Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/c9wrUpypCfdzTyZuq6CWjGqtKE0.roa
File: c9wrUpypCfdzTyZuq6CWjGqtKE0.roa (raw, json)
Hash identifier: TaE4cx9Tv/dqvzvNhDXHSu7uizp+KuN30QArkcs9g5c=
Subject key identifier: 73:DC:2B:52:9C:A9:09:F7:73:4F:26:6E:AB:A0:96:8C:6A:AD:28:4D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191526D01114D8D2FED204F1FF6D8A20F24
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/c9wrUpypCfdzTyZuq6CWjGqtKE0.roa
Signing time: Wed 14 Aug 2024 19:46:00 +0000
ROA not before: Wed 14 Aug 2024 19:46:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.210.0/24 maxlen: 24
194.26.204.0/24 maxlen: 24
212.18.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 18:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:6d:01:11:4d:8d:2f:ed:20:4f:1f:f6:d8:a2:0f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 14 19:46:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73dc2b529ca909f7734f266eaba0968c6aad284d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:69:43:da:bf:83:8a:cd:4b:f1:8c:02:14:4e:
90:67:15:c7:19:f9:6f:28:db:00:e5:68:46:1d:87:
7b:26:23:3a:ae:e1:fa:5a:1b:da:23:4c:ee:8e:10:
e8:6f:bc:a6:d4:75:90:20:99:18:44:bb:6e:f4:ad:
72:08:3b:46:a8:bd:33:8c:33:e9:44:af:59:57:c1:
fe:e7:4a:2b:f3:4e:0b:b1:86:78:ca:ac:08:87:50:
6c:46:37:96:28:0e:19:7b:89:94:9b:eb:58:1c:33:
df:06:4a:5e:61:65:77:db:6b:33:3c:b2:aa:61:7b:
63:1b:89:9c:7c:11:e7:ba:40:27:17:9c:fe:70:69:
3c:4a:ca:1d:e5:ea:b3:92:81:0d:7c:88:96:fd:a6:
af:a1:3c:f5:0d:ad:cc:97:d1:cb:d5:dd:59:ba:36:
da:ab:63:7b:0d:5d:ad:b3:3e:80:df:a8:5b:88:41:
ed:f2:3d:34:ca:f0:29:54:79:51:a4:d0:08:6e:ae:
56:a6:44:02:53:70:5c:f6:c4:da:05:e0:80:52:06:
46:ba:26:af:d4:4c:a4:72:08:4c:79:46:26:42:f4:
e3:84:b3:8e:d3:8a:85:62:2d:74:75:b1:61:08:7c:
ba:f2:62:30:dd:73:21:05:43:b6:e3:59:8d:b4:65:
70:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DC:2B:52:9C:A9:09:F7:73:4F:26:6E:AB:A0:96:8C:6A:AD:28:4D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/c9wrUpypCfdzTyZuq6CWjGqtKE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.210.0/24
194.26.204.0/24
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:52:f0:a7:c0:ed:7f:aa:7c:f4:b8:6c:37:10:1f:8e:0f:a0:
d8:d0:0a:24:10:db:68:5c:15:31:69:13:59:4b:a8:5e:f2:be:
a3:28:cc:6a:3a:d2:db:68:78:e2:70:30:d3:8b:dc:b2:87:89:
fe:e0:b5:96:0c:39:42:3d:11:fc:49:da:7c:ac:92:53:2c:c5:
6d:fa:3f:a7:42:10:24:ee:db:ec:7b:82:d3:95:e3:b6:97:ac:
9f:ce:7b:5e:04:db:6d:0c:29:b6:0a:b8:62:95:eb:aa:a8:e8:
75:23:d4:4c:d1:db:b6:0f:cb:d4:9c:0a:e6:04:43:f4:82:c1:
e6:a5:d7:16:99:b8:c8:0b:ab:5a:6d:7b:3a:23:7d:bb:19:0f:
96:91:1a:6b:80:4c:3c:ec:6a:bc:67:ff:07:7a:2c:d0:bc:88:
19:62:59:69:99:a2:6e:7d:84:49:62:cb:c6:3e:f0:59:8b:46:
85:8e:d0:ff:c3:a5:dc:81:c6:76:eb:43:64:7a:4d:74:2b:34:
ce:69:b4:5d:e6:a4:ae:9b:52:e4:b7:7c:32:0c:9e:bf:b8:48:
f1:40:98:a6:3f:fc:a4:d7:d0:ce:83:42:c0:16:04:9a:39:c8:
b9:f9:7e:d1:be:20:8e:1a:4d:7d:1e:3c:e4:16:b2:ea:5a:2e:
b1:be:19:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFSbQERTY0v7SBPH/bYog8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODE0MTk0NjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2RjMmI1MjljYTkwOWY3NzM0ZjI2NmVhYmEwOTY4YzZhYWQyODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmlD2r+Dis1L8YwCFE6QZxXHGflv
KNsA5WhGHYd7JiM6ruH6WhvaI0zujhDob7ym1HWQIJkYRLtu9K1yCDtGqL0zjDPp
RK9ZV8H+50or804LsYZ4yqwIh1BsRjeWKA4Ze4mUm+tYHDPfBkpeYWV322szPLKq
YXtjG4mcfBHnukAnF5z+cGk8Ssod5eqzkoENfIiW/aavoTz1Da3Ml9HL1d1Zujba
q2N7DV2tsz6A36hbiEHt8j00yvApVHlRpNAIbq5WpkQCU3Bc9sTaBeCAUgZGuiav
1EykcghMeUYmQvTjhLOO04qFYi10dbFhCHy68mIw3XMhBUO241mNtGVwUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHPcK1KcqQn3c08mbqugloxqrShNMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYzl3clVweXBDZmR6VHladXE2Q1dqR3F0S0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSrSAwQA
whrMAwQA1BJ4MA0GCSqGSIb3DQEBCwUAA4IBAQCPUvCnwO1/qnz0uGw3EB+OD6DY
0AokENtoXBUxaRNZS6he8r6jKMxqOtLbaHjicDDTi9yyh4n+4LWWDDlCPRH8Sdp8
rJJTLMVt+j+nQhAk7tvse4LTleO2l6yfznteBNttDCm2CrhileuqqOh1I9RM0du2
D8vUnArmBEP0gsHmpdcWmbjIC6tabXs6I327GQ+WkRprgEw87Gq8Z/8HeizQvIgZ
YllpmaJufYRJYsvGPvBZi0aFjtD/w6XcgcZ260Nkek10KzTOabRd5qSum1Lkt3wy
DJ6/uEjxQJimP/yk19DOg0LAFgSaOci5+X7RviCOGk19HjzkFrLqWi6xvhlV
-----END CERTIFICATE-----
Generated at Wed Aug 21 23:31:40 2024 by rpki-client on console-ams.rpki-client.org