Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/xJMxUFlzKMSjlodkoN5Llws8lcc.roa
File: xJMxUFlzKMSjlodkoN5Llws8lcc.roa (raw, json)
Hash identifier: +A+QGma3cfBoFphPWshLkgofp+FU6aIc7NaliOF7TFA=
Subject key identifier: C4:93:31:50:59:73:28:C4:A3:96:87:64:A0:DE:4B:97:0B:3C:95:C7
Certificate issuer: /CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Certificate serial: 01861755934F606B342C49B1AF5F46DE6FD2
Authority key identifier: 0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/xJMxUFlzKMSjlodkoN5Llws8lcc.roa
Signing time: Fri 03 Feb 2023 12:52:09 +0000
ROA not before: Fri 03 Feb 2023 12:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201589
IP address blocks: 5.101.71.0/24 maxlen: 24
5.101.37.0/24 maxlen: 24
5.101.36.0/24 maxlen: 24
5.101.38.0/24 maxlen: 24
5.101.39.0/24 maxlen: 24
2a13:1ec0:1000::/44 maxlen: 44
2a13:1ec0:1010::/44 maxlen: 44
2a13:1ec0::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:55:93:4f:60:6b:34:2c:49:b1:af:5f:46:de:6f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Validity
Not Before: Feb 3 12:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4933150597328c4a3968764a0de4b970b3c95c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:26:58:d0:2b:bd:2e:e4:7f:2e:1d:a7:31:3b:
6d:8e:12:73:c9:9f:c4:f3:c3:b1:be:83:51:84:98:
1f:5a:5d:52:42:51:af:56:8b:10:58:31:bb:03:18:
ef:c7:81:d9:8e:ee:a6:b1:bb:81:a8:a8:82:30:71:
ee:d2:59:6b:cd:f0:2b:0a:0a:b3:f0:74:e8:1a:db:
5c:dd:23:02:11:8f:b2:ab:11:11:23:71:b2:ac:ef:
f2:9f:08:e7:0d:43:4b:85:93:60:40:67:45:55:18:
9b:fb:7d:5a:6c:03:3e:bb:78:fe:0b:d9:c2:5c:b3:
ca:8b:86:4d:56:e2:85:e3:54:99:18:d8:fe:6c:ea:
23:91:83:5d:5d:bc:72:a0:b7:70:6d:8b:ae:86:33:
4e:ad:43:ea:c2:b6:85:f0:74:d1:2a:8f:dd:67:92:
8b:c0:e7:c7:f3:9a:55:3a:7c:48:74:e7:9b:ef:68:
cb:a1:12:b4:05:a2:70:91:5f:03:c1:d5:05:80:45:
1c:4d:78:6f:b8:55:41:b3:96:86:15:cb:22:c8:e5:
92:60:58:b2:03:0f:ab:8f:5d:c7:42:99:a1:34:db:
56:f0:7b:30:92:c6:7d:86:a0:f6:aa:2e:b3:56:21:
d8:2f:b7:e6:93:da:fc:7a:f2:d1:65:c4:cc:65:d9:
c5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:93:31:50:59:73:28:C4:A3:96:87:64:A0:DE:4B:97:0B:3C:95:C7
X509v3 Authority Key Identifier:
keyid:0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/xJMxUFlzKMSjlodkoN5Llws8lcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.36.0/22
5.101.71.0/24
IPv6:
2a13:1ec0::/44
2a13:1ec0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
