Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uRwuqn7rf6_m0t81DEYuMAMvTLY.roa
File: uRwuqn7rf6_m0t81DEYuMAMvTLY.roa (raw, json)
Hash identifier: 7cjkN/oPYZYlWkdwMTCz3zXOTOkCAlLI1bNuSzCbxI0=
Subject key identifier: B9:1C:2E:AA:7E:EB:7F:AF:E6:D2:DF:35:0C:46:2E:30:03:2F:4C:B6
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42D9C93344BDE8DC2292723B8A3179
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uRwuqn7rf6_m0t81DEYuMAMvTLY.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50530
IP address blocks: 5.160.201.0/24 maxlen: 24
5.160.200.0/23 maxlen: 23
5.160.200.0/24 maxlen: 24
5.160.209.0/24 maxlen: 24
5.160.208.0/23 maxlen: 23
5.160.208.0/24 maxlen: 24
5.160.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d9:c9:33:44:bd:e8:dc:22:92:72:3b:8a:31:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91c2eaa7eeb7fafe6d2df350c462e30032f4cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:2e:3f:7a:82:82:a4:8b:f9:16:cb:b6:22:
5b:62:a6:46:cd:73:f0:47:09:26:9d:8b:0d:52:d2:
7a:da:d2:48:7c:63:72:7e:ac:1e:8c:51:0b:2d:9d:
20:3a:da:c5:58:5b:cd:c5:f8:17:f1:3a:44:7a:69:
85:22:5a:86:c3:b9:02:3f:8e:20:48:8c:35:3e:d8:
a4:20:d7:60:79:04:17:d1:74:fd:77:78:28:2c:41:
5b:4c:08:2d:d0:43:2b:a6:ef:c5:12:49:64:8c:21:
56:e5:ce:fd:31:a9:c0:e6:dd:21:11:c9:3a:0b:01:
18:4c:b4:ab:4b:01:8c:15:c9:98:f0:b3:c7:34:6a:
78:0a:71:54:cc:3f:b6:a2:2a:c1:05:6f:e5:ad:f2:
f4:b8:d2:24:f6:5f:79:29:66:27:fb:b3:a6:f5:2c:
30:17:3a:c3:36:18:31:83:0b:20:72:f2:8e:dd:3f:
81:24:b1:17:36:ab:4c:e1:00:3f:a0:5c:b5:7c:1d:
43:bd:5b:d9:25:e5:67:20:f0:6c:07:e5:28:74:70:
7b:bb:cd:59:df:c5:b7:2c:22:58:71:c6:ef:90:a5:
83:c7:ed:5a:3d:87:ea:65:cb:a0:b1:aa:58:c8:87:
3c:d7:2f:9f:b6:9b:f4:ec:fd:77:4e:37:b2:5d:53:
26:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1C:2E:AA:7E:EB:7F:AF:E6:D2:DF:35:0C:46:2E:30:03:2F:4C:B6
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uRwuqn7rf6_m0t81DEYuMAMvTLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.157.0/24
5.160.200.0/23
5.160.208.0/23
Signature Algorithm: sha256WithRSAEncryption
00:84:ca:c9:b5:04:ab:e3:2e:29:1e:fa:e0:5c:16:cb:f4:8e:
a9:d0:5d:0c:2f:20:ce:cb:f3:d3:8b:1d:f4:bc:40:75:07:72:
d3:5c:c9:ba:df:d3:38:d3:dc:bf:60:47:42:fd:67:05:4c:4b:
d9:2d:3e:c1:2b:78:08:66:47:cd:ee:0f:a5:27:5a:ee:00:22:
34:50:a6:ed:69:e0:c6:b2:7d:63:57:ec:35:16:e7:92:7c:a7:
39:e2:a4:da:a7:b9:4e:c5:90:41:3a:bb:7f:05:6a:0d:75:45:
59:d3:05:e2:f8:07:22:65:b0:11:da:97:96:12:a2:95:ff:bd:
a3:29:c7:a9:9b:e8:d2:39:1e:88:4d:b7:d5:cc:84:90:bf:93:
df:7c:db:c5:23:af:b5:17:3b:df:28:cb:cb:37:fa:2b:e7:72:
37:72:5e:aa:bb:f5:7f:62:69:c8:07:c1:5d:34:3f:7d:6a:63:
c8:2d:43:d8:e9:ba:b3:f0:09:30:6f:0d:31:f2:09:23:18:a5:
54:43:ee:3b:fd:81:66:44:78:9a:f9:bb:27:cd:21:ab:8e:08:
24:65:77:a1:5f:a0:0e:cd:7d:14:42:03:5b:a3:38:5d:6c:d3:
6e:53:ce:24:d7:eb:d6:47:95:5c:ba:02:9a:8d:61:96:77:d2:
49:3b:9c:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQtnJM0S96NwiknI7ijF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFjMmVhYTdlZWI3ZmFmZTZkMmRmMzUwYzQ2MmUzMDAzMmY0Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJYuP3qCgqSL+RbLtiJbYqZGzXPw
RwkmnYsNUtJ62tJIfGNyfqwejFELLZ0gOtrFWFvNxfgX8TpEemmFIlqGw7kCP44g
SIw1PtikINdgeQQX0XT9d3goLEFbTAgt0EMrpu/FEklkjCFW5c79ManA5t0hEck6
CwEYTLSrSwGMFcmY8LPHNGp4CnFUzD+2oirBBW/lrfL0uNIk9l95KWYn+7Om9Sww
FzrDNhgxgwsgcvKO3T+BJLEXNqtM4QA/oFy1fB1DvVvZJeVnIPBsB+UodHB7u81Z
38W3LCJYccbvkKWDx+1aPYfqZcugsapYyIc81y+ftpv07P13TjeyXVMmGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLkcLqp+63+v5tLfNQxGLjADL0y2MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvdVJ3dXFuN3JmNl9tMHQ4MURFWXVNQU12VExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaCdAwQB
BaDIAwQBBaDQMA0GCSqGSIb3DQEBCwUAA4IBAQAAhMrJtQSr4y4pHvrgXBbL9I6p
0F0MLyDOy/PTix30vEB1B3LTXMm639M409y/YEdC/WcFTEvZLT7BK3gIZkfN7g+l
J1ruACI0UKbtaeDGsn1jV+w1FueSfKc54qTap7lOxZBBOrt/BWoNdUVZ0wXi+Aci
ZbAR2peWEqKV/72jKcepm+jSOR6ITbfVzISQv5PffNvFI6+1FzvfKMvLN/or53I3
cl6qu/V/YmnIB8FdND99amPILUPY6bqz8Akwbw0x8gkjGKVUQ+47/YFmRHia+bsn
zSGrjggkZXehX6AOzX0UQgNbozhdbNNuU84k1+vWR5VcugKajWGWd9JJO5yU
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:52 2024 by rpki-client on console-ams.rpki-client.org