Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5QVOiS7SiTZLOOXGc74_7nxPaSU.roa
File: 5QVOiS7SiTZLOOXGc74_7nxPaSU.roa (raw, json)
Hash identifier: 2xPjRL3gqz1RkkAYQ8Dpdyc8YZXDAGxyat9KH8ItETw=
Subject key identifier: E5:05:4E:89:2E:D2:89:36:4B:38:E5:C6:73:BE:3F:EE:7C:4F:69:25
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC8B8D11E836D79346CC907BA1405
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5QVOiS7SiTZLOOXGc74_7nxPaSU.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60659
IP address blocks: 213.74.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c8:b8:d1:1e:83:6d:79:34:6c:c9:07:ba:14:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5054e892ed289364b38e5c673be3fee7c4f6925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:98:70:8e:a2:f7:ec:8f:ab:dd:e6:8f:2e:8c:
0b:24:fc:a6:1f:48:b3:69:43:42:9a:20:e6:5f:0f:
10:ec:52:1d:de:f8:9b:95:34:8c:39:af:2b:b8:b9:
6f:c0:39:e1:fe:a8:c6:38:09:c6:06:2c:ab:dc:81:
a8:29:5f:b6:06:5b:25:99:29:35:ef:e0:1f:fe:a8:
6d:21:67:ed:a1:81:81:e4:a1:18:b0:ac:8a:4f:2d:
02:5e:0b:7b:2d:e4:8c:30:0c:46:8c:fe:22:15:75:
7d:e3:ed:91:4b:3c:34:69:87:bf:7c:01:61:d1:f7:
f1:64:e3:6f:c2:04:4b:6e:94:89:9b:21:a6:39:c1:
9e:b6:54:a0:b2:7a:51:e1:d6:d0:06:c6:43:6f:60:
89:f3:d8:b2:fa:bb:f6:86:c8:ae:05:30:7d:ad:3a:
36:54:1b:d2:ca:1c:f8:e8:19:57:fa:32:fd:32:3d:
6d:46:bb:d5:5a:71:ca:4c:2f:e5:c6:89:e3:f5:31:
26:ad:e7:89:12:9c:28:f0:d5:9b:eb:3a:06:5e:3f:
21:5c:b3:fa:a9:6d:fe:54:54:54:32:87:df:76:db:
a8:58:af:cd:39:6f:3c:af:e9:33:ac:51:c9:e4:0e:
4d:fc:20:54:06:d6:92:e0:69:05:16:15:33:73:d1:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:05:4E:89:2E:D2:89:36:4B:38:E5:C6:73:BE:3F:EE:7C:4F:69:25
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5QVOiS7SiTZLOOXGc74_7nxPaSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.74.102.0/24
Signature Algorithm: sha256WithRSAEncryption
53:5a:f6:eb:c0:6d:7f:96:5a:bd:b0:00:f1:56:7e:ba:45:92:
7a:bc:7b:c9:84:cb:68:99:d0:88:75:24:57:07:a1:0b:93:b2:
df:b6:69:83:f5:c0:72:98:ca:20:ea:27:c1:2c:31:fd:57:70:
db:c3:dc:14:42:73:55:f7:72:ae:59:8c:4a:59:d7:38:18:d9:
83:8c:a6:bc:e7:9d:7c:62:7f:66:3c:8b:77:48:b8:58:de:f7:
3e:a7:47:84:91:90:bd:0f:6d:90:d6:16:a1:73:f3:d2:6a:a2:
e2:33:87:1c:68:c1:dc:4f:54:0e:8c:55:f0:bd:7c:23:e3:16:
5c:c4:b3:92:c6:13:60:33:d8:b3:a2:20:12:dd:13:6a:61:a2:
a3:9d:7f:0a:aa:54:17:22:c2:34:78:00:2f:28:a2:f7:61:bf:
e5:e1:89:a5:4c:31:2f:68:5e:76:19:54:a3:a4:a8:d7:54:87:
71:a6:3e:3c:49:01:ce:23:a0:28:c3:ef:22:02:ed:22:7d:b8:
ee:b5:36:fd:a3:c9:40:57:df:de:e2:02:50:2f:69:aa:dc:e9:
bb:96:f6:53:1e:b4:dd:a2:95:5c:0c:be:81:e1:db:0e:47:99:
74:4d:b9:2b:ea:14:20:a3:24:b2:9a:df:37:26:0c:72:a5:d8:
92:58:86:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnci40R6DbXk0bMkHuhQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA1NGU4OTJlZDI4OTM2NGIzOGU1YzY3M2JlM2ZlZTdjNGY2OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJhwjqL37I+r3eaPLowLJPymH0iz
aUNCmiDmXw8Q7FId3viblTSMOa8ruLlvwDnh/qjGOAnGBiyr3IGoKV+2BlslmSk1
7+Af/qhtIWftoYGB5KEYsKyKTy0CXgt7LeSMMAxGjP4iFXV94+2RSzw0aYe/fAFh
0ffxZONvwgRLbpSJmyGmOcGetlSgsnpR4dbQBsZDb2CJ89iy+rv2hsiuBTB9rTo2
VBvSyhz46BlX+jL9Mj1tRrvVWnHKTC/lxonj9TEmreeJEpwo8NWb6zoGXj8hXLP6
qW3+VFRUMoffdtuoWK/NOW88r+kzrFHJ5A5N/CBUBtaS4GkFFhUzc9EC0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOUFToku0ok2SzjlxnO+P+58T2klMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvNVFWT2lTN1NpVFpMT09YR2M3NF83bnhQYVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1UpmMA0G
CSqGSIb3DQEBCwUAA4IBAQBTWvbrwG1/llq9sADxVn66RZJ6vHvJhMtomdCIdSRX
B6ELk7LftmmD9cBymMog6ifBLDH9V3Dbw9wUQnNV93KuWYxKWdc4GNmDjKa85518
Yn9mPIt3SLhY3vc+p0eEkZC9D22Q1hahc/PSaqLiM4ccaMHcT1QOjFXwvXwj4xZc
xLOSxhNgM9izoiAS3RNqYaKjnX8KqlQXIsI0eAAvKKL3Yb/l4YmlTDEvaF52GVSj
pKjXVIdxpj48SQHOI6Aow+8iAu0ifbjutTb9o8lAV9/e4gJQL2mq3Om7lvZTHrTd
opVcDL6B4dsOR5l0Tbkr6hQgoySymt83JgxypdiSWIaD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org