Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/e3efc8-5f1d-4eb8-9720-379733ab38cd/1/5s1J4eDOJodVqzBxZuXySg3jtFQ.roa
File: 5s1J4eDOJodVqzBxZuXySg3jtFQ.roa (raw, json)
Hash identifier: DsgJhjCXCG4ygYLjFyJP2dOe5ftbQyKXhZ92sSOP1B4=
Subject key identifier: E6:CD:49:E1:E0:CE:26:87:55:AB:30:71:66:E5:F2:4A:0D:E3:B4:54
Certificate issuer: /CN=5f8ad135412bf9041be5fd08e74a24120db3eec7
Certificate serial: 01856EB8E9117574C319FBFB5D8A332264DB
Authority key identifier: 5F:8A:D1:35:41:2B:F9:04:1B:E5:FD:08:E7:4A:24:12:0D:B3:EE:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4rRNUEr-QQb5f0I50okEg2z7sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/e3efc8-5f1d-4eb8-9720-379733ab38cd/1/5s1J4eDOJodVqzBxZuXySg3jtFQ.roa
Signing time: Sun 01 Jan 2023 19:04:50 +0000
ROA not before: Sun 01 Jan 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198367
IP address blocks: 91.234.60.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e9:11:75:74:c3:19:fb:fb:5d:8a:33:22:64:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f8ad135412bf9041be5fd08e74a24120db3eec7
Validity
Not Before: Jan 1 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6cd49e1e0ce268755ab307166e5f24a0de3b454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:c4:9f:7c:f8:c0:8b:2a:19:1f:b3:9e:41:
11:ef:bd:8d:4d:ac:58:6e:5e:15:25:19:02:c8:3d:
1d:0f:cf:db:d0:d6:8b:7b:d1:59:74:69:0f:05:f9:
f6:87:36:23:85:28:84:08:5c:13:4e:d5:f7:93:72:
b7:64:f2:70:d0:bd:6a:eb:46:f2:14:20:f5:ab:d4:
bd:ef:a6:95:4f:01:2e:be:28:08:c4:ef:1d:ed:a1:
12:71:b1:9b:a8:f7:1c:56:12:05:8e:22:5e:13:16:
bf:d1:42:16:07:cd:ab:13:db:00:3d:10:cd:eb:66:
24:ba:b7:08:bf:5a:02:bf:bd:95:5f:7d:33:ab:e9:
9f:6b:5b:d3:ad:fd:a9:00:19:1c:05:54:31:c4:f2:
69:89:ea:3e:7b:d6:e1:e3:f0:d0:e7:54:3e:7f:84:
9c:20:0c:12:09:37:7f:ed:47:30:b5:27:ca:66:81:
75:28:61:49:75:61:54:37:03:34:2f:1e:da:2b:f4:
50:55:ec:10:36:4c:e7:af:0d:fd:c4:e0:39:56:8f:
ea:e6:51:34:f6:b5:31:2e:e7:c1:c8:38:cd:a1:98:
45:33:cf:10:89:cc:4a:a9:88:a8:f2:2b:7c:12:66:
d2:ec:0f:61:d0:09:a2:e9:4c:c1:5d:88:7f:96:0f:
f2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CD:49:E1:E0:CE:26:87:55:AB:30:71:66:E5:F2:4A:0D:E3:B4:54
X509v3 Authority Key Identifier:
keyid:5F:8A:D1:35:41:2B:F9:04:1B:E5:FD:08:E7:4A:24:12:0D:B3:EE:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4rRNUEr-QQb5f0I50okEg2z7sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e3efc8-5f1d-4eb8-9720-379733ab38cd/1/5s1J4eDOJodVqzBxZuXySg3jtFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e3efc8-5f1d-4eb8-9720-379733ab38cd/1/X4rRNUEr-QQb5f0I50okEg2z7sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.60.0/22
