Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2o9gbK2p1kMyXqlYMxHfAjKIJR4.roa
File: 2o9gbK2p1kMyXqlYMxHfAjKIJR4.roa (raw, json)
Hash identifier: bkEIkCpUoSZ4CN1c79Lm0AhThsD8BFBBbS1SwL6IUc8=
Subject key identifier: DA:8F:60:6C:AD:A9:D6:43:32:5E:A9:58:33:11:DF:02:32:88:25:1E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01856BE5AFD8ADAC63A7AE18F9672AD19BDB
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2o9gbK2p1kMyXqlYMxHfAjKIJR4.roa
Signing time: Sun 01 Jan 2023 05:54:52 +0000
ROA not before: Sun 01 Jan 2023 05:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 5.105.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:af:d8:ad:ac:63:a7:ae:18:f9:67:2a:d1:9b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 05:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da8f606cada9d643325ea9583311df023288251e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:97:cd:b6:90:93:de:30:ff:e0:99:ec:fd:fb:
5c:52:34:36:b7:92:30:75:67:ee:97:16:c2:89:90:
df:05:29:29:ce:de:10:40:e1:a6:ce:2f:f8:27:f2:
c1:51:66:a2:0c:c3:d5:a8:73:5d:5e:5d:41:5e:de:
5c:5b:6f:12:5b:dd:6a:46:0b:ac:23:ef:bd:bb:e2:
ba:2c:42:aa:01:13:7c:01:24:da:d1:ab:72:c1:f8:
28:4c:95:ed:aa:60:0a:64:85:e9:d3:4f:69:42:26:
10:b0:b5:70:6b:c9:f7:c6:4b:bf:83:1c:0c:e4:96:
fb:ab:00:f5:57:d2:f1:9b:97:2d:dc:3d:e0:30:83:
95:31:34:ee:53:d0:a2:7b:1d:58:c4:03:52:09:8d:
ad:be:a6:ff:25:ac:84:af:00:1e:db:d8:2e:dd:8c:
ec:c6:b0:59:4f:a1:f1:0c:b8:47:15:5c:37:64:99:
e8:ab:69:76:8c:9b:1a:fc:99:51:fc:72:ef:e4:f2:
fd:54:89:bb:64:a1:2e:30:5a:bb:90:e9:d5:08:41:
84:6a:c0:4a:25:31:24:3e:a7:70:48:44:57:43:7a:
40:e6:d6:51:85:21:79:83:09:ba:01:77:87:ea:88:
2d:b5:d9:97:95:fe:c1:4f:f2:2c:a3:52:ac:57:14:
e2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8F:60:6C:AD:A9:D6:43:32:5E:A9:58:33:11:DF:02:32:88:25:1E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2o9gbK2p1kMyXqlYMxHfAjKIJR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.10.0/24
Signature Algorithm: sha256WithRSAEncryption
91:8e:1d:c4:2a:00:df:d9:ac:3d:44:3f:e0:28:10:46:10:9a:
a8:33:a2:d3:5c:54:8d:5b:04:07:91:99:6d:d0:d8:c1:9d:5d:
97:e4:33:af:58:0f:dd:e8:3e:d3:96:ed:c9:12:01:de:3f:9c:
b6:78:de:4e:f0:8e:a1:80:82:4e:66:04:e5:66:e5:2f:9c:63:
0d:62:ff:4b:7c:e0:3d:41:e9:0e:8d:53:f9:33:71:66:72:fb:
3c:b9:68:3f:a3:a2:9b:4e:2f:e1:0e:a7:e0:56:58:6c:c4:fe:
86:17:f8:99:18:d7:b8:db:7e:ae:0d:6f:90:6d:d9:e6:9a:ea:
d8:49:5e:7d:c2:89:ed:d8:7f:8c:f7:68:1c:61:6f:87:47:78:
d7:97:3e:bc:5f:fd:49:e3:14:ac:c6:6a:2d:04:4e:1a:da:3d:
df:60:2a:84:8e:26:13:e6:40:39:02:9c:78:f4:80:5a:55:11:
c1:6a:6b:e2:f1:de:e3:c1:2d:07:2f:73:9b:2a:6e:93:71:ef:
08:bc:11:81:3e:bb:7d:4e:7c:ae:d9:94:3a:72:be:4a:e9:2e:
5e:13:5e:7b:65:81:18:3b:40:2f:2b:46:4c:58:3c:90:9a:2e:
ec:50:40:1a:15:22:04:3f:0f:b1:f0:14:07:2c:38:21:5b:53:
4a:c3:dc:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr5a/Yraxjp64Y+Wcq0ZvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThmNjA2Y2FkYTlkNjQzMzI1ZWE5NTgzMzExZGYwMjMyODgyNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5fNtpCT3jD/4Jns/ftcUjQ2t5Iw
dWfulxbCiZDfBSkpzt4QQOGmzi/4J/LBUWaiDMPVqHNdXl1BXt5cW28SW91qRgus
I++9u+K6LEKqARN8ASTa0atywfgoTJXtqmAKZIXp009pQiYQsLVwa8n3xku/gxwM
5Jb7qwD1V9Lxm5ct3D3gMIOVMTTuU9Ciex1YxANSCY2tvqb/JayErwAe29gu3Yzs
xrBZT6HxDLhHFVw3ZJnoq2l2jJsa/JlR/HLv5PL9VIm7ZKEuMFq7kOnVCEGEasBK
JTEkPqdwSERXQ3pA5tZRhSF5gwm6AXeH6ogttdmXlf7BT/Iso1KsVxTiHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqPYGytqdZDMl6pWDMR3wIyiCUeMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMm85Z2JLMnAxa015WHFsWU14SGZBaktJSlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkKMA0G
CSqGSIb3DQEBCwUAA4IBAQCRjh3EKgDf2aw9RD/gKBBGEJqoM6LTXFSNWwQHkZlt
0NjBnV2X5DOvWA/d6D7Tlu3JEgHeP5y2eN5O8I6hgIJOZgTlZuUvnGMNYv9LfOA9
QekOjVP5M3Fmcvs8uWg/o6KbTi/hDqfgVlhsxP6GF/iZGNe4236uDW+QbdnmmurY
SV59wont2H+M92gcYW+HR3jXlz68X/1J4xSsxmotBE4a2j3fYCqEjiYT5kA5Apx4
9IBaVRHBamvi8d7jwS0HL3ObKm6Tce8IvBGBPrt9Tnyu2ZQ6cr5K6S5eE157ZYEY
O0AvK0ZMWDyQmi7sUEAaFSIEPw+x8BQHLDghW1NKw9yu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:59 2023 by rpki-client on console-ams.rpki-client.org