Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/SJ2V5_-hXlcU2i3WehDMtNOoEL4.roa
File: SJ2V5_-hXlcU2i3WehDMtNOoEL4.roa (raw, json)
Hash identifier: sVg7eIvrAIgboZ38q1hs+dCaA0SuN5tsgJsqZ+5uIY4=
Subject key identifier: 48:9D:95:E7:FF:A1:5E:57:14:DA:2D:D6:7A:10:CC:B4:D3:A8:10:BE
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 018D7ADFFABA97B2A3780CAFBDDAC1BB6674
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/SJ2V5_-hXlcU2i3WehDMtNOoEL4.roa
Signing time: Mon 05 Feb 2024 20:05:15 +0000
ROA not before: Mon 05 Feb 2024 20:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 5.42.90.0/24 maxlen: 24
5.42.91.0/24 maxlen: 24
5.42.93.0/24 maxlen: 24
2a13:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 21 May 2024 10:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:df:fa:ba:97:b2:a3:78:0c:af:bd:da:c1:bb:66:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Feb 5 20:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=489d95e7ffa15e5714da2dd67a10ccb4d3a810be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:79:fe:e2:b8:9b:4a:86:11:3a:f1:25:65:38:
98:6d:13:f2:d7:52:a8:5b:73:0b:b7:38:ef:cb:f8:
5e:86:45:bd:01:53:bd:8a:51:f9:ff:4d:4c:da:38:
32:de:bb:c9:7c:4e:b5:c9:46:76:fd:fd:e3:5b:9c:
e9:dd:25:07:ef:28:ae:e5:5c:25:09:71:55:8a:5c:
68:19:ed:5b:0a:56:0e:5e:d0:9f:e9:98:e8:f2:63:
f0:96:02:9d:5e:e5:65:b0:28:67:59:62:90:0d:a9:
62:a8:91:49:0a:c0:b6:60:0d:b6:26:14:f4:38:17:
ba:89:07:3c:5f:c9:19:ed:c4:5b:4e:af:8d:dd:85:
be:8d:5c:16:75:c9:79:a1:b7:1d:12:e8:cf:49:f9:
98:a8:fa:3f:19:52:95:e4:8b:34:f4:92:4e:f9:74:
6d:52:da:c8:0e:1b:67:89:4e:93:ed:c5:b0:db:3d:
d4:85:80:9b:0a:59:66:99:47:c1:ea:85:a7:e4:c6:
08:01:1d:56:f1:91:32:01:c0:3c:cf:03:45:96:08:
a2:c9:ed:7c:c0:09:9a:e0:1b:41:48:33:68:f1:cc:
b3:1a:d2:d0:02:7f:80:f1:05:f0:00:0a:c1:d1:bf:
63:d7:39:49:3e:d3:6a:81:3e:c5:17:9e:66:3d:83:
be:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9D:95:E7:FF:A1:5E:57:14:DA:2D:D6:7A:10:CC:B4:D3:A8:10:BE
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/SJ2V5_-hXlcU2i3WehDMtNOoEL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.90.0/23
5.42.93.0/24
IPv6:
2a13:5980::/29
Signature Algorithm: sha256WithRSAEncryption
56:2d:6a:3b:d4:c3:17:c9:81:68:8b:1a:b4:2a:3c:b2:32:34:
0b:cc:66:d5:07:74:94:48:1f:e2:f0:2e:6c:e1:b7:d3:2b:fc:
4e:2b:08:74:8c:3c:a2:40:0c:ff:da:ed:e2:77:58:42:fb:0c:
87:43:48:2a:11:df:81:4b:b2:7e:da:61:66:50:91:84:af:d9:
56:33:9f:b5:db:83:dc:12:3b:f6:e5:2d:b4:e9:18:60:71:0e:
ef:9d:f1:3e:8b:db:90:7d:d7:2a:7e:51:1b:a7:83:0f:50:e2:
b8:16:11:87:57:3b:d1:5f:ba:1f:0a:a9:4f:d8:99:15:4c:d9:
06:09:12:7c:28:3c:64:eb:24:ef:d4:c8:9b:4d:6b:1d:90:cb:
44:a2:b1:2a:b9:b9:cd:5a:4b:46:4d:3b:65:40:b2:be:10:f0:
f8:3a:81:ab:aa:10:56:45:f4:f1:ad:25:90:71:a1:29:f7:a9:
a5:b2:33:e7:8a:61:a4:c0:ff:9c:4a:0e:c5:26:0b:3f:9e:7b:
fe:76:72:3a:69:ca:5f:2f:09:fe:7f:4b:74:7e:ac:9b:05:ef:
d8:e5:e6:e0:bd:2f:4d:6e:d9:9a:be:14:d7:fb:63:9b:38:6c:
e4:f0:88:c5:a4:fd:88:a5:5e:87:9a:6a:bc:6f:ff:6e:13:2d:
33:dd:8d:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY163/q6l7KjeAyvvdrBu2Z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjQwMjA1MjAwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODlkOTVlN2ZmYTE1ZTU3MTRkYTJkZDY3YTEwY2NiNGQzYTgxMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nn+4ribSoYROvElZTiYbRPy11Ko
W3MLtzjvy/hehkW9AVO9ilH5/01M2jgy3rvJfE61yUZ2/f3jW5zp3SUH7yiu5Vwl
CXFVilxoGe1bClYOXtCf6Zjo8mPwlgKdXuVlsChnWWKQDaliqJFJCsC2YA22JhT0
OBe6iQc8X8kZ7cRbTq+N3YW+jVwWdcl5obcdEujPSfmYqPo/GVKV5Is09JJO+XRt
UtrIDhtniU6T7cWw2z3UhYCbCllmmUfB6oWn5MYIAR1W8ZEyAcA8zwNFlgiiye18
wAma4BtBSDNo8cyzGtLQAn+A8QXwAArB0b9j1zlJPtNqgT7FF55mPYO+eQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEidlef/oV5XFNot1noQzLTTqBC+MB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvU0oyVjVfLWhYbGNVMmkzV2VoRE10Tk9vRUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBSpaAwQA
BSpdMA0EAgACMAcDBQMqE1mAMA0GCSqGSIb3DQEBCwUAA4IBAQBWLWo71MMXyYFo
ixq0KjyyMjQLzGbVB3SUSB/i8C5s4bfTK/xOKwh0jDyiQAz/2u3id1hC+wyHQ0gq
Ed+BS7J+2mFmUJGEr9lWM5+124PcEjv25S206RhgcQ7vnfE+i9uQfdcqflEbp4MP
UOK4FhGHVzvRX7ofCqlP2JkVTNkGCRJ8KDxk6yTv1MibTWsdkMtEorEqubnNWktG
TTtlQLK+EPD4OoGrqhBWRfTxrSWQcaEp96mlsjPnimGkwP+cSg7FJgs/nnv+dnI6
acpfLwn+f0t0fqybBe/Y5ebgvS9NbtmavhTX+2ObOGzk8IjFpP2IpV6Hmmq8b/9u
Ey0z3Y2t
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:38 2024 by rpki-client on console-ams.rpki-client.org