35:8b:3b:ff:36:62:7a:55:e2:23:f5:5e:02:22:c0:c6:bf:71:
f5:dd:c4:14:9a:1f:59:ff:0a:00:68:4a:bd:58:d8:e4:d0:4a:
86:83:22:2f:0e:fc:5b:4e:a4:46:d2:3b:19:ce:1e:e3:0d:23:
83:17:b0:d4:bb:9f:68:63:4f:cb:b6:73:fd:c7:09:ac:3a:21:
2c:a5:fc:6d:e5:91:8e:9d:fa:2d:2f:d3:1d:9b:3e:58:5b:eb:
30:7b:ae:5a:36:b2:30:cc:3a:71:8b:29:0b:2b:6f:d8:06:8c:
eb:e8:33:d0:db:a9:2f:42:ea:fd:59:1b:e6:93:87:42:3b:57:
6c:17:8b:6b:7f:d5:c1:fe:f8:a8:f2:a5:b3:75:18:7c:0e:f4:
26:68:d1:87:c4:e8:54:fb:9b:cc:5f:d4:d4:7a:50:33:da:23:
91:21:90:60:37:41:55:dc:03:6c:70:3e:ab:39:85:03:df:df:
64:f7:b3:04:87:34:d9:73:93:c2:fe:86:33:9a:8a:a0:2f:f0:
ba:4e:28:5e:8f:ca:6a:7e:7f:24:d2:d4:ac:f6:12:7b:bf:67:
d7:bc:49:9b:fd:05:d4:cf:bc:59:41:44:e7:2e:8a:af:41:8b:
7e:01:7b:f9:a3:2b:c2:95:55:6c:83:ef:b8:51:95:bd:4c:48:
fa:e3:74:66
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYYXVZNPYGs0LEmxr19G3m/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMGY5ZjA0NGUyYjkyOTg3OGQ3NDdjNWZmYmI4MGFkMTBl
M2Q2YmQwHhcNMjMwMjAzMTI1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDkzMzE1MDU5NzMyOGM0YTM5Njg3NjRhMGRlNGI5NzBiM2M5NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiZY0Cu9LuR/Lh2nMTttjhJzyZ/E
88OxvoNRhJgfWl1SQlGvVosQWDG7Axjvx4HZju6msbuBqKiCMHHu0llrzfArCgqz
8HToGttc3SMCEY+yqxERI3GyrO/ynwjnDUNLhZNgQGdFVRib+31abAM+u3j+C9nC
XLPKi4ZNVuKF41SZGNj+bOojkYNdXbxyoLdwbYuuhjNOrUPqwraF8HTRKo/dZ5KL
wOfH85pVOnxIdOeb72jLoRK0BaJwkV8DwdUFgEUcTXhvuFVBs5aGFcsiyOWSYFiy
Aw+rj13HQpmhNNtW8HswksZ9hqD2qi6zViHYL7fmk9r8evLRZcTMZdnF4wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMSTMVBZcyjEo5aHZKDeS5cLPJXHMB8GA1UdIwQY
MBaAFA8PnwROK5KYeNdHxf+7gK0Q49a9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2Et
Y2RiZDNiNmNlNzc3LzEveEpNeFVGbHpLTVNqbG9ka29ONUxsd3M4bGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2EtY2RiZDNiNmNlNzc3
LzEvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCBWUkAwQA
BWVHMBgEAgACMBIDBwQqEx7AAAADBwUqEx7AEAAwDQYJKoZIhvcNAQELBQADggEB
ADWLO/82YnpV4iP1XgIiwMa/cfXdxBSaH1n/CgBoSr1Y2OTQSoaDIi8O/FtOpEbS
OxnOHuMNI4MXsNS7n2hjT8u2c/3HCaw6ISyl/G3lkY6d+i0v0x2bPlhb6zB7rlo2
sjDMOnGLKQsrb9gGjOvoM9DbqS9C6v1ZG+aTh0I7V2wXi2t/1cH++KjypbN1GHwO
9CZo0YfE6FT7m8xf1NR6UDPaI5EhkGA3QVXcA2xwPqs5hQPf32T3swSHNNlzk8L+
hjOaiqAv8LpOKF6Pymp+fyTS1Kz2Enu/Z9e8SZv9BdTPvFlBROcuiq9Bi34Be/mj
K8KVVWyD77hRlb1MSPrjdGY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:34 2023 by rpki-client on console-fra.rpki-client.org