Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/j3Sl7i11au6t_sODTSzLJbdT0fU.roa
File: j3Sl7i11au6t_sODTSzLJbdT0fU.roa (raw, json)
Hash identifier: 2FHpipFT5MtDLEPMQ62ryOvJLBDQvvB0RE5zVJvgzyo=
Subject key identifier: 8F:74:A5:EE:2D:75:6A:EE:AD:FE:C3:83:4D:2C:CB:25:B7:53:D1:F5
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 0185718345EF299B273490023FBD42C03464
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/j3Sl7i11au6t_sODTSzLJbdT0fU.roa
Signing time: Mon 02 Jan 2023 08:05:06 +0000
ROA not before: Mon 02 Jan 2023 08:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 109.68.56.0/21 maxlen: 21
193.151.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:45:ef:29:9b:27:34:90:02:3f:bd:42:c0:34:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jan 2 08:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f74a5ee2d756aeeadfec3834d2ccb25b753d1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:10:c1:a9:c7:60:af:ab:83:92:86:03:80:eb:
19:91:06:02:1a:76:92:fb:bb:56:24:db:59:5d:51:
e6:e7:bb:b2:7c:e5:33:e4:37:cf:7c:bb:a5:fc:4b:
d0:51:ce:1a:be:62:4e:82:e9:9c:aa:9b:9f:f5:a3:
1c:9f:10:ea:e4:60:16:7c:98:f0:a2:ed:9d:94:b7:
00:76:0a:ea:98:37:cc:ed:62:e6:01:c5:e9:73:90:
29:12:fb:f7:ba:f8:03:71:85:0a:97:95:93:1c:bf:
94:0f:b6:d4:e2:41:d6:f5:ff:d0:e3:f9:1b:66:36:
47:75:41:3e:dd:2d:4a:39:96:60:d0:c9:41:71:5e:
7c:f7:41:8e:dc:6e:47:48:15:82:f1:c4:7b:1a:87:
e6:0b:7e:79:54:7f:e5:ed:bf:84:99:bf:a1:41:55:
cb:89:7a:53:20:fd:99:28:b8:25:fb:24:02:5b:b0:
05:61:85:3f:7c:ee:2f:12:b8:59:5d:a6:7e:18:11:
1b:dd:40:71:87:55:73:0c:ae:84:30:4c:7f:9f:ff:
a0:6d:44:10:69:f6:21:91:7e:82:88:b8:5f:16:06:
a7:73:f2:15:63:17:ef:d0:89:30:a9:73:ff:3d:83:
1b:82:d5:31:1b:09:7b:0b:ca:08:9d:3e:83:77:a3:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:74:A5:EE:2D:75:6A:EE:AD:FE:C3:83:4D:2C:CB:25:B7:53:D1:F5
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/j3Sl7i11au6t_sODTSzLJbdT0fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.56.0/21
193.151.72.0/22
Signature Algorithm: sha256WithRSAEncryption
65:b9:c6:2d:61:3c:a8:41:15:b2:3f:6a:ef:93:36:f3:8e:34:
60:30:d2:96:75:6c:da:55:e9:cd:9d:83:ce:88:c0:b8:6f:6f:
ba:9c:5f:33:2b:42:c4:02:60:31:07:7f:dc:18:0c:4d:71:60:
66:2f:21:75:6a:c9:c7:17:49:b8:a2:75:f7:82:64:c6:fa:c0:
ff:2b:1a:29:38:69:38:74:5c:58:0e:b6:98:82:33:eb:ce:1c:
50:c4:df:2c:db:00:67:13:45:c6:5f:6c:5e:94:d4:a4:31:af:
9c:d4:8d:76:22:46:a1:69:94:43:6c:71:82:61:d5:43:fb:55:
29:6a:06:70:28:2c:ab:2c:1e:52:81:57:d4:2b:d8:5d:74:8f:
5a:d8:fb:e6:bb:aa:19:6b:59:d5:fc:db:4e:79:a0:c9:11:74:
d1:f6:92:70:c5:98:24:27:81:84:5c:9f:39:a9:ac:d0:bf:94:
89:ac:34:10:50:26:92:ff:3b:0e:5e:dd:0c:37:ca:3f:42:a1:
f8:82:3d:20:9e:d3:97:1d:08:87:c1:6d:de:9e:ea:0b:c8:38:
8f:d1:77:ab:93:b7:fe:9c:5d:a5:ee:eb:ea:f9:1a:ce:15:b3:
50:d7:46:b0:29:f6:ab:3d:37:8c:b2:b6:88:a8:8a:87:2d:5a:
33:0f:a9:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxg0XvKZsnNJACP71CwDRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjMwMTAyMDgwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc0YTVlZTJkNzU2YWVlYWRmZWMzODM0ZDJjY2IyNWI3NTNkMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRDBqcdgr6uDkoYDgOsZkQYCGnaS
+7tWJNtZXVHm57uyfOUz5DfPfLul/EvQUc4avmJOgumcqpuf9aMcnxDq5GAWfJjw
ou2dlLcAdgrqmDfM7WLmAcXpc5ApEvv3uvgDcYUKl5WTHL+UD7bU4kHW9f/Q4/kb
ZjZHdUE+3S1KOZZg0MlBcV5890GO3G5HSBWC8cR7GofmC355VH/l7b+Emb+hQVXL
iXpTIP2ZKLgl+yQCW7AFYYU/fO4vErhZXaZ+GBEb3UBxh1VzDK6EMEx/n/+gbUQQ
afYhkX6CiLhfFganc/IVYxfv0IkwqXP/PYMbgtUxGwl7C8oInT6Dd6MT8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI90pe4tdWrurf7Dg00syyW3U9H1MB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvajNTbDdpMTFhdTZ0X3NPRFRTekxKYmRUMGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbUQ4AwQC
wZdIMA0GCSqGSIb3DQEBCwUAA4IBAQBlucYtYTyoQRWyP2rvkzbzjjRgMNKWdWza
VenNnYPOiMC4b2+6nF8zK0LEAmAxB3/cGAxNcWBmLyF1asnHF0m4onX3gmTG+sD/
KxopOGk4dFxYDraYgjPrzhxQxN8s2wBnE0XGX2xelNSkMa+c1I12IkahaZRDbHGC
YdVD+1UpagZwKCyrLB5SgVfUK9hddI9a2Pvmu6oZa1nV/NtOeaDJEXTR9pJwxZgk
J4GEXJ85qazQv5SJrDQQUCaS/zsOXt0MN8o/QqH4gj0gntOXHQiHwW3enuoLyDiP
0Xerk7f+nF2l7uvq+RrOFbNQ10awKfarPTeMsraIqIqHLVozD6n5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:11 2024 by rpki-client on console-fra.rpki-client.org