Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/8xpibZF16bbCwzwmOq_eLUb4W60.roa
File: 8xpibZF16bbCwzwmOq_eLUb4W60.roa (raw, json)
Hash identifier: qiQhjRrrb17Cbk9+xJA4Bx15Peni2y7+zz345Hq76gg=
Subject key identifier: F3:1A:62:6D:91:75:E9:B6:C2:C3:3C:26:3A:AF:DE:2D:46:F8:5B:AD
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D18CE54CFF1ABE74FEFF764A6D6CC2272
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/8xpibZF16bbCwzwmOq_eLUb4W60.roa
Signing time: Wed 17 Jan 2024 19:03:11 +0000
ROA not before: Wed 17 Jan 2024 19:03:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211020
IP address blocks: 5.201.162.0/24 maxlen: 24
89.43.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 20:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:ce:54:cf:f1:ab:e7:4f:ef:f7:64:a6:d6:cc:22:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 17 19:03:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31a626d9175e9b6c2c33c263aafde2d46f85bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:03:cd:f5:f2:21:f9:1d:18:0f:d8:10:2c:69:
fe:58:be:71:8d:e2:58:02:e0:0c:08:34:5d:ba:67:
41:fd:e5:4d:45:aa:cd:93:84:53:de:41:5f:c6:4d:
9f:ec:eb:c5:22:6a:91:fd:82:be:8c:61:8a:69:77:
5d:81:b3:0f:7a:c8:a7:59:66:52:5c:c2:1e:15:74:
a4:db:ef:23:79:2e:60:b5:a0:e4:f3:9e:1d:40:72:
60:e8:2b:7f:bf:33:1e:cb:5d:5c:4f:fa:35:d7:fc:
97:8c:b8:6f:20:9e:da:9b:bf:99:4e:12:08:39:db:
78:fb:36:35:33:9f:15:ed:d9:36:ac:b1:fb:c3:9f:
8d:f6:be:a7:8f:7f:8c:ee:93:4b:de:b8:f4:da:93:
60:3e:b9:e0:cc:4b:91:fb:9a:32:37:99:e3:d6:42:
b6:29:30:3b:7d:2c:c5:a7:60:69:4f:84:8d:4e:97:
e5:d0:42:8c:68:9c:58:04:09:39:74:34:2b:ab:9c:
29:d9:a3:af:37:ab:fa:b3:5c:62:62:25:f6:e9:38:
56:d8:7d:b0:5d:f3:de:2f:17:8b:91:79:5f:b4:14:
a2:55:e0:4e:80:aa:64:7a:e8:aa:f2:3f:40:16:96:
8a:eb:f9:b8:b4:cb:56:1a:20:03:54:74:26:0a:c0:
06:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1A:62:6D:91:75:E9:B6:C2:C3:3C:26:3A:AF:DE:2D:46:F8:5B:AD
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/8xpibZF16bbCwzwmOq_eLUb4W60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.162.0/24
89.43.2.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:38:07:d1:d9:d9:67:d0:51:2f:c6:0d:c9:a1:71:eb:9f:07:
a9:bc:11:2c:e2:fc:0d:b4:0c:c7:81:d9:24:87:01:b3:93:dd:
f8:b2:ac:35:8a:65:1b:06:bf:eb:a7:a4:d1:03:67:bb:98:ee:
b2:42:da:b7:b1:36:e1:31:b5:93:e3:50:f9:3c:c1:8f:6d:da:
4f:80:a5:e0:a8:95:06:25:54:21:37:bb:9a:6a:42:48:e2:35:
6b:67:03:c9:56:98:1c:54:81:fd:26:bf:ba:7d:d1:68:ef:2d:
3e:70:fd:eb:4e:32:3f:bb:ba:00:1d:0d:51:74:d1:2e:8b:e5:
54:8a:47:c0:e7:01:00:6e:14:ce:50:28:34:63:14:20:5e:60:
e4:16:ab:0d:d8:ad:0e:dc:c2:4e:e6:c9:0d:17:b8:26:5e:7f:
9b:b9:80:f1:75:9a:0f:b3:3b:96:5a:8a:79:1f:a4:ec:8d:22:
2b:90:4a:39:0a:a9:3b:12:bb:4a:2d:ac:35:79:a7:d8:d0:90:
aa:00:b5:f9:53:1d:16:b6:50:ef:76:3d:11:15:2f:3a:94:7d:
bc:41:3d:f0:a2:bc:b1:ee:57:0a:9b:0e:ff:de:cb:6d:d2:26:
fa:ef:0a:3a:aa:55:66:89:8f:a1:38:53:c5:77:60:fa:7c:b5:
55:8a:4d:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0YzlTP8avnT+/3ZKbWzCJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTE3MTkwMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFhNjI2ZDkxNzVlOWI2YzJjMzNjMjYzYWFmZGUyZDQ2Zjg1YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gPN9fIh+R0YD9gQLGn+WL5xjeJY
AuAMCDRdumdB/eVNRarNk4RT3kFfxk2f7OvFImqR/YK+jGGKaXddgbMPesinWWZS
XMIeFXSk2+8jeS5gtaDk854dQHJg6Ct/vzMey11cT/o11/yXjLhvIJ7am7+ZThII
Odt4+zY1M58V7dk2rLH7w5+N9r6nj3+M7pNL3rj02pNgPrngzEuR+5oyN5nj1kK2
KTA7fSzFp2BpT4SNTpfl0EKMaJxYBAk5dDQrq5wp2aOvN6v6s1xiYiX26ThW2H2w
XfPeLxeLkXlftBSiVeBOgKpkeuiq8j9AFpaK6/m4tMtWGiADVHQmCsAGkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPMaYm2Rdem2wsM8Jjqv3i1G+FutMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvOHhwaWJaRjE2YmJDd3p3bU9xX2VMVWI0VzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABcmiAwQA
WSsCMA0GCSqGSIb3DQEBCwUAA4IBAQA9OAfR2dln0FEvxg3JoXHrnwepvBEs4vwN
tAzHgdkkhwGzk934sqw1imUbBr/rp6TRA2e7mO6yQtq3sTbhMbWT41D5PMGPbdpP
gKXgqJUGJVQhN7uaakJI4jVrZwPJVpgcVIH9Jr+6fdFo7y0+cP3rTjI/u7oAHQ1R
dNEui+VUikfA5wEAbhTOUCg0YxQgXmDkFqsN2K0O3MJO5skNF7gmXn+buYDxdZoP
szuWWop5H6TsjSIrkEo5Cqk7ErtKLaw1eafY0JCqALX5Ux0WtlDvdj0RFS86lH28
QT3woryx7lcKmw7/3stt0ib67wo6qlVmiY+hOFPFd2D6fLVVik1L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:19 2024 by rpki-client on console-ams.rpki-client.org