Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/aJvDSUVfiKu0qUHcXUwdmz0WRr4.roa
File: aJvDSUVfiKu0qUHcXUwdmz0WRr4.roa (raw, json)
Hash identifier: E66CeCmK4ZbofMuwFIplQxiB0xQ0XkB1+IrD2PdnqHE=
Subject key identifier: 68:9B:C3:49:45:5F:88:AB:B4:A9:41:DC:5D:4C:1D:9B:3D:16:46:BE
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 018CC7943E43BCA50E3D4C6FFAF37640CD8A
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/aJvDSUVfiKu0qUHcXUwdmz0WRr4.roa
Signing time: Tue 02 Jan 2024 00:30:30 +0000
ROA not before: Tue 02 Jan 2024 00:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205192
IP address blocks: 5.250.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 18:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:3e:43:bc:a5:0e:3d:4c:6f:fa:f3:76:40:cd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Jan 2 00:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=689bc349455f88abb4a941dc5d4c1d9b3d1646be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:51:30:50:fd:20:08:6c:e4:ee:f3:74:02:4d:
7c:02:92:2f:3c:46:b8:a8:6c:aa:18:bf:cf:15:6d:
03:89:74:f6:e5:a2:fd:f2:92:c8:e3:f7:b3:86:e2:
3c:2e:86:13:a4:9d:5e:c9:d1:20:47:01:e8:7e:a0:
c7:58:5c:78:64:81:ca:51:bd:34:53:1a:11:5a:81:
00:7d:be:86:c3:e8:db:64:41:0e:f9:c5:6d:e6:94:
5f:18:a0:4d:6c:a9:56:da:5d:46:9c:2b:15:19:76:
01:fd:ca:60:7d:1b:fb:b4:cd:5a:fe:00:d4:7b:ee:
eb:c5:88:32:ff:d4:02:b6:03:aa:41:b1:7d:59:ca:
97:bf:88:8b:1d:1a:ee:00:8c:1d:be:6e:3a:dc:d7:
56:f2:3d:5b:d8:12:46:7e:80:d8:22:2a:07:4f:60:
58:ac:05:0f:e4:41:14:2f:45:eb:e7:76:08:c3:bd:
d7:95:de:eb:ae:2a:47:7a:69:6a:ba:f0:c0:a9:ff:
c5:34:34:91:9d:21:e4:f3:1c:ae:58:23:b2:74:e7:
e1:d8:a6:1f:ee:f3:66:b6:1c:ad:34:fd:d0:b4:2a:
2f:27:f4:b1:7f:38:0e:cf:f1:77:47:a1:a8:eb:14:
12:37:4d:69:80:e0:53:61:fe:9c:b4:d6:43:f7:7f:
86:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9B:C3:49:45:5F:88:AB:B4:A9:41:DC:5D:4C:1D:9B:3D:16:46:BE
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/aJvDSUVfiKu0qUHcXUwdmz0WRr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.253.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ea:4e:d1:66:e6:7e:8c:a8:95:e2:30:39:db:36:c1:84:4f:
0e:7e:8f:1a:dd:e3:9f:e3:50:fc:56:9e:47:84:b0:eb:ea:6c:
d8:f2:81:02:fa:30:61:ec:5e:7c:aa:c8:7a:c5:81:c6:a3:cb:
7d:75:28:d7:95:c8:fe:3e:b8:aa:9f:cf:a7:2f:b1:4d:dd:de:
c1:90:39:c0:d9:4e:4c:98:7d:27:1d:26:85:1a:0c:e0:16:5b:
94:b3:fb:83:c5:a7:1d:e8:4f:07:36:90:10:82:ca:43:a4:7f:
24:df:f5:ff:d9:bc:0e:c5:f3:7f:cc:18:4e:c9:c8:af:53:e4:
6d:e0:fa:b2:ab:ca:f4:0e:cc:04:77:40:13:67:74:84:d2:22:
ff:b4:71:64:b1:c4:a8:15:7a:3f:57:92:ba:87:17:5c:2c:02:
b2:99:df:70:e8:05:9f:47:86:8d:06:08:b0:e6:c6:9e:6d:c9:
e1:5d:bd:7a:26:d9:ad:ab:34:de:08:f1:b9:d5:b6:9a:c2:4f:
bf:d4:7f:1a:58:ed:45:db:29:c6:d2:c8:19:88:d9:cb:10:2a:
18:89:9b:18:9f:ca:5a:ea:a6:14:d5:38:fc:1a:8f:01:cd:df:
b7:ad:8c:d7:6c:7d:8d:c1:e2:fe:78:b7:6a:a1:c5:59:bc:92:
85:73:ef:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlD5DvKUOPUxv+vN2QM2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjQwMTAyMDAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODliYzM0OTQ1NWY4OGFiYjRhOTQxZGM1ZDRjMWQ5YjNkMTY0NmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplEwUP0gCGzk7vN0Ak18ApIvPEa4
qGyqGL/PFW0DiXT25aL98pLI4/ezhuI8LoYTpJ1eydEgRwHofqDHWFx4ZIHKUb00
UxoRWoEAfb6Gw+jbZEEO+cVt5pRfGKBNbKlW2l1GnCsVGXYB/cpgfRv7tM1a/gDU
e+7rxYgy/9QCtgOqQbF9WcqXv4iLHRruAIwdvm463NdW8j1b2BJGfoDYIioHT2BY
rAUP5EEUL0Xr53YIw73Xld7rripHemlquvDAqf/FNDSRnSHk8xyuWCOydOfh2KYf
7vNmthytNP3QtCovJ/SxfzgOz/F3R6Go6xQSN01pgOBTYf6ctNZD93+GNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGibw0lFX4irtKlB3F1MHZs9Fka+MB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvYUp2RFNVVmZpS3UwcVVIY1hVd2RtejBXUnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfr9MA0G
CSqGSIb3DQEBCwUAA4IBAQBF6k7RZuZ+jKiV4jA52zbBhE8Ofo8a3eOf41D8Vp5H
hLDr6mzY8oEC+jBh7F58qsh6xYHGo8t9dSjXlcj+Priqn8+nL7FN3d7BkDnA2U5M
mH0nHSaFGgzgFluUs/uDxacd6E8HNpAQgspDpH8k3/X/2bwOxfN/zBhOycivU+Rt
4Pqyq8r0DswEd0ATZ3SE0iL/tHFkscSoFXo/V5K6hxdcLAKymd9w6AWfR4aNBgiw
5saebcnhXb16JtmtqzTeCPG51baawk+/1H8aWO1F2ynG0sgZiNnLECoYiZsYn8pa
6qYU1Tj8Go8Bzd+3rYzXbH2NweL+eLdqocVZvJKFc++Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:47 2024 by rpki-client on console-fra.rpki-client.org