Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3j6j9xIr3EUsucgR-uJpc6PjLEs.roa
File: 3j6j9xIr3EUsucgR-uJpc6PjLEs.roa (raw, json)
Hash identifier: xCfLNlmqlJCcg+qefU6XBHc3hYs/EkZtnC7znI701ck=
Subject key identifier: DE:3E:A3:F7:12:2B:DC:45:2C:B9:C8:11:FA:E2:69:73:A3:E3:2C:4B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DC148FB54BD9D1245E17112F98B2F564B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3j6j9xIr3EUsucgR-uJpc6PjLEs.roa
Signing time: Mon 19 Feb 2024 12:13:21 +0000
ROA not before: Mon 19 Feb 2024 12:13:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.34.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:48:fb:54:bd:9d:12:45:e1:71:12:f9:8b:2f:56:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 19 12:13:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de3ea3f7122bdc452cb9c811fae26973a3e32c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:62:9e:92:a9:ef:52:2c:1c:9b:62:73:8d:
9e:29:c5:1a:10:ff:14:00:22:35:2f:63:a8:a9:8b:
69:12:e0:ba:e5:3c:55:32:ea:09:6a:ec:ea:7d:4c:
60:cf:0d:c3:ef:f3:ec:1a:df:ac:e2:10:fd:8f:d9:
34:10:b1:68:a0:17:15:17:e7:f7:e2:05:d4:4f:29:
62:c4:7a:61:b3:ba:4d:9f:5b:b2:26:b7:7d:e0:0f:
31:26:af:06:98:98:71:85:99:e5:be:d0:22:88:ea:
a0:9b:76:9b:54:71:ce:4e:58:d2:19:ed:3c:61:37:
1b:6a:9c:8d:42:45:dc:2a:66:7e:d1:77:ab:68:3b:
45:da:02:a8:04:1c:3b:b9:10:6b:c7:4d:24:eb:37:
39:68:7f:ac:de:1c:2c:84:7c:d0:8c:12:61:13:e0:
bb:74:30:78:ed:f3:fc:88:e5:85:9a:70:ab:a5:17:
91:34:19:d3:f2:19:93:32:c4:84:ba:1a:40:69:1f:
64:1d:ea:e7:e4:4b:7b:27:e5:41:c5:73:a1:8a:58:
89:af:a0:18:ec:8c:78:5c:58:b4:05:c9:6d:f7:4e:
74:7a:83:13:0b:5a:af:59:ce:4f:84:40:e6:69:a7:
8e:b7:1e:24:15:7b:6a:57:01:92:02:77:94:a7:ec:
53:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3E:A3:F7:12:2B:DC:45:2C:B9:C8:11:FA:E2:69:73:A3:E3:2C:4B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/3j6j9xIr3EUsucgR-uJpc6PjLEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
Signature Algorithm: sha256WithRSAEncryption
19:ee:51:52:39:32:75:ab:74:c5:0f:ea:4c:ae:db:dd:6e:9d:
40:88:ac:04:bc:be:27:4d:f6:a0:1d:cb:2e:01:c0:19:e0:28:
16:9d:a6:6d:26:94:c8:4d:ed:4d:76:7b:f0:4c:7a:2e:84:17:
7f:33:97:c4:b4:b8:41:24:1b:28:ce:dd:4c:0c:c8:44:50:5e:
f3:01:3b:b3:d6:03:d0:9b:a8:e7:02:0a:95:f8:a3:96:6d:be:
61:b4:84:d6:b6:17:c9:9a:84:18:6b:49:b0:ed:29:0e:fe:fd:
43:fd:6a:f4:84:fc:bd:af:33:9a:31:c9:8b:48:78:b1:bd:3d:
5c:42:8a:5d:25:93:6d:b1:4e:2a:aa:13:9d:ce:2a:e4:0b:4f:
98:7d:74:10:e2:fc:6e:99:f6:6b:d9:31:bc:e5:e0:33:d3:d2:
d4:ce:59:18:07:fd:74:46:3c:fa:49:e5:84:d6:30:77:8d:2f:
b9:4c:d0:40:c6:c9:6c:ba:74:15:7d:66:dc:e8:1b:dd:77:53:
78:d1:c6:51:4e:50:29:0f:b6:7d:d6:e8:fd:dc:01:38:03:fe:
4e:11:9a:ea:61:5c:e5:c8:43:96:c5:4d:a0:97:bf:5c:63:1d:
0d:76:76:83:77:e4:c8:08:a6:ed:7b:7e:40:b7:f9:aa:b3:82:
96:db:15:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3BSPtUvZ0SReFxEvmLL1ZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjE5MTIxMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNlYTNmNzEyMmJkYzQ1MmNiOWM4MTFmYWUyNjk3M2EzZTMyYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPBinpKp71IsHJtic42eKcUaEP8U
ACI1L2OoqYtpEuC65TxVMuoJauzqfUxgzw3D7/PsGt+s4hD9j9k0ELFooBcVF+f3
4gXUTylixHphs7pNn1uyJrd94A8xJq8GmJhxhZnlvtAiiOqgm3abVHHOTljSGe08
YTcbapyNQkXcKmZ+0XeraDtF2gKoBBw7uRBrx00k6zc5aH+s3hwshHzQjBJhE+C7
dDB47fP8iOWFmnCrpReRNBnT8hmTMsSEuhpAaR9kHern5Et7J+VBxXOhiliJr6AY
7Ix4XFi0Bclt9050eoMTC1qvWc5PhEDmaaeOtx4kFXtqVwGSAneUp+xT2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4+o/cSK9xFLLnIEfriaXOj4yxLMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvM2o2ajl4SXIzRVVzdWNnUi11SnBjNlBqTEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSLYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ7lFSOTJ1q3TFD+pMrtvdbp1AiKwEvL4nTfagHcsu
AcAZ4CgWnaZtJpTITe1NdnvwTHouhBd/M5fEtLhBJBsozt1MDMhEUF7zATuz1gPQ
m6jnAgqV+KOWbb5htITWthfJmoQYa0mw7SkO/v1D/Wr0hPy9rzOaMcmLSHixvT1c
QopdJZNtsU4qqhOdzirkC0+YfXQQ4vxumfZr2TG85eAz09LUzlkYB/10Rjz6SeWE
1jB3jS+5TNBAxslsunQVfWbc6Bvdd1N40cZRTlApD7Z91uj93AE4A/5OEZrqYVzl
yEOWxU2gl79cYx0NdnaDd+TICKbte35At/mqs4KW2xUZ
-----END CERTIFICATE-----
Generated at Fri Feb 23 16:26:44 2024 by rpki-client on console-ams.rpki-client.org