Signature Algorithm: sha256WithRSAEncryption
28:ae:29:3d:06:4f:8f:bf:f9:5d:ec:51:e4:7e:f0:87:e3:5b:
e9:78:30:6b:a7:9c:0c:74:29:48:5b:2b:a3:29:39:1a:0f:65:
5f:17:3a:02:c0:0a:c8:d6:2b:0c:f7:39:f6:21:4d:6d:c9:91:
31:7a:79:56:61:ff:96:04:33:ec:27:af:a3:e6:d0:82:c9:60:
23:d7:0a:3e:4b:82:d8:bb:2e:3c:51:dc:43:ec:a1:c7:1a:92:
e9:04:59:03:4c:b8:15:a8:9d:db:a2:e9:7c:88:41:6f:77:3b:
7e:bc:0f:63:64:c0:fc:87:b5:0d:41:65:18:66:cc:d3:b3:7f:
c7:31:ee:06:29:b0:16:ea:a0:ec:30:a6:4d:a1:d2:19:47:e8:
e3:37:ae:17:fa:d3:c3:58:20:8d:69:9f:6a:f0:b2:e2:48:75:
53:39:c7:c9:ca:25:fc:2f:da:dc:63:05:6e:01:cd:45:0c:fe:
b9:ca:f4:66:c2:df:85:97:76:ea:10:56:0d:24:6d:a2:e2:16:
5a:04:e1:a5:d3:7d:38:b2:53:a2:dc:b5:22:33:16:74:bb:aa:
af:26:01:97:f6:ac:b8:65:a8:7a:9f:ef:fb:1a:6c:60:3c:30:
5e:86:31:5a:2d:f1:ea:f1:60:2b:53:3c:ef:f5:91:53:36:43:
d1:bc:09:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuOkRdXTDGfv7XYozImTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOGFkMTM1NDEyYmY5MDQxYmU1ZmQwOGU3NGEyNDEyMGRi
M2VlYzcwHhcNMjMwMTAxMTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNkNDllMWUwY2UyNjg3NTVhYjMwNzE2NmU1ZjI0YTBkZTNiNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2zEn3z4wIsqGR+znkER772NTaxY
bl4VJRkCyD0dD8/b0NaLe9FZdGkPBfn2hzYjhSiECFwTTtX3k3K3ZPJw0L1q60by
FCD1q9S976aVTwEuvigIxO8d7aEScbGbqPccVhIFjiJeExa/0UIWB82rE9sAPRDN
62YkurcIv1oCv72VX30zq+mfa1vTrf2pABkcBVQxxPJpieo+e9bh4/DQ51Q+f4Sc
IAwSCTd/7UcwtSfKZoF1KGFJdWFUNwM0Lx7aK/RQVewQNkznrw39xOA5Vo/q5lE0
9rUxLufByDjNoZhFM88QicxKqYio8it8EmbS7A9h0Ami6UzBXYh/lg/ycQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObNSeHgziaHVaswcWbl8koN47RUMB8GA1UdIwQY
MBaAFF+K0TVBK/kEG+X9COdKJBINs+7HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRyUk5VRXItUVFiNWYwSTUwb2tFZzJ6N3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9lM2VmYzgtNWYxZC00ZWI4LTk3MjAt
Mzc5NzMzYWIzOGNkLzEvNXMxSjRlRE9Kb2RWcXpCeFp1WHlTZzNqdEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9lM2VmYzgtNWYxZC00ZWI4LTk3MjAtMzc5NzMzYWIzOGNk
LzEvWDRyUk5VRXItUVFiNWYwSTUwb2tFZzJ6N3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+o8MA0G
CSqGSIb3DQEBCwUAA4IBAQAorik9Bk+Pv/ld7FHkfvCH41vpeDBrp5wMdClIWyuj
KTkaD2VfFzoCwArI1isM9zn2IU1tyZExenlWYf+WBDPsJ6+j5tCCyWAj1wo+S4LY
uy48UdxD7KHHGpLpBFkDTLgVqJ3boul8iEFvdzt+vA9jZMD8h7UNQWUYZszTs3/H
Me4GKbAW6qDsMKZNodIZR+jjN64X+tPDWCCNaZ9q8LLiSHVTOcfJyiX8L9rcYwVu
Ac1FDP65yvRmwt+Fl3bqEFYNJG2i4hZaBOGl0304slOi3LUiMxZ0u6qvJgGX9qy4
Zah6n+/7GmxgPDBehjFaLfHq8WArUzzv9ZFTNkPRvAnM
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:43 2024 by rpki-client on console-fra.rpki-client.org