Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/N2VRBQc2SB-o2eh3xUAu7QVkSPY.roa
File: N2VRBQc2SB-o2eh3xUAu7QVkSPY.roa (raw, json)
Hash identifier: MyScWkKQiqvVjjUqpwtjWOSQqfGhHfBq1QFEtqbMuxg=
Subject key identifier: 37:65:51:05:07:36:48:1F:A8:D9:E8:77:C5:40:2E:ED:05:64:48:F6
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 01856ED498533F16506E33A1DB18B2EDEF76
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/N2VRBQc2SB-o2eh3xUAu7QVkSPY.roa
Signing time: Sun 01 Jan 2023 19:35:04 +0000
ROA not before: Sun 01 Jan 2023 19:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:98:53:3f:16:50:6e:33:a1:db:18:b2:ed:ef:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Jan 1 19:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=376551050736481fa8d9e877c5402eed056448f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:23:37:d7:10:fc:cf:94:15:df:98:a7:ce:63:
28:55:34:ff:f5:10:22:b3:be:64:a5:97:9e:2d:3d:
3f:07:56:fd:dd:b9:bb:0e:eb:70:11:95:6a:38:f1:
fa:37:db:73:8c:c3:f4:fd:ed:1e:be:07:15:02:c4:
31:e9:fc:a7:05:dc:f5:f1:b7:02:7a:2d:29:ec:22:
d7:f9:09:64:ee:ca:c9:0f:c6:2d:0b:ff:38:c4:85:
a6:ae:13:b9:ee:dc:0b:df:6e:4b:60:f8:85:ac:4e:
c1:32:07:04:76:c5:cc:61:95:25:2f:4d:47:35:84:
8a:97:bd:95:d4:73:90:a3:d3:2d:de:17:c5:ec:fd:
c9:17:78:97:91:c3:15:57:67:eb:8e:93:8a:49:de:
8c:a4:2e:37:12:b5:35:72:8e:f5:18:67:a3:8b:89:
f1:42:8e:ff:6f:13:d8:ea:61:fc:ad:0c:41:aa:69:
16:e9:78:37:72:a0:44:66:8f:7a:15:75:ca:b2:7f:
62:79:38:81:e0:9b:8f:8e:98:9b:fa:1a:e7:a5:c5:
62:5e:16:f7:3f:7d:c6:62:c5:34:b5:0a:90:df:e3:
d3:1a:5a:c6:f9:96:91:58:91:0e:51:ee:71:9a:55:
67:b5:23:15:d8:82:e6:04:a6:3a:80:e8:d1:44:40:
a6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:65:51:05:07:36:48:1F:A8:D9:E8:77:C5:40:2E:ED:05:64:48:F6
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/N2VRBQc2SB-o2eh3xUAu7QVkSPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
b1:d2:b6:16:16:9c:d5:93:cc:0e:1a:02:e3:ee:8b:13:4d:8a:
d7:81:a8:d2:20:86:5c:e1:18:bf:d3:e1:60:e6:e2:39:a4:cd:
ea:05:45:15:92:2d:6b:4b:32:76:b1:57:2b:0d:be:3a:a1:a9:
d3:b0:63:ac:fa:19:f0:75:6d:ef:de:74:cb:83:d7:f2:07:5f:
28:19:80:c1:76:b3:e4:fd:64:2d:f4:7f:05:e5:91:b5:e6:a7:
63:84:8a:06:27:7d:3c:50:ab:26:27:e2:13:63:6e:78:97:36:
55:d2:91:ca:92:11:f7:95:89:86:91:67:89:3c:8b:e6:d8:c6:
7c:ba:4c:b5:2f:01:8e:af:4e:17:c6:de:6f:03:25:86:d8:78:
5d:77:5b:92:64:b6:4c:1a:8a:76:60:a7:c4:e2:71:23:0d:76:
ad:d4:58:34:a7:6e:97:2e:51:03:fb:6c:b7:f9:34:cd:78:94:
38:90:6a:72:7b:31:1a:1f:b3:d9:50:a8:10:a9:f9:60:41:b9:
ad:51:a8:a4:37:cd:37:3f:4f:84:4a:3f:83:21:99:34:2c:1c:
e4:0d:74:7b:66:aa:c0:b9:03:45:d1:45:79:9d:a4:e4:7a:ef:
f5:0b:22:65:85:0e:7f:d4:80:ba:70:c4:15:3f:55:8b:b0:c1:
71:2a:1b:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1JhTPxZQbjOh2xiy7e92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjMwMTAxMTkzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY1NTEwNTA3MzY0ODFmYThkOWU4NzdjNTQwMmVlZDA1NjQ0OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCM31xD8z5QV35inzmMoVTT/9RAi
s75kpZeeLT0/B1b93bm7DutwEZVqOPH6N9tzjMP0/e0evgcVAsQx6fynBdz18bcC
ei0p7CLX+Qlk7srJD8YtC/84xIWmrhO57twL325LYPiFrE7BMgcEdsXMYZUlL01H
NYSKl72V1HOQo9Mt3hfF7P3JF3iXkcMVV2frjpOKSd6MpC43ErU1co71GGeji4nx
Qo7/bxPY6mH8rQxBqmkW6Xg3cqBEZo96FXXKsn9ieTiB4JuPjpib+hrnpcViXhb3
P33GYsU0tQqQ3+PTGlrG+ZaRWJEOUe5xmlVntSMV2ILmBKY6gOjRRECm8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDdlUQUHNkgfqNnod8VALu0FZEj2MB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvTjJWUkJRYzJTQi1vMmVoM3hVQXU3UVZrU1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABYVyMA0E
AgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCx0rYWFpzVk8wOGgLj7osT
TYrXgajSIIZc4Ri/0+Fg5uI5pM3qBUUVki1rSzJ2sVcrDb46oanTsGOs+hnwdW3v
3nTLg9fyB18oGYDBdrPk/WQt9H8F5ZG15qdjhIoGJ308UKsmJ+ITY254lzZV0pHK
khH3lYmGkWeJPIvm2MZ8uky1LwGOr04Xxt5vAyWG2Hhdd1uSZLZMGop2YKfE4nEj
DXat1Fg0p26XLlED+2y3+TTNeJQ4kGpyezEaH7PZUKgQqflgQbmtUaikN803P0+E
Sj+DIZk0LBzkDXR7ZqrAuQNF0UV5naTkeu/1CyJlhQ5/1IC6cMQVP1WLsMFxKhvv
-----END CERTIFICATE-----
Generated at Tue Oct 10 14:52:17 2023 by rpki-client on console-ams.rpki-client.org