Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/oMbQFNF3KKtRKbMbs8XmNyJhnn8.roa
File: oMbQFNF3KKtRKbMbs8XmNyJhnn8.roa (raw, json)
Hash identifier: g1yYj4d84CMOjPlj8LQV/1cdh467pIrBu+iYYf8+4BU=
Subject key identifier: A0:C6:D0:14:D1:77:28:AB:51:29:B3:1B:B3:C5:E6:37:22:61:9E:7F
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42CE3D754987F5D657737EF087C8CD
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/oMbQFNF3KKtRKbMbs8XmNyJhnn8.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16018
IP address blocks: 5.160.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:3d:75:49:87:f5:d6:57:73:7e:f0:87:c8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0c6d014d17728ab5129b31bb3c5e63722619e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:19:5e:30:f6:12:43:2c:c4:e0:76:69:0b:
e2:f4:64:6c:6e:4f:e7:3f:21:00:57:e4:4e:29:00:
3a:07:32:3f:d1:17:a0:94:0a:d4:db:d6:08:6c:b0:
f3:41:6a:b0:74:6a:66:7b:83:c4:0e:b3:a4:b1:26:
b9:7b:da:08:75:f1:cb:63:85:b9:d7:3c:d8:8a:69:
c2:4f:3d:a1:28:3b:5a:32:af:ae:46:95:7f:05:b8:
d3:75:0c:06:17:99:53:ee:ee:01:23:86:ad:2e:52:
62:14:34:91:6b:a9:72:b8:ae:52:7a:76:48:9a:d7:
35:5c:7e:76:3c:43:06:da:72:96:fe:a2:1c:c3:74:
51:59:76:68:ed:8a:7c:32:4e:32:e5:ac:fd:ef:f7:
f7:10:ad:d2:60:74:d8:83:60:48:35:ea:fb:d3:b7:
d7:2d:66:93:71:a1:0e:f8:d8:b8:a1:ab:bf:61:93:
90:7b:2d:34:1e:fc:c7:6a:a7:85:73:43:26:30:07:
00:ae:b6:dc:8b:3d:0e:82:71:1d:76:6f:3e:18:3f:
48:9c:29:a7:66:b5:62:e2:58:6c:4e:36:51:78:88:
c6:e8:d9:8e:5f:35:d4:1f:55:15:f9:4a:4a:9c:9b:
36:91:4b:02:62:64:a9:7b:28:0a:41:42:5d:c7:ec:
3c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C6:D0:14:D1:77:28:AB:51:29:B3:1B:B3:C5:E6:37:22:61:9E:7F
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/oMbQFNF3KKtRKbMbs8XmNyJhnn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fe:99:78:56:78:08:47:ca:59:81:1a:c3:e0:db:54:21:df:
c5:5b:a8:00:b4:ad:d5:18:0c:0c:c7:6a:8a:13:96:79:0c:83:
ed:7b:ee:67:46:11:bc:70:dc:24:0a:ac:49:91:17:66:07:d5:
71:6c:79:f8:93:17:bb:57:04:cc:e8:da:a8:25:2e:c9:d9:43:
7b:db:6e:c0:a3:d1:a6:42:30:09:1b:d4:8b:cf:fd:52:1f:13:
0b:e3:cc:f3:a8:3c:69:4d:eb:78:7c:13:e9:45:98:e0:a3:48:
fc:d4:50:ba:91:c5:5b:17:bb:aa:79:45:09:ac:b5:83:8f:39:
db:79:d9:46:08:cd:d6:11:68:ce:70:94:d4:c1:d4:cf:da:f9:
52:48:8d:80:82:b7:7f:ea:2f:e5:d6:84:8c:07:50:aa:f8:6f:
19:42:07:bb:43:3a:c4:b9:c3:41:07:6e:29:2f:70:26:4a:41:
b3:e5:66:fe:99:a1:ae:b0:98:c4:e2:4a:a4:5e:8c:1f:01:c3:
c7:32:2b:5f:46:1b:55:2c:05:e1:73:63:2c:57:1f:a1:ca:4c:
8b:a4:c2:f5:35:60:d0:2c:b6:b7:20:f9:4f:77:6f:47:ee:a0:
79:a0:b2:df:5c:17:dd:e2:1c:f5:7e:53:10:1c:6e:9b:96:2e:
a3:b5:6b:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQs49dUmH9dZXc37wh8jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM2ZDAxNGQxNzcyOGFiNTEyOWIzMWJiM2M1ZTYzNzIyNjE5ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHUZXjD2EkMsxOB2aQvi9GRsbk/n
PyEAV+ROKQA6BzI/0ReglArU29YIbLDzQWqwdGpme4PEDrOksSa5e9oIdfHLY4W5
1zzYimnCTz2hKDtaMq+uRpV/BbjTdQwGF5lT7u4BI4atLlJiFDSRa6lyuK5SenZI
mtc1XH52PEMG2nKW/qIcw3RRWXZo7Yp8Mk4y5az97/f3EK3SYHTYg2BINer707fX
LWaTcaEO+Ni4oau/YZOQey00HvzHaqeFc0MmMAcArrbciz0OgnEddm8+GD9InCmn
ZrVi4lhsTjZReIjG6NmOXzXUH1UV+UpKnJs2kUsCYmSpeygKQUJdx+w85QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDG0BTRdyirUSmzG7PF5jciYZ5/MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvb01iUUZORjNLS3RSS2JNYnM4WG1OeUpobm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaDSMA0G
CSqGSIb3DQEBCwUAA4IBAQAv/pl4VngIR8pZgRrD4NtUId/FW6gAtK3VGAwMx2qK
E5Z5DIPte+5nRhG8cNwkCqxJkRdmB9VxbHn4kxe7VwTM6NqoJS7J2UN7227Ao9Gm
QjAJG9SLz/1SHxML48zzqDxpTet4fBPpRZjgo0j81FC6kcVbF7uqeUUJrLWDjznb
edlGCM3WEWjOcJTUwdTP2vlSSI2Agrd/6i/l1oSMB1Cq+G8ZQge7QzrEucNBB24p
L3AmSkGz5Wb+maGusJjE4kqkXowfAcPHMitfRhtVLAXhc2MsVx+hykyLpML1NWDQ
LLa3IPlPd29H7qB5oLLfXBfd4hz1flMQHG6bli6jtWvC
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:52 2024 by rpki-client on console-ams.rpki-client.org