Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/p6FGlHPZpVFR1C6cKsDifmFmPUI.roa
File: p6FGlHPZpVFR1C6cKsDifmFmPUI.roa (raw, json)
Hash identifier: UOn/ngq3UrinKZZvtcyJDgIHr+/RJdYwUiGn8yW7kiw=
Subject key identifier: A7:A1:46:94:73:D9:A5:51:51:D4:2E:9C:2A:C0:E2:7E:61:66:3D:42
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 018DA53357A2EBA3B62FB395FBEF8D83A189
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/p6FGlHPZpVFR1C6cKsDifmFmPUI.roa
Signing time: Wed 14 Feb 2024 01:20:21 +0000
ROA not before: Wed 14 Feb 2024 01:20:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210392
IP address blocks: 5.22.200.0/22 maxlen: 22
5.22.200.0/24 maxlen: 24
5.22.201.0/24 maxlen: 24
5.22.202.0/24 maxlen: 24
5.22.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a5:33:57:a2:eb:a3:b6:2f:b3:95:fb:ef:8d:83:a1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Feb 14 01:20:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7a1469473d9a55151d42e9c2ac0e27e61663d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1d:54:e7:47:56:70:20:cd:37:70:85:f6:43:
f1:4c:83:4d:5f:f0:1e:3b:63:53:13:01:fe:86:30:
1b:54:3a:28:4e:e3:17:b6:c9:d1:99:d3:f9:2d:31:
95:80:7e:7c:25:88:44:1f:b2:e1:59:28:0d:91:43:
07:70:d3:cd:13:e3:82:79:9c:8c:b8:0b:c3:c1:94:
21:87:de:13:24:c8:89:2d:a1:c6:eb:9b:a5:a8:da:
e4:13:e2:10:55:fc:b8:b9:01:25:b4:86:2c:cd:f8:
c3:47:06:2a:59:f2:0f:f0:b4:1c:20:75:08:0f:7b:
69:da:ff:b2:f1:15:72:35:c2:88:6f:1f:e8:9a:aa:
2c:f5:04:10:3d:74:72:29:0a:db:04:81:b2:60:91:
b3:08:4e:1a:d6:5f:e2:7c:60:0e:b2:be:72:99:62:
5e:78:83:0a:de:55:9c:f2:21:5c:b1:5a:57:9d:fd:
9d:5b:74:56:37:ca:54:bf:f9:7f:b1:3f:60:f9:75:
50:f6:05:c0:7d:f7:7b:9c:f1:62:de:78:dc:ae:b7:
4d:5f:ab:8b:db:78:a0:48:d4:e1:43:69:2c:84:35:
5c:8b:b1:fb:bd:94:95:54:d1:92:db:fd:63:48:e0:
40:73:17:f8:cf:61:7f:29:16:a4:3d:a8:ff:73:58:
0d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A1:46:94:73:D9:A5:51:51:D4:2E:9C:2A:C0:E2:7E:61:66:3D:42
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/p6FGlHPZpVFR1C6cKsDifmFmPUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.200.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:f1:5e:9f:09:17:96:22:a9:c2:95:86:8f:2d:18:ea:fb:58:
5e:cf:73:cd:39:21:48:83:fd:66:33:f9:e1:b2:b0:5c:84:1f:
22:66:bd:02:5f:44:f4:f5:7d:0b:58:e6:d4:87:62:ea:ef:dc:
ad:9b:8b:f2:50:7c:f3:bb:4c:5a:88:ce:38:cc:6f:12:29:4c:
d5:ec:1f:cb:06:94:c2:a7:cc:fb:45:ca:77:80:41:55:82:d0:
5f:f7:ed:72:00:8b:e5:a3:67:a0:87:65:ee:31:df:98:8b:49:
8c:05:6d:b7:92:26:81:f8:64:40:ea:e7:ef:5c:a8:c4:d2:0d:
1e:96:81:35:5f:6d:66:c9:fe:32:cc:42:9a:55:02:ad:f7:79:
6a:39:6d:14:b3:bb:86:d2:32:97:af:41:34:50:7d:ae:e0:e1:
b6:e7:5a:64:36:10:09:d9:c3:f7:fa:36:83:2b:47:91:07:10:
2b:19:c6:20:a9:cf:fe:9e:36:27:1b:37:d3:12:8f:35:87:92:
26:e1:6b:81:b9:ec:ef:e5:8b:7f:4e:93:63:c1:46:41:af:17:
90:9c:d6:25:ef:fa:a0:13:9b:cb:99:e6:a5:2e:91:15:0b:7e:
df:13:2a:65:f8:71:7b:53:59:27:0e:71:d3:84:48:56:5b:e4:
52:47:04:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2lM1ei66O2L7OV+++Ng6GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjQwMjE0MDEyMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ExNDY5NDczZDlhNTUxNTFkNDJlOWMyYWMwZTI3ZTYxNjYzZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx1U50dWcCDNN3CF9kPxTINNX/Ae
O2NTEwH+hjAbVDooTuMXtsnRmdP5LTGVgH58JYhEH7LhWSgNkUMHcNPNE+OCeZyM
uAvDwZQhh94TJMiJLaHG65ulqNrkE+IQVfy4uQEltIYszfjDRwYqWfIP8LQcIHUI
D3tp2v+y8RVyNcKIbx/omqos9QQQPXRyKQrbBIGyYJGzCE4a1l/ifGAOsr5ymWJe
eIMK3lWc8iFcsVpXnf2dW3RWN8pUv/l/sT9g+XVQ9gXAffd7nPFi3njcrrdNX6uL
23igSNThQ2kshDVci7H7vZSVVNGS2/1jSOBAcxf4z2F/KRakPaj/c1gN6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKehRpRz2aVRUdQunCrA4n5hZj1CMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvcDZGR2xIUFpwVkZSMUM2Y0tzRGlmbUZtUFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBRbIMA0G
CSqGSIb3DQEBCwUAA4IBAQCh8V6fCReWIqnClYaPLRjq+1hez3PNOSFIg/1mM/nh
srBchB8iZr0CX0T09X0LWObUh2Lq79ytm4vyUHzzu0xaiM44zG8SKUzV7B/LBpTC
p8z7Rcp3gEFVgtBf9+1yAIvlo2egh2XuMd+Yi0mMBW23kiaB+GRA6ufvXKjE0g0e
loE1X21myf4yzEKaVQKt93lqOW0Us7uG0jKXr0E0UH2u4OG251pkNhAJ2cP3+jaD
K0eRBxArGcYgqc/+njYnGzfTEo81h5Im4WuBuezv5Yt/TpNjwUZBrxeQnNYl7/qg
E5vLmealLpEVC37fEypl+HF7U1knDnHThEhWW+RSRwTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org