3:a3:91:9f:04:a1:48:33:80:
c1:85:64:e7:10:a8:c2:61:00:e2:71:db:a9:ee:68:
2b:61:4b:39:f8:8b:9c:b6:30:d5:76:71:21:4f:47:
96:5c:76:45:b1:f6:53:ec:a8:15:f0:fe:ae:1b:d6:
71:b4:1d:54:72:5e:e7:9f:3a:b1:b5:6e:01:e4:0e:
05:13:43:79:ea:62:a6:ca:84:f8:96:5e:88:ef:36:
3c:e3:dc:dd:b9:5c:3b:f0:fd:f4:ec:a5:1c:ae:25:
0a:e1:21:49:77:ef:81:9d:c0:5e:72:d3:ca:c6:71:
ba:f0:1d:a2:e5:5b:7a:61:d3:7f:70:9c:d0:8a:c8:
b5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FE:68:07:D9:C7:A6:DF:E8:16:5F:3A:1A:A3:30:35:1E:A7:01:B6
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/fP5oB9nHpt_oFl86GqMwNR6nAbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.153.0/24
5.160.198.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c8:ee:c3:75:8b:1e:94:2b:78:39:3a:10:e3:48:a7:22:5c:
56:dd:52:96:e8:08:73:f4:91:52:40:40:ec:00:4d:7e:c7:6f:
e9:da:57:b2:b1:c9:e1:3c:02:1d:2a:44:b3:f8:a3:91:fd:1b:
63:9a:43:a1:e6:f1:c1:5b:fc:45:a1:b6:5a:4c:24:60:bc:35:
83:f9:4f:04:e6:2e:47:81:20:46:a8:19:c6:4c:69:13:a6:d7:
93:2e:fc:a8:f3:5a:da:3f:82:07:61:0d:9c:ee:c7:f1:fb:54:
87:ed:bf:72:2b:cd:f8:8c:30:59:a9:da:8b:c4:1f:9a:b2:32:
f5:72:af:47:26:77:2c:5c:83:b3:3b:d6:c3:31:cf:21:5d:be:
f8:07:e6:03:e7:4c:82:68:32:85:b7:16:eb:20:b8:37:c7:e6:
e8:e8:fd:cf:40:7f:0b:67:3e:9d:b3:fe:e7:45:28:30:9f:46:
66:a1:df:cb:9c:2e:ea:d5:fb:16:26:71:a2:e2:08:50:ab:bd:
02:24:3f:75:1c:cf:cc:6e:32:9b:ec:17:30:1c:1a:2d:35:c2:
04:a9:5b:12:38:7f:7b:8a:80:a0:6d:97:e8:db:5e:4a:65:70:
19:bd:44:98:b4:16:68:95:a7:50:8d:22:81:8a:d9:1f:82:90:
57:17:e1:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQuXr6GAEe6F+2TabmaOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ZlNjgwN2Q5YzdhNmRmZTgxNjVmM2ExYWEzMzAzNTFlYTcwMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEQjaD2+UPUP2rCBprd4bXv0fWw/
KKLkID4pAtCon7GKyoWCN6QpYyw3e/sQmd1e5HXWlGLRHkY7YI+8+AkhR5WGc+D1
NOuiyAQHIWxN39zUDRC0YPVKtN1CGDmTBGmiU1qIwJUI4zedcVUi6XxtVApJdp4+
LGIN4uXZAUnjo5GfBKFIM4DBhWTnEKjCYQDicdup7mgrYUs5+IuctjDVdnEhT0eW
XHZFsfZT7KgV8P6uG9ZxtB1Ucl7nnzqxtW4B5A4FE0N56mKmyoT4ll6I7zY849zd
uVw78P307KUcriUK4SFJd++BncBectPKxnG68B2i5Vt6YdN/cJzQisi1sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHz+aAfZx6bf6BZfOhqjMDUepwG2MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvZlA1b0I5bkhwdF9vRmw4NkdxTXdOUjZuQWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaCZAwQA
BaDGMA0GCSqGSIb3DQEBCwUAA4IBAQCByO7DdYselCt4OToQ40inIlxW3VKW6Ahz
9JFSQEDsAE1+x2/p2leyscnhPAIdKkSz+KOR/RtjmkOh5vHBW/xFobZaTCRgvDWD
+U8E5i5HgSBGqBnGTGkTpteTLvyo81raP4IHYQ2c7sfx+1SH7b9yK834jDBZqdqL
xB+asjL1cq9HJncsXIOzO9bDMc8hXb74B+YD50yCaDKFtxbrILg3x+bo6P3PQH8L
Zz6ds/7nRSgwn0Zmod/LnC7q1fsWJnGi4ghQq70CJD91HM/MbjKb7BcwHBotNcIE
qVsSOH97ioCgbZfo215KZXAZvUSYtBZoladQjSKBitkfgpBXF+Fa
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:49 2024 by rpki-client on console-fra.rpki-client.org