Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/j2-aXt-ofQ835XwodOrWou5Z74U.roa
File: j2-aXt-ofQ835XwodOrWou5Z74U.roa (raw, json)
Hash identifier: 6BWGxSsMhbr2Ux2+rfm9eaT69w/3Ju+Kf4H73GgDeF8=
Subject key identifier: 8F:6F:9A:5E:DF:A8:7D:0F:37:E5:7C:28:74:EA:D6:A2:EE:59:EF:85
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01879915988CDD4B677BD0A1FEF47A75D199
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/j2-aXt-ofQ835XwodOrWou5Z74U.roa
Signing time: Wed 19 Apr 2023 10:35:41 +0000
ROA not before: Wed 19 Apr 2023 10:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 5.160.62.0/23 maxlen: 23
92.242.198.0/23 maxlen: 23
46.209.248.0/23 maxlen: 23
5.160.196.0/23 maxlen: 23
92.242.220.0/23 maxlen: 23
5.160.240.0/23 maxlen: 23
5.160.149.0/24 maxlen: 24
5.160.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:15:98:8c:dd:4b:67:7b:d0:a1:fe:f4:7a:75:d1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Apr 19 10:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f6f9a5edfa87d0f37e57c2874ead6a2ee59ef85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9c:1e:b8:5e:6e:1c:83:42:d5:b3:bb:1b:9c:
25:4c:a5:49:04:5e:93:fd:06:a9:0a:a2:29:fe:e6:
3c:37:ee:92:44:3a:5a:83:61:fd:67:97:ab:53:02:
b8:74:e5:cc:00:45:34:67:08:17:e5:f2:94:c3:4a:
b8:67:05:85:90:7d:80:3a:08:55:37:3d:be:1a:0f:
50:b7:77:15:70:d0:95:2d:50:8b:91:d0:db:63:47:
ea:c9:50:05:50:1d:3c:65:57:5f:35:45:e2:ca:ff:
96:d8:8e:32:1c:db:bb:7c:9a:ac:65:8b:8e:07:2f:
74:bd:01:25:13:b0:7f:ab:d8:6d:3a:b5:4e:18:97:
cc:d1:5b:44:45:0a:d6:7c:b7:83:f1:d1:74:bc:6e:
d7:92:cf:51:67:97:9f:16:67:f0:81:ba:2e:61:5e:
ff:8c:2f:15:52:ac:cb:26:9e:0d:8d:2f:c1:c7:a0:
74:0a:33:0a:81:3d:31:e7:3b:62:f4:bd:cb:83:e7:
69:d8:fa:4b:a0:7a:84:bd:7c:d1:98:79:b5:de:cd:
f6:5c:a1:1e:ab:b1:39:b6:20:32:f5:bd:40:59:f1:
36:99:05:ae:f9:92:57:da:11:49:75:19:28:c1:96:
ce:31:b6:ca:c3:6f:28:95:6d:03:88:6c:39:ca:61:
f1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6F:9A:5E:DF:A8:7D:0F:37:E5:7C:28:74:EA:D6:A2:EE:59:EF:85
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/j2-aXt-ofQ835XwodOrWou5Z74U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.62.0/23
5.160.149.0/24
5.160.158.0/23
5.160.196.0/23
5.160.240.0/23
46.209.248.0/23
92.242.198.0/23
92.242.220.0/23
Signature Algorithm: sha256WithRSAEncryption
71:84:0a:a9:5a:ba:b0:8a:be:9c:e7:75:d3:37:de:4a:8a:a1:
eb:34:b2:bf:5b:c9:61:d2:17:88:0e:10:54:c2:69:ed:49:3d:
f6:9e:b0:4c:93:48:a5:eb:e8:c8:f5:58:a3:8a:c9:a5:68:2f:
6f:f2:1f:fb:7a:63:7e:af:61:d1:d3:93:b4:bc:5c:39:5b:92:
2a:22:f2:58:87:25:fb:5c:53:86:54:2a:29:86:06:e8:68:d0:
ac:c5:02:53:52:be:7d:50:fe:f8:32:be:b7:36:4a:c2:0f:d8:
1f:1c:a3:d1:39:0c:57:2e:fc:d0:2e:bd:8e:0d:bb:e6:45:b3:
e6:60:f9:48:1c:de:55:70:39:1d:7a:f6:d4:02:fd:fe:df:ed:
03:72:57:90:81:eb:c4:bb:dd:40:72:47:d9:db:fa:ec:38:d3:
3e:e5:71:9c:16:1e:2d:1a:aa:65:98:1a:91:9f:3a:55:d6:1b:
1c:99:c6:7e:12:d2:0d:61:2c:2f:f3:65:08:f5:f6:d4:04:13:
5f:7e:11:b2:ca:14:54:09:39:3c:e4:2a:70:29:17:aa:e2:36:
c4:fa:b6:66:3f:95:52:1b:45:33:92:21:f3:3e:6d:2a:5e:08:
02:35:f6:19:f0:66:de:e7:46:6b:41:a3:86:66:18:e9:33:44:
7b:f9:8b:91
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeZFZiM3Utne9Ch/vR6ddGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwNDE5MTAzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZmOWE1ZWRmYTg3ZDBmMzdlNTdjMjg3NGVhZDZhMmVlNTllZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpweuF5uHINC1bO7G5wlTKVJBF6T
/QapCqIp/uY8N+6SRDpag2H9Z5erUwK4dOXMAEU0ZwgX5fKUw0q4ZwWFkH2AOghV
Nz2+Gg9Qt3cVcNCVLVCLkdDbY0fqyVAFUB08ZVdfNUXiyv+W2I4yHNu7fJqsZYuO
By90vQElE7B/q9htOrVOGJfM0VtERQrWfLeD8dF0vG7Xks9RZ5efFmfwgbouYV7/
jC8VUqzLJp4NjS/Bx6B0CjMKgT0x5zti9L3Lg+dp2PpLoHqEvXzRmHm13s32XKEe
q7E5tiAy9b1AWfE2mQWu+ZJX2hFJdRkowZbOMbbKw28olW0DiGw5ymHx6wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFI9vml7fqH0PN+V8KHTq1qLuWe+FMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvajItYVh0LW9mUTgzNVh3b2RPcldvdTVaNzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBaA+AwQA
BaCVAwQBBaCeAwQBBaDEAwQBBaDwAwQBLtH4AwQBXPLGAwQBXPLcMA0GCSqGSIb3
DQEBCwUAA4IBAQBxhAqpWrqwir6c53XTN95KiqHrNLK/W8lh0heIDhBUwmntST32
nrBMk0il6+jI9VijismlaC9v8h/7emN+r2HR05O0vFw5W5IqIvJYhyX7XFOGVCop
hgboaNCsxQJTUr59UP74Mr63NkrCD9gfHKPROQxXLvzQLr2ODbvmRbPmYPlIHN5V
cDkdevbUAv3+3+0DcleQgevEu91AckfZ2/rsONM+5XGcFh4tGqplmBqRnzpV1hsc
mcZ+EtINYSwv82UI9fbUBBNffhGyyhRUCTk85CpwKReq4jbE+rZmP5VSG0UzkiHz
Pm0qXggCNfYZ8Gbe50ZrQaOGZhjpM0R7+YuR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org