Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/2k8MR2IMMuFqV1o3-VEPMePL2CQ.roa
File: 2k8MR2IMMuFqV1o3-VEPMePL2CQ.roa (raw, json)
Hash identifier: Qm1R4kQU3DG12KhclbeeBd6VF++faagvx3gJpMJLwG4=
Subject key identifier: DA:4F:0C:47:62:0C:32:E1:6A:57:5A:37:F9:51:0F:31:E3:CB:D8:24
Certificate issuer: /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial: 018CB7DEC1B9324B625DB1E5165ADC9A7D3B
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/2k8MR2IMMuFqV1o3-VEPMePL2CQ.roa
Signing time: Fri 29 Dec 2023 23:17:58 +0000
ROA not before: Fri 29 Dec 2023 23:17:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58299
IP address blocks: 5.226.144.0/21 maxlen: 24
5.226.151.0/24 maxlen: 24
2a00:6340::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b7:de:c1:b9:32:4b:62:5d:b1:e5:16:5a:dc:9a:7d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Validity
Not Before: Dec 29 23:17:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da4f0c47620c32e16a575a37f9510f31e3cbd824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:87:9f:b2:09:98:d6:26:51:1e:85:d8:05:3e:
7b:5f:aa:c5:2b:55:63:15:d7:fe:a6:ac:ee:63:b9:
bd:05:61:0f:6c:99:71:dc:9b:b5:af:f7:28:9f:68:
3a:a3:5a:9e:a9:11:78:24:14:38:cc:1b:02:3a:81:
42:e4:06:aa:80:19:19:ab:ac:dd:13:37:b2:b1:d2:
1c:d1:6d:8c:a8:fc:37:89:f7:19:c5:4f:fc:41:ef:
e4:10:9a:30:16:56:91:af:98:1c:2e:bc:97:4f:f5:
9c:6d:b7:c4:9c:79:35:8e:c6:d4:38:0c:bf:9c:d1:
df:96:91:b3:c2:4d:c2:67:3e:c3:56:e8:da:29:91:
4d:cc:0f:22:1a:ef:95:58:ff:2d:e3:a8:d9:f0:5c:
60:b3:38:37:0c:ad:16:54:eb:9d:da:1e:c5:9f:55:
1c:9e:57:4f:d4:8a:e9:7d:10:6e:f3:cc:42:46:1d:
26:b2:eb:ea:5e:28:f5:26:06:bc:32:65:1c:e2:d8:
d7:df:26:21:0e:73:49:92:b6:67:fd:da:28:d5:28:
ac:8e:1f:dd:cd:5e:5c:47:f5:9a:b9:5a:0d:80:54:
d8:f9:23:63:b4:16:f2:a1:65:ad:77:1d:b6:14:07:
78:ce:32:9f:9d:cf:f0:9e:d7:55:41:e3:ed:1d:e8:
a1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4F:0C:47:62:0C:32:E1:6A:57:5A:37:F9:51:0F:31:E3:CB:D8:24
X509v3 Authority Key Identifier:
keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/2k8MR2IMMuFqV1o3-VEPMePL2CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.144.0/21
IPv6:
2a00:6340::/32
Signature Algorithm: sha256WithRSAEncryption
96:e9:4a:55:e4:7c:01:05:75:d1:05:be:3c:7b:9c:7d:1e:f2:
7b:08:47:0f:92:ea:39:28:02:df:2b:26:56:df:db:61:be:30:
30:29:13:68:fb:f2:5f:7a:b8:09:3d:87:7c:24:70:ce:5e:b1:
7a:d5:d7:de:ba:fa:44:4b:8d:fc:bf:80:51:6a:66:1d:56:7e:
4d:81:47:97:1d:26:a6:39:11:df:79:1b:5b:66:5b:85:2d:a3:
7e:b1:0b:5b:47:e1:e4:d6:cf:50:d6:cc:65:2e:f1:3f:58:5c:
aa:2d:eb:97:04:4d:3c:42:c0:6f:67:dd:2a:10:1f:c6:89:68:
5e:22:9f:09:ea:7a:9d:2f:8b:b4:4e:71:77:6e:88:2d:64:18:
46:f8:05:7d:47:04:ac:df:e7:1e:4b:d8:7b:94:23:21:5d:bb:
13:a8:72:e3:cc:b5:2a:73:96:a0:4a:6a:d3:de:25:45:ec:5d:
63:45:f1:14:e8:8e:4a:85:50:f1:f8:2f:87:76:bd:d3:eb:6a:
72:36:57:b5:27:84:a4:28:79:af:b3:a3:1f:b1:23:92:b7:28:
04:35:00:e7:61:20:44:fc:84:00:bc:ed:b1:f1:09:cd:df:e0:
01:9c:05:59:a3:ba:d4:58:a4:