Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gkkxZNTlZcow4rw4WHkDp5-50SI.roa
File: gkkxZNTlZcow4rw4WHkDp5-50SI.roa (raw, json)
Hash identifier: 0XUdKoCYr5zx5iWSScTwZGtuS4QxQAfwDn0ntd7U1Vw=
Subject key identifier: 82:49:31:64:D4:E5:65:CA:30:E2:BC:38:58:79:03:A7:9F:B9:D1:22
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42F09C660CF33F3301D201AB011E4F
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gkkxZNTlZcow4rw4WHkDp5-50SI.roa
Signing time: Sun 01 Jan 2023 21:35:36 +0000
ROA not before: Sun 01 Jan 2023 21:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207381
IP address blocks: 5.160.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f0:9c:66:0c:f3:3f:33:01:d2:01:ab:01:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82493164d4e565ca30e2bc38587903a79fb9d122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:ad:5a:17:c8:41:f8:16:ab:f5:83:95:8a:
d3:9b:e9:63:51:35:70:f2:b8:88:9e:e0:9d:a8:84:
aa:69:61:e3:15:5d:a5:7a:92:41:1f:f3:95:ac:b4:
69:3a:a8:8a:0e:18:9d:c9:b6:f4:5a:fb:7f:97:2f:
62:a9:6e:8d:5b:a2:b4:e7:0f:94:80:98:12:20:74:
84:ef:fa:cb:78:e1:8f:0f:6e:13:15:5a:6a:35:9d:
5e:df:08:64:66:90:f0:a5:da:6a:48:23:27:aa:df:
66:9d:a7:b4:78:00:57:8e:ad:88:0e:42:f4:23:1c:
96:71:c4:de:b7:de:20:27:92:44:64:a7:41:bc:6a:
55:4c:62:a5:e7:2e:5b:ca:8e:10:45:1e:5a:c7:c8:
f4:12:e6:73:8b:55:33:de:c9:ed:3e:d0:85:f5:72:
53:30:29:89:0f:31:48:16:71:76:d2:d9:af:77:2b:
8b:8b:45:59:76:5d:89:e8:46:11:1d:91:a9:f9:00:
f9:6e:75:87:4d:96:f9:a9:02:2f:f5:a1:b2:32:3c:
30:50:58:dd:af:d8:4c:a3:c1:13:7d:82:08:8f:56:
3b:ef:97:7e:1e:d7:ee:78:ea:d4:b2:1e:6e:91:09:
76:2f:5a:ca:91:2c:aa:32:89:57:c6:34:7d:c3:61:
72:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:31:64:D4:E5:65:CA:30:E2:BC:38:58:79:03:A7:9F:B9:D1:22
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gkkxZNTlZcow4rw4WHkDp5-50SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.152.0/24
Signature Algorithm: sha256WithRSAEncryption
85:cd:5f:35:7b:55:67:c6:9e:c2:42:67:25:0b:43:dc:07:67:
92:3e:59:5e:f6:fc:d6:3b:05:be:33:f8:f6:4b:1f:53:fa:fe:
49:08:bf:42:27:8b:03:93:45:d2:19:7d:d8:40:02:2d:87:6e:
f8:0b:5f:42:e7:d2:b6:68:bf:8e:67:b2:64:13:e1:05:57:f8:
8c:85:9e:f6:e5:98:bb:d4:4a:4b:77:77:f2:55:f6:96:1f:e2:
ca:31:5f:a3:eb:93:b4:87:59:f0:aa:b5:58:1b:f5:21:45:10:
21:7b:19:c8:05:c3:41:20:9c:ea:71:80:0a:bc:54:df:5b:69:
7f:09:99:64:5d:b4:9a:57:d4:e4:1d:63:72:57:4a:a5:c2:c1:
64:31:8e:75:5e:85:24:90:86:4c:58:ee:ba:f2:96:5f:a0:8d:
e3:5f:36:07:a9:ed:da:24:37:45:e4:a6:b5:ad:63:58:69:b9:
e3:11:61:a4:2e:a5:dd:9e:21:9d:1b:a8:b5:f4:6d:14:5a:1c:
41:7f:24:34:af:9e:69:df:f5:92:71:d9:4d:4a:ed:6a:99:6c:
84:b6:5d:1a:e2:40:eb:5c:af:ad:eb:3a:6b:51:74:49:f3:c2:
8d:76:d1:78:db:8d:68:63:f3:e1:69:9e:b9:68:7e:df:39:02:
f6:63:d1:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQvCcZgzzPzMB0gGrAR5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ5MzE2NGQ0ZTU2NWNhMzBlMmJjMzg1ODc5MDNhNzlmYjlkMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ+tWhfIQfgWq/WDlYrTm+ljUTVw
8riInuCdqISqaWHjFV2lepJBH/OVrLRpOqiKDhidybb0Wvt/ly9iqW6NW6K05w+U
gJgSIHSE7/rLeOGPD24TFVpqNZ1e3whkZpDwpdpqSCMnqt9mnae0eABXjq2IDkL0
IxyWccTet94gJ5JEZKdBvGpVTGKl5y5byo4QRR5ax8j0EuZzi1Uz3sntPtCF9XJT
MCmJDzFIFnF20tmvdyuLi0VZdl2J6EYRHZGp+QD5bnWHTZb5qQIv9aGyMjwwUFjd
r9hMo8ETfYIIj1Y775d+HtfueOrUsh5ukQl2L1rKkSyqMolXxjR9w2FyvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJJMWTU5WXKMOK8OFh5A6efudEiMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvZ2treFpOVGxaY293NHJ3NFdIa0RwNS01MFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCYMA0G
CSqGSIb3DQEBCwUAA4IBAQCFzV81e1Vnxp7CQmclC0PcB2eSPlle9vzWOwW+M/j2
Sx9T+v5JCL9CJ4sDk0XSGX3YQAIth274C19C59K2aL+OZ7JkE+EFV/iMhZ725Zi7
1EpLd3fyVfaWH+LKMV+j65O0h1nwqrVYG/UhRRAhexnIBcNBIJzqcYAKvFTfW2l/
CZlkXbSaV9TkHWNyV0qlwsFkMY51XoUkkIZMWO668pZfoI3jXzYHqe3aJDdF5Ka1
rWNYabnjEWGkLqXdniGdG6i19G0UWhxBfyQ0r55p3/WScdlNSu1qmWyEtl0a4kDr
XK+t6zprUXRJ88KNdtF4241oY/PhaZ65aH7fOQL2Y9Hh
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:51 2024 by rpki-client on console-ams.rpki-client.org