Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PrkE45JrAj_QvVMXkRYlppCCexA.roa
File: PrkE45JrAj_QvVMXkRYlppCCexA.roa (raw, json)
Hash identifier: rqX7DFM0e5oudjCwrJhVz34Mn83Q58W72GWnyQREv6I=
Subject key identifier: 3E:B9:04:E3:92:6B:02:3F:D0:BD:53:17:91:16:25:A6:90:82:7B:10
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018D68CCEABCDC03905D1D0398CF09F00703
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PrkE45JrAj_QvVMXkRYlppCCexA.roa
Signing time: Fri 02 Feb 2024 07:51:16 +0000
ROA not before: Fri 02 Feb 2024 07:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 5.144.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 18:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:cc:ea:bc:dc:03:90:5d:1d:03:98:cf:09:f0:07:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Feb 2 07:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb904e3926b023fd0bd5317911625a690827b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:7f:43:88:7c:00:b2:8e:1d:5f:9c:03:bf:
02:a4:a1:7b:20:91:9b:ee:66:8b:69:51:e3:74:36:
52:5c:f7:28:f0:c6:70:5b:c1:d4:bf:db:fb:c0:80:
a9:f6:9d:44:1a:fd:08:64:99:ae:ee:c8:b8:3d:92:
e4:6f:b6:c6:ae:fa:f0:52:e5:a8:aa:89:51:12:60:
9a:3a:fa:43:6e:5f:a7:59:21:61:ce:b2:40:ca:94:
42:02:00:7f:9e:40:fc:a1:60:6c:2c:8b:33:0a:3c:
6a:5e:07:4b:25:d9:6f:3d:ce:77:b7:2c:58:98:cd:
79:fe:36:ac:f0:76:0f:3e:a7:d8:7f:ce:bc:67:49:
8b:cc:8e:e8:f5:f1:19:6c:ea:7f:c0:7f:97:73:b1:
86:9d:d9:f4:cd:5d:9d:ec:f6:80:97:63:30:f6:45:
eb:6a:8b:ee:0c:82:47:db:c6:cd:52:df:09:d0:bb:
6e:b0:94:6c:4e:95:40:f1:f9:c5:f1:77:2d:89:21:
d9:23:1c:8b:08:8f:84:8b:3b:e1:36:91:76:dc:e3:
35:ef:4e:d5:82:0a:2d:7d:4c:69:e0:bf:28:30:cc:
33:9a:35:1f:da:83:57:32:b1:a4:c9:9d:bd:4d:5a:
65:0f:53:df:6e:c3:fe:5c:3e:61:1b:57:72:96:1e:
ce:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B9:04:E3:92:6B:02:3F:D0:BD:53:17:91:16:25:A6:90:82:7B:10
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PrkE45JrAj_QvVMXkRYlppCCexA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:cd:7d:13:90:c2:53:5f:49:bf:ad:51:b8:3f:06:55:a7:be:
d3:c1:5f:bd:f2:0d:a4:c4:b9:00:3f:4b:e5:2f:6d:21:70:1a:
3e:87:de:58:95:fa:91:9d:4a:a0:91:a0:66:a1:72:ab:33:84:
33:40:c6:bd:ac:9a:de:97:17:2f:17:fd:13:35:db:aa:5a:b7:
a2:5f:f6:41:a7:8a:13:e2:d9:81:24:c0:36:5b:e7:2f:aa:30:
15:86:20:62:92:51:ba:04:d2:a9:a6:63:fb:e6:a3:03:c2:5b:
4a:bf:6a:ed:0a:41:bb:b2:0e:39:fa:98:53:8d:54:f9:3b:3b:
7d:22:c9:c7:44:ec:4d:6e:5e:01:e1:55:e3:89:b9:b3:0e:c1:
e1:c3:cb:5e:aa:18:c6:d4:05:18:57:11:28:db:38:0a:be:20:
a4:f0:77:f5:61:6e:ed:96:0e:b1:d6:2d:2e:22:53:f8:8a:ed:
d0:fd:8b:e8:e8:40:3e:26:e3:c9:cb:ea:b7:21:38:84:ad:54:
53:23:2e:8e:ae:b3:91:41:24:3c:92:cf:8f:bc:49:04:3c:01:
88:1b:1e:4f:9a:03:42:68:a1:1c:8a:aa:65:86:dd:01:51:16:
a6:a7:51:e5:5c:4c:69:aa:97:d4:90:1d:c8:75:b6:fa:42:6b:
88:65:f9:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ozOq83AOQXR0DmM8J8AcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMjAyMDc1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI5MDRlMzkyNmIwMjNmZDBiZDUzMTc5MTE2MjVhNjkwODI3YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX1/Q4h8ALKOHV+cA78CpKF7IJGb
7maLaVHjdDZSXPco8MZwW8HUv9v7wICp9p1EGv0IZJmu7si4PZLkb7bGrvrwUuWo
qolREmCaOvpDbl+nWSFhzrJAypRCAgB/nkD8oWBsLIszCjxqXgdLJdlvPc53tyxY
mM15/jas8HYPPqfYf868Z0mLzI7o9fEZbOp/wH+Xc7GGndn0zV2d7PaAl2Mw9kXr
aovuDIJH28bNUt8J0LtusJRsTpVA8fnF8XctiSHZIxyLCI+EizvhNpF23OM1707V
ggotfUxp4L8oMMwzmjUf2oNXMrGkyZ29TVplD1PfbsP+XD5hG1dylh7OeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD65BOOSawI/0L1TF5EWJaaQgnsQMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUHJrRTQ1SnJBal9RdlZNWGtSWWxwcENDZXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCwMA0G
CSqGSIb3DQEBCwUAA4IBAQBbzX0TkMJTX0m/rVG4PwZVp77TwV+98g2kxLkAP0vl
L20hcBo+h95YlfqRnUqgkaBmoXKrM4QzQMa9rJrelxcvF/0TNduqWreiX/ZBp4oT
4tmBJMA2W+cvqjAVhiBiklG6BNKppmP75qMDwltKv2rtCkG7sg45+phTjVT5Ozt9
IsnHROxNbl4B4VXjibmzDsHhw8teqhjG1AUYVxEo2zgKviCk8Hf1YW7tlg6x1i0u
IlP4iu3Q/Yvo6EA+JuPJy+q3ITiErVRTIy6OrrORQSQ8ks+PvEkEPAGIGx5PmgNC
aKEciqplht0BURamp1HlXExpqpfUkB3Idbb6QmuIZfkf
-----END CERTIFICATE-----
Generated at Thu Feb 22 20:07:06 2024 by rpki-client on console-ams.rpki-client.org