Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/9DN1RjFy3eIPmlF130GGSAr938o.roa
File: 9DN1RjFy3eIPmlF130GGSAr938o.roa (raw, json)
Hash identifier: GCB6hB6lg8PBb5rWYxvpYL/sWUc4Cb2bXi1Sl9xtSEg=
Subject key identifier: F4:33:75:46:31:72:DD:E2:0F:9A:51:75:DF:41:86:48:0A:FD:DF:CA
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 018FF9E55652228A5FB32EF3205BB9861725
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/9DN1RjFy3eIPmlF130GGSAr938o.roa
Signing time: Sat 08 Jun 2024 22:08:27 +0000
ROA not before: Sat 08 Jun 2024 22:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215671
IP address blocks: 5.22.200.0/24 maxlen: 24
2a06:bd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 09 Jun 2024 20:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f9:e5:56:52:22:8a:5f:b3:2e:f3:20:5b:b9:86:17:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Jun 8 22:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f43375463172dde20f9a5175df4186480afddfca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:89:93:95:83:d2:f9:96:0c:59:a3:a1:e0:f4:
46:21:71:02:2c:32:09:5e:8e:42:20:51:b7:53:28:
b4:a7:79:1f:9d:32:83:1a:a4:6e:55:52:86:66:5a:
7f:ee:d1:7a:a0:16:75:2d:6e:f4:d0:e7:45:18:19:
53:5a:c5:6d:2f:cc:54:24:43:4d:7d:40:04:99:47:
46:0a:dd:fc:d4:98:b2:4b:4d:f3:57:90:5b:0e:83:
ff:9a:25:bf:75:7e:a9:b7:8f:44:6b:57:8e:3e:36:
03:07:f2:4c:3b:77:87:41:b3:e3:69:6f:2a:81:13:
b1:b2:b8:d9:c4:a5:28:71:f0:ff:98:fd:66:07:a0:
57:bd:ac:5b:a1:4c:83:82:48:d6:f2:78:2f:08:94:
37:c6:0b:d6:d6:7d:49:df:c0:e2:15:a7:60:8a:66:
ca:b6:b8:5a:f0:a1:f6:8d:dd:03:97:07:49:ec:85:
24:93:98:59:27:f5:d9:aa:7e:78:d2:a9:90:e1:33:
8b:b9:42:dd:d7:22:9b:1e:0a:5f:be:7e:86:e5:dd:
41:93:d3:4c:52:36:44:5b:28:67:65:01:31:a2:53:
d4:a1:fc:41:4c:c0:16:3e:dc:b0:59:ef:c8:2b:30:
3e:47:09:de:fc:f7:92:5a:52:98:b5:83:2f:96:7f:
a5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:33:75:46:31:72:DD:E2:0F:9A:51:75:DF:41:86:48:0A:FD:DF:CA
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/9DN1RjFy3eIPmlF130GGSAr938o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.200.0/24
IPv6:
2a06:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
0e:22:ee:b5:f2:92:63:d9:2b:42:bf:63:52:b7:5c:a9:54:fc:
40:65:0b:68:5c:d0:79:56:b1:9a:bc:ca:fe:02:64:4f:f1:36:
5d:a8:b8:b3:d7:2a:26:96:96:ca:66:9e:77:2d:54:ce:57:e5:
ba:54:00:8b:f5:e0:8b:36:b8:9b:cc:ec:a4:5d:62:0d:fb:8c:
59:33:24:ca:31:1e:b8:66:23:b6:9b:dc:00:cb:00:fd:27:ee:
c2:92:08:39:45:30:cd:c6:35:53:a1:0e:a4:73:05:60:cf:25:
d8:8a:bd:0b:42:f2:25:8f:64:c2:05:82:22:9c:fd:c4:52:c2:
95:6a:52:24:cc:04:68:80:73:de:a7:4f:b1:99:fb:06:0b:39:
e1:4c:c7:b8:d5:7e:87:6d:6d:f4:ce:86:72:53:58:52:7f:a4:
05:72:67:a1:59:33:96:6b:62:0b:ef:bf:61:51:5d:3c:7e:5a:
db:d2:68:b3:74:62:71:20:dd:78:54:9c:84:d8:00:00:52:16:
4f:18:ac:a3:20:a0:ce:50:e9:1e:31:61:e0:25:ec:1b:ff:f3:
e8:a8:eb:e9:a2:14:7d:8e:18:70:41:d6:10:04:c2:38:9a:08:
a8:c8:39:cf:b2:5b:b4:84:d2:d2:fe:a9:b2:76:b7:65:eb:96:
d4:8a:0a:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/55VZSIopfsy7zIFu5hhclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjQwNjA4MjIwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMzNzU0NjMxNzJkZGUyMGY5YTUxNzVkZjQxODY0ODBhZmRkZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmomTlYPS+ZYMWaOh4PRGIXECLDIJ
Xo5CIFG3Uyi0p3kfnTKDGqRuVVKGZlp/7tF6oBZ1LW700OdFGBlTWsVtL8xUJENN
fUAEmUdGCt381JiyS03zV5BbDoP/miW/dX6pt49Ea1eOPjYDB/JMO3eHQbPjaW8q
gROxsrjZxKUocfD/mP1mB6BXvaxboUyDgkjW8ngvCJQ3xgvW1n1J38DiFadgimbK
trha8KH2jd0DlwdJ7IUkk5hZJ/XZqn540qmQ4TOLuULd1yKbHgpfvn6G5d1Bk9NM
UjZEWyhnZQExolPUofxBTMAWPtywWe/IKzA+Rwne/PeSWlKYtYMvln+lKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQzdUYxct3iD5pRdd9BhkgK/d/KMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvOUROMVJqRnkzZUlQbWxGMTMwR0dTQXI5MzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABRbIMA0E
AgACMAcDBQMqBr1AMA0GCSqGSIb3DQEBCwUAA4IBAQAOIu618pJj2StCv2NSt1yp
VPxAZQtoXNB5VrGavMr+AmRP8TZdqLiz1yomlpbKZp53LVTOV+W6VACL9eCLNrib
zOykXWIN+4xZMyTKMR64ZiO2m9wAywD9J+7Ckgg5RTDNxjVToQ6kcwVgzyXYir0L
QvIlj2TCBYIinP3EUsKValIkzARogHPep0+xmfsGCznhTMe41X6HbW30zoZyU1hS
f6QFcmehWTOWa2IL779hUV08flrb0mizdGJxIN14VJyE2AAAUhZPGKyjIKDOUOke
MWHgJewb//PoqOvpohR9jhhwQdYQBMI4mgioyDnPslu0hNLS/qmydrdl65bUigrn
-----END CERTIFICATE-----
Generated at Sun Jun 9 21:46:45 2024 by rpki-client on console-ams.rpki-client.org