Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/6YmBfpK6FnKCSmXiSJhc8yMkaFQ.roa
File: 6YmBfpK6FnKCSmXiSJhc8yMkaFQ.roa (raw, json)
Hash identifier: 2zNmE2ZQI+aEfAL4I06auMQ3vkTba54GPVSVg1SRyLE=
Subject key identifier: E9:89:81:7E:92:BA:16:72:82:4A:65:E2:48:98:5C:F3:23:24:68:54
Certificate issuer: /CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Certificate serial: 01856D81BBF5EA2052D07B9403EEC060E100
Authority key identifier: 5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/6YmBfpK6FnKCSmXiSJhc8yMkaFQ.roa
Signing time: Sun 01 Jan 2023 13:24:56 +0000
ROA not before: Sun 01 Jan 2023 13:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15644
IP address blocks: 5.61.68.0/24 maxlen: 24
5.61.71.0/24 maxlen: 24
5.61.69.0/24 maxlen: 24
5.61.70.0/24 maxlen: 24
5.61.64.0/21 maxlen: 21
2a01:52c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:bb:f5:ea:20:52:d0:7b:94:03:ee:c0:60:e1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Validity
Not Before: Jan 1 13:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e989817e92ba1672824a65e248985cf323246854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:af:07:37:9a:06:b2:e0:b0:18:5a:4f:62:d2:
78:1d:ea:8d:8f:ee:e8:03:d0:78:02:a7:78:ab:fd:
83:4e:98:d8:3a:86:9a:68:c7:ff:74:0c:30:33:c4:
d0:14:2d:45:f8:c8:9f:80:b6:7a:f3:53:99:4c:e5:
45:48:e5:ee:56:32:4e:ac:13:b7:6c:74:81:c0:fa:
18:0a:a4:b8:bf:7c:68:ca:0d:30:40:a8:7f:c0:36:
22:d1:6d:48:74:b8:5e:ec:42:94:e9:ed:b9:a7:8d:
75:96:85:97:d8:ca:0b:05:cf:19:b5:1b:2b:8e:cb:
35:3f:e5:1d:e0:9c:d0:45:6d:fe:9c:c8:9a:64:09:
f8:fa:b3:29:6d:c4:32:de:98:37:96:73:ce:95:85:
c3:1e:c9:84:f5:73:c4:0b:95:6b:8c:60:6c:2c:a7:
42:d8:42:cb:aa:a6:fe:24:4e:e3:8b:ba:e3:87:ea:
56:4e:2e:8d:68:b9:58:4d:3f:28:a2:77:6f:ab:72:
93:4e:a6:47:9d:7e:5d:2b:8d:ce:77:11:c3:86:17:
73:4b:09:81:27:78:d0:6d:b3:02:28:fc:bb:d2:3f:
ec:6f:ef:de:ec:2c:c7:df:e4:0c:7a:35:a2:c4:b1:
2a:d9:76:fe:35:77:00:f8:f5:f3:59:cb:a0:3a:ee:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:89:81:7E:92:BA:16:72:82:4A:65:E2:48:98:5C:F3:23:24:68:54
X509v3 Authority Key Identifier:
keyid:5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/6YmBfpK6FnKCSmXiSJhc8yMkaFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.64.0/21
IPv6:
2a01:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:62:04:52:78:72:2e:c9:3c:eb:79:f6:75:78:fa:d0:80:1a:
50:68:89:d9:f7:69:72:b3:bf:ad:76:ec:f3:64:c7:5c:cf:87:
6e:08:6e:0c:b9:cd:6e:09:82:61:96:79:f7:80:6d:df:d7:80:
31:4e:0f:66:58:53:71:21:bc:77:0b:c3:d8:83:12:2f:cb:1f:
b9:4e:ae:4c:cf:50:b9:e7:95:8e:d4:8f:4b:59:01:cd:44:71:
5d:a2:2f:85:dc:60:fd:26:3d:9e:cf:a2:49:df:48:ad:db:10:
e7:5a:f6:ce:6c:de:bd:24:2c:ac:df:e3:b5:ab:92:73:cf:26:
a5:bf:f5:47:15:cf:4d:0b:66:a5:d4:ac:6e:49:62:c4:fb:e5:
15:b4:e8:15:71:0a:52:06:b3:2d:8d:55:34:a2:1e:ee:9b:96:
ca:6c:4f:65:af:61:2a:bc:14:2b:a4:85:89:ed:53:4e:64:0d:
c5:de:c2:39:0c:c9:41:55:67:ae:e7:9a:68:bb:e7:b3:7c:39:
bf:ba:e7:04:2e:33:95:ae:99:e0:e7:92:c9:9d:8a:21:8f:71:
cb:9e:f2:cb:19:22:51:a0:93:36:67:f8:d5:00:e5:7a:0d:60:
3d:7e:af:54:a8:6b:fb:f8:0d:b7:ba:44:01:4c:8e:47:b0:e9:
e6:ab:49:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgbv16iBS0HuUA+7AYOEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjRiYzYxMzdjNTQwYTg5YjkxNzNjYzJkZTMyZWIwNGM5
ZTZlYWUwHhcNMjMwMTAxMTMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTg5ODE3ZTkyYmExNjcyODI0YTY1ZTI0ODk4NWNmMzIzMjQ2ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK8HN5oGsuCwGFpPYtJ4HeqNj+7o
A9B4Aqd4q/2DTpjYOoaaaMf/dAwwM8TQFC1F+MifgLZ681OZTOVFSOXuVjJOrBO3
bHSBwPoYCqS4v3xoyg0wQKh/wDYi0W1IdLhe7EKU6e25p411loWX2MoLBc8ZtRsr
jss1P+Ud4JzQRW3+nMiaZAn4+rMpbcQy3pg3lnPOlYXDHsmE9XPEC5VrjGBsLKdC
2ELLqqb+JE7ji7rjh+pWTi6NaLlYTT8oondvq3KTTqZHnX5dK43OdxHDhhdzSwmB
J3jQbbMCKPy70j/sb+/e7CzH3+QMejWixLEq2Xb+NXcA+PXzWcugOu7O/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOmJgX6SuhZygkpl4kiYXPMjJGhUMB8GA1UdIwQY
MBaAFF/0vGE3xUCom5FzzC3jLrBMnm6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGIt
MDA1Y2I0ZGNhNjNmLzEvNlltQmZwSzZGbktDU21YaVNKaGM4eU1rYUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGItMDA1Y2I0ZGNhNjNm
LzEvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT1AMA0E
AgACMAcDBQAqAVLAMA0GCSqGSIb3DQEBCwUAA4IBAQCDYgRSeHIuyTzrefZ1ePrQ
gBpQaInZ92lys7+tduzzZMdcz4duCG4Muc1uCYJhlnn3gG3f14AxTg9mWFNxIbx3
C8PYgxIvyx+5Tq5Mz1C555WO1I9LWQHNRHFdoi+F3GD9Jj2ez6JJ30it2xDnWvbO
bN69JCys3+O1q5Jzzyalv/VHFc9NC2al1KxuSWLE++UVtOgVcQpSBrMtjVU0oh7u
m5bKbE9lr2EqvBQrpIWJ7VNOZA3F3sI5DMlBVWeu55pou+ezfDm/uucELjOVrpng
55LJnYohj3HLnvLLGSJRoJM2Z/jVAOV6DWA9fq9UqGv7+A23ukQBTI5HsOnmq0lB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:52 2024 by rpki-client on console-fra.rpki-client.org