Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa
File: OBhDsDT1EVPV_QBouDxPzrAdug8.roa (raw, json)
Hash identifier: zLi002nqO3ERgroK3B5hEDk6aW6qORLU+THAZ/llOVk=
Subject key identifier: 38:18:43:B0:34:F5:11:53:D5:FD:00:68:B8:3C:4F:CE:B0:1D:BA:0F
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 018F83FECAEDF53D625E7FDABE547C1EB112
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa
Signing time: Fri 17 May 2024 00:41:04 +0000
ROA not before: Fri 17 May 2024 00:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210392
IP address blocks: 5.22.202.0/24 maxlen: 24
5.22.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:83:fe:ca:ed:f5:3d:62:5e:7f:da:be:54:7c:1e:b1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: May 17 00:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=381843b034f51153d5fd0068b83c4fceb01dba0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e7:06:5b:69:a9:47:e6:98:28:1a:75:2a:20:
d9:b8:84:dd:1d:42:05:a3:e4:bb:e3:78:b1:bb:2e:
d4:b0:2b:0a:cf:4f:2f:78:9a:71:cb:ed:cf:c7:62:
68:f8:2d:69:fb:63:ea:2f:15:01:f9:26:a2:d8:82:
6a:4f:28:77:b2:d3:56:00:d8:ef:c4:71:4a:8e:a0:
77:ba:ad:c0:b8:11:52:f8:be:0c:c3:72:b0:1b:52:
94:e0:ce:c3:a8:9b:12:f4:55:60:9c:4b:97:38:2d:
9e:fa:e0:f0:04:e5:e1:64:d0:f7:69:fd:06:e8:3e:
bc:c5:aa:c5:86:fc:5d:37:45:49:dd:24:cd:1b:9e:
25:d8:7d:a6:c9:08:0a:40:69:ed:c2:d7:7c:01:f5:
55:8f:bc:ed:f3:1c:83:f3:0c:40:33:b1:76:b4:8c:
c6:a8:ee:32:0d:ab:4e:7e:66:79:1c:9a:6a:cc:bc:
84:0a:1a:95:11:38:9c:f2:56:da:97:ac:9f:3f:12:
00:4b:e3:6b:1c:55:8d:29:92:73:59:46:99:24:d5:
31:96:69:41:72:97:91:4d:f1:3d:63:24:79:0e:59:
d1:17:42:c7:ff:c3:3d:46:e5:7a:39:5e:47:85:c5:
ab:1e:6f:3e:60:54:28:d8:75:b9:d2:26:33:98:99:
c5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:43:B0:34:F5:11:53:D5:FD:00:68:B8:3C:4F:CE:B0:1D:BA:0F
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/OBhDsDT1EVPV_QBouDxPzrAdug8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.202.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:77:73:17:63:ca:4f:b8:d4:2a:3e:62:bb:03:8e:41:e0:ec:
6c:d9:34:59:d5:2d:8d:d5:c4:b1:d4:9e:e7:5e:ef:3c:ed:24:
eb:b6:cc:b8:f6:42:da:74:db:5b:c3:d1:65:f5:2a:69:8b:c5:
fd:af:93:51:73:07:43:e4:db:42:2f:39:de:e9:fb:8a:ae:37:
87:fb:59:8e:b3:e2:94:7c:29:df:90:43:cc:62:da:2f:94:28:
c6:14:57:f4:26:e6:41:9d:0e:6e:11:f6:22:85:e4:e7:7e:de:
3a:2b:80:51:43:46:bd:62:57:17:af:8a:7f:19:67:a4:cb:0f:
39:c7:0b:0a:68:36:38:5c:80:08:af:ac:00:33:90:4a:7c:e9:
30:4a:d1:75:2d:0c:bb:36:b8:28:13:5c:d1:48:14:b6:08:ea:
53:e1:aa:2d:ee:91:06:c8:a9:17:68:e2:6b:f5:8e:aa:0f:09:
77:f7:83:eb:03:86:2c:14:31:e4:00:b3:43:7e:bd:9b:3c:44:
ad:b4:37:12:0d:d9:41:5d:ad:a5:fb:6a:ae:73:f6:00:83:b4:
78:06:ac:ab:43:ab:8e:d7:f8:c2:d4:35:5a:f9:50:66:9b:39:
82:87:cc:c1:f6:82:81:52:49:08:0c:8f:03:f3:26:16:d8:32:
d7:5f:1b:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+D/srt9T1iXn/avlR8HrESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjQwNTE3MDA0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE4NDNiMDM0ZjUxMTUzZDVmZDAwNjhiODNjNGZjZWIwMWRiYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OcGW2mpR+aYKBp1KiDZuITdHUIF
o+S743ixuy7UsCsKz08veJpxy+3Px2Jo+C1p+2PqLxUB+Sai2IJqTyh3stNWANjv
xHFKjqB3uq3AuBFS+L4Mw3KwG1KU4M7DqJsS9FVgnEuXOC2e+uDwBOXhZND3af0G
6D68xarFhvxdN0VJ3STNG54l2H2myQgKQGntwtd8AfVVj7zt8xyD8wxAM7F2tIzG
qO4yDatOfmZ5HJpqzLyEChqVETic8lbal6yfPxIAS+NrHFWNKZJzWUaZJNUxlmlB
cpeRTfE9YyR5DlnRF0LH/8M9RuV6OV5HhcWrHm8+YFQo2HW50iYzmJnFjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgYQ7A09RFT1f0AaLg8T86wHboPMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvT0JoRHNEVDFFVlBWX1FCb3VEeFB6ckFkdWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBRbKMA0G
CSqGSIb3DQEBCwUAA4IBAQCid3MXY8pPuNQqPmK7A45B4Oxs2TRZ1S2N1cSx1J7n
Xu887STrtsy49kLadNtbw9Fl9Sppi8X9r5NRcwdD5NtCLzne6fuKrjeH+1mOs+KU
fCnfkEPMYtovlCjGFFf0JuZBnQ5uEfYiheTnft46K4BRQ0a9YlcXr4p/GWekyw85
xwsKaDY4XIAIr6wAM5BKfOkwStF1LQy7NrgoE1zRSBS2COpT4aot7pEGyKkXaOJr
9Y6qDwl394PrA4YsFDHkALNDfr2bPESttDcSDdlBXa2l+2quc/YAg7R4BqyrQ6uO
1/jC1DVa+VBmmzmCh8zB9oKBUkkIDI8D8yYW2DLXXxtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org