Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/a8f02b-6563-40a9-a35a-1f09bb6db1b6/1/5cM9AKioZpitiCAzQSQ6TzsM-14.roa
File: 5cM9AKioZpitiCAzQSQ6TzsM-14.roa (raw, json)
Hash identifier: OS2CtUmDm4LaVdCLAAibuGbhaTWBoma3wdui+VemokE=
Subject key identifier: E5:C3:3D:00:A8:A8:66:98:AD:88:20:33:41:24:3A:4F:3B:0C:FB:5E
Certificate issuer: /CN=8b511865930299763e0e5f2d82567dc5a1d53e79
Certificate serial: 01856D53EAACFA219C745075C75C58F0165B
Authority key identifier: 8B:51:18:65:93:02:99:76:3E:0E:5F:2D:82:56:7D:C5:A1:D5:3E:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i1EYZZMCmXY-Dl8tglZ9xaHVPnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/a8f02b-6563-40a9-a35a-1f09bb6db1b6/1/5cM9AKioZpitiCAzQSQ6TzsM-14.roa
Signing time: Sun 01 Jan 2023 12:34:54 +0000
ROA not before: Sun 01 Jan 2023 12:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15461
IP address blocks: 193.93.12.0/22 maxlen: 32
91.219.220.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ea:ac:fa:21:9c:74:50:75:c7:5c:58:f0:16:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b511865930299763e0e5f2d82567dc5a1d53e79
Validity
Not Before: Jan 1 12:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5c33d00a8a86698ad88203341243a4f3b0cfb5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:53:a4:56:8c:9e:37:b4:ee:fb:bd:90:8f:
b0:72:15:92:79:0a:62:67:54:fe:1a:40:3f:6b:73:
fc:a9:58:61:3b:97:64:e0:0c:35:26:cb:1e:2f:6b:
ac:ab:94:02:98:2b:49:d8:7a:71:8f:a1:93:96:d0:
0f:a9:5a:0d:e9:59:59:22:e8:d2:e4:be:b5:7e:be:
f6:c7:e5:67:37:76:fe:3e:18:80:07:52:b1:ce:15:
b6:42:b4:bd:a9:9d:46:c0:eb:7a:84:eb:e6:47:95:
2b:c5:50:bc:cb:93:d1:53:5e:f6:26:45:c5:b2:31:
91:99:8f:58:7a:88:38:be:a1:2a:e1:cb:23:6c:1d:
fa:54:96:62:c1:68:75:8a:2e:2e:28:2f:80:29:b8:
b7:01:cd:61:21:8b:4f:b1:bf:b7:aa:bb:0a:57:74:
8e:ab:36:46:a5:80:e0:19:3e:e3:ff:d0:f6:2b:2f:
da:15:9a:bb:f2:d2:0d:7e:b6:be:ea:53:a0:05:e9:
54:20:2d:65:53:c7:86:56:9c:a5:45:b4:8a:b8:7b:
80:47:d5:1a:4a:94:24:41:54:fd:23:7e:36:93:bc:
aa:dd:d9:5b:b0:b4:27:54:34:4d:19:cf:06:c6:94:
bc:cb:c7:3d:a9:ef:99:10:41:b9:36:33:e0:0d:aa:
2c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C3:3D:00:A8:A8:66:98:AD:88:20:33:41:24:3A:4F:3B:0C:FB:5E
X509v3 Authority Key Identifier:
keyid:8B:51:18:65:93:02:99:76:3E:0E:5F:2D:82:56:7D:C5:A1:D5:3E:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i1EYZZMCmXY-Dl8tglZ9xaHVPnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/a8f02b-6563-40a9-a35a-1f09bb6db1b6/1/5cM9AKioZpitiCAzQSQ6TzsM-14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/a8f02b-6563-40a9-a35a-1f09bb6db1b6/1/i1EYZZMCmXY-Dl8tglZ9xaHVPnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.220.0/22
193.93.12.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:b8:24:71:27:79:b3:ca:be:aa:6f:ec:12:6a:16:30:26:0d:
44:f7:46:41:7c:eb:26:9c:01:7a:11:9b:7b:4f:c3:73:1b:dd:
06:0b:f7:96:bb:af:72:86:ef:71:c8:fe:87:79:7a:1e:38:36:
b6:19:95:77:46:a0:6e:59:dd:4b:a9:21:fa:85:aa:82:a2:21:
b8:fe:b5:d2:42:98:88:09:d6:75:04:b7:92:43:0b:c3:4f:4a:
cd:cd:e3:bc:df:8e:be:24:7f:be:17:be:fe:a4:95:d8:95:b0:
4c:77:8c:50:ba:6d:dd:a7:cb:1d:3b:9b:f5:ed:6d:a5:e8:a6:
f2:e4:19:a0:cb:bd:79:8c:2a:33:38:a1:34:e5:03:30:0e:15:
c7:4d:3d:96:82:00:53:40:a8:17:db:7d:5e:70:50:09:c3:f2:
5f:77:b2:52:9b:d8:d0:27:bc:1a:06:60:d1:4c:9a:4d:76:4f:
9b:00:61:8e:6a:72:c4:9e:53:2e:39:5c:82:00:61:4b:72:ed:
fe:ca:95:f0:62:f9:79:5e:96:fc:5d:7d:94:d7:32:81:c7:4e:
9e:a7:bd:ad:46:75:5c:91:0e:ee:fd:86:0b:30:89:d2:d2:ad:
04:aa:e7:05:6b:fc:c4:fa:33:b5:1a:4d:73:cb:cc:a0:18:a6:
28:72:b1:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU+qs+iGcdFB1x1xY8BZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNTExODY1OTMwMjk5NzYzZTBlNWYyZDgyNTY3ZGM1YTFk
NTNlNzkwHhcNMjMwMTAxMTIzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMzM2QwMGE4YTg2Njk4YWQ4ODIwMzM0MTI0M2E0ZjNiMGNmYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofZTpFaMnje07vu9kI+wchWSeQpi
Z1T+GkA/a3P8qVhhO5dk4Aw1JsseL2usq5QCmCtJ2Hpxj6GTltAPqVoN6VlZIujS
5L61fr72x+VnN3b+PhiAB1KxzhW2QrS9qZ1GwOt6hOvmR5UrxVC8y5PRU172JkXF
sjGRmY9Yeog4vqEq4csjbB36VJZiwWh1ii4uKC+AKbi3Ac1hIYtPsb+3qrsKV3SO
qzZGpYDgGT7j/9D2Ky/aFZq78tINfra+6lOgBelUIC1lU8eGVpylRbSKuHuAR9Ua
SpQkQVT9I342k7yq3dlbsLQnVDRNGc8GxpS8y8c9qe+ZEEG5NjPgDaosDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOXDPQCoqGaYrYggM0EkOk87DPteMB8GA1UdIwQY
MBaAFItRGGWTApl2Pg5fLYJWfcWh1T55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTFFWVpaTUNtWFktRGw4dGdsWjl4YUhWUG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9hOGYwMmItNjU2My00MGE5LWEzNWEt
MWYwOWJiNmRiMWI2LzEvNWNNOUFLaW9acGl0aUNBelFTUTZUenNNLTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9hOGYwMmItNjU2My00MGE5LWEzNWEtMWYwOWJiNmRiMWI2
LzEvaTFFWVpaTUNtWFktRGw4dGdsWjl4YUhWUG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9vcAwQC
wV0MMA0GCSqGSIb3DQEBCwUAA4IBAQBvuCRxJ3mzyr6qb+wSahYwJg1E90ZBfOsm
nAF6EZt7T8NzG90GC/eWu69yhu9xyP6HeXoeODa2GZV3RqBuWd1LqSH6haqCoiG4
/rXSQpiICdZ1BLeSQwvDT0rNzeO8346+JH++F77+pJXYlbBMd4xQum3dp8sdO5v1
7W2l6Kby5Bmgy715jCozOKE05QMwDhXHTT2WggBTQKgX231ecFAJw/Jfd7JSm9jQ
J7waBmDRTJpNdk+bAGGOanLEnlMuOVyCAGFLcu3+ypXwYvl5Xpb8XX2U1zKBx06e
p72tRnVckQ7u/YYLMInS0q0EqucFa/zE+jO1Gk1zy8ygGKYocrFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:24 2024 by rpki-client on console-ams.rpki-client.org