Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/CPylTtUl-APF_U4LWv10Hn-AGs0.roa
File: CPylTtUl-APF_U4LWv10Hn-AGs0.roa (raw, json)
Hash identifier: r2ZH3R9ZyMUHlc4y3WLfEkgf03ITeoaVnBaZ0XfCivs=
Subject key identifier: 08:FC:A5:4E:D5:25:F8:03:C5:FD:4E:0B:5A:FD:74:1E:7F:80:1A:CD
Certificate issuer: /CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Certificate serial: 018C629CDE9EBC86D85CE6132988EA02B29E
Authority key identifier: 7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/CPylTtUl-APF_U4LWv10Hn-AGs0.roa
Signing time: Wed 13 Dec 2023 09:58:16 +0000
ROA not before: Wed 13 Dec 2023 09:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215927
IP address blocks: 5.252.11.0/24 maxlen: 24
5.252.10.0/23 maxlen: 23
5.252.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:9c:de:9e:bc:86:d8:5c:e6:13:29:88:ea:02:b2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Validity
Not Before: Dec 13 09:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08fca54ed525f803c5fd4e0b5afd741e7f801acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1a:9f:8a:91:60:19:27:eb:90:d1:97:b2:44:
4d:7b:3c:5c:7c:3b:73:bf:d1:f7:a8:7b:71:81:96:
5e:65:19:d5:fe:90:12:6a:78:16:66:4e:fe:fb:52:
de:f1:b2:dd:b9:7e:2d:b1:06:f6:13:f8:36:15:32:
48:78:72:38:6f:23:8d:f4:fd:4d:61:28:73:fa:b9:
ca:62:d5:d1:b3:94:22:76:2f:4b:fc:8b:84:8b:44:
45:ee:8b:23:71:36:6c:33:21:9e:fe:d2:09:51:1a:
25:8e:42:4b:d4:9c:81:b3:22:51:27:45:e3:6c:db:
9e:c6:51:34:81:d6:ff:c5:47:34:3f:61:00:91:8a:
73:9f:f1:f3:ee:54:a7:3a:01:0e:3e:97:31:d5:b8:
d2:76:b6:da:dd:7c:4a:04:f0:da:3b:f4:88:a6:48:
45:f7:6b:aa:5e:51:2e:d3:84:09:5c:fd:76:29:2e:
fb:3d:b5:b1:75:84:89:3a:e9:c8:e4:0b:68:d3:d5:
e3:1a:60:eb:12:66:d5:be:7d:a1:22:70:af:fb:46:
5d:80:de:11:cd:77:8f:e1:2f:ee:06:6e:f1:4d:a3:
f5:98:6c:01:c4:d9:7b:70:6c:10:7f:6e:25:50:a3:
8d:23:1a:50:35:81:3c:2d:7a:cc:49:be:59:50:05:
a2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FC:A5:4E:D5:25:F8:03:C5:FD:4E:0B:5A:FD:74:1E:7F:80:1A:CD
X509v3 Authority Key Identifier:
keyid:7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/CPylTtUl-APF_U4LWv10Hn-AGs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fJEmcywvAZO8PeTo06vBX0uu1i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.10.0/23
Signature Algorithm: sha256WithRSAEncryption
05:65:21:56:a0:11:e5:4a:69:bc:74:59:0c:f7:f1:72:f1:13:
71:14:53:c4:5f:46:c0:28:d5:58:d5:f6:b9:9a:81:64:aa:2b:
4a:6d:c7:ec:01:9e:3c:9d:44:d1:46:21:8e:79:17:3a:fc:bb:
e9:88:03:17:31:e7:0a:bb:5f:d0:fa:33:76:0c:47:5a:2f:c2:
31:f8:95:4d:ca:e4:0c:4b:ed:ee:b9:de:15:c5:be:ac:84:48:
e2:44:a3:e5:ba:01:23:0b:db:c8:5b:05:ce:39:6d:2f:eb:80:
7f:86:e8:86:64:ed:8a:be:de:bd:48:d3:8b:5e:26:7c:85:61:
ce:28:60:14:dd:3a:d3:c7:00:24:d3:e2:63:81:d9:37:17:b8:
c0:e8:c4:1d:2c:5a:a8:d9:bc:a8:90:f0:56:6f:c0:e1:5d:61:
8c:b0:2a:27:a0:b0:99:47:22:75:0c:86:d2:04:19:1d:95:dc:
1e:37:7d:77:94:d3:cf:26:1c:09:6a:2d:8a:31:13:dd:55:9c:
74:37:35:71:80:3c:ce:17:dd:08:83:48:ef:eb:e2:e7:2f:47:
c7:5e:92:30:e1:10:c7:cb:87:41:81:2d:fc:fb:a0:67:0f:bb:
ee:cc:73:33:01:cf:d0:7d:ee:49:d1:f4:a9:f8:cc:e0:a1:65:
04:6d:bb:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxinN6evIbYXOYTKYjqArKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOTEyNjczMmMyZjAxOTNiYzNkZTRlOGQzYWJjMTVmNGJh
ZWQ2MmQwHhcNMjMxMjEzMDk1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGZjYTU0ZWQ1MjVmODAzYzVmZDRlMGI1YWZkNzQxZTdmODAxYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxqfipFgGSfrkNGXskRNezxcfDtz
v9H3qHtxgZZeZRnV/pASangWZk7++1Le8bLduX4tsQb2E/g2FTJIeHI4byON9P1N
YShz+rnKYtXRs5Qidi9L/IuEi0RF7osjcTZsMyGe/tIJURoljkJL1JyBsyJRJ0Xj
bNuexlE0gdb/xUc0P2EAkYpzn/Hz7lSnOgEOPpcx1bjSdrba3XxKBPDaO/SIpkhF
92uqXlEu04QJXP12KS77PbWxdYSJOunI5Ato09XjGmDrEmbVvn2hInCv+0ZdgN4R
zXeP4S/uBm7xTaP1mGwBxNl7cGwQf24lUKONIxpQNYE8LXrMSb5ZUAWi6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAj8pU7VJfgDxf1OC1r9dB5/gBrNMB8GA1UdIwQY
MBaAFHyRJnMsLwGTvD3k6NOrwV9LrtYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2Qt
ZDZiNzMwMjY2ZTc2LzEvQ1B5bFR0VWwtQVBGX1U0TFd2MTBIbi1BR3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2QtZDZiNzMwMjY2ZTc2
LzEvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBfwKMA0G
CSqGSIb3DQEBCwUAA4IBAQAFZSFWoBHlSmm8dFkM9/Fy8RNxFFPEX0bAKNVY1fa5
moFkqitKbcfsAZ48nUTRRiGOeRc6/LvpiAMXMecKu1/Q+jN2DEdaL8Ix+JVNyuQM
S+3uud4Vxb6shEjiRKPlugEjC9vIWwXOOW0v64B/huiGZO2Kvt69SNOLXiZ8hWHO
KGAU3TrTxwAk0+Jjgdk3F7jA6MQdLFqo2byokPBWb8DhXWGMsConoLCZRyJ1DIbS
BBkdldweN313lNPPJhwJai2KMRPdVZx0NzVxgDzOF90Ig0jv6+LnL0fHXpIw4RDH
y4dBgS38+6BnD7vuzHMzAc/Qfe5J0fSp+MzgoWUEbbvp
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:39 2024 by rpki-client on console-fra.rpki-client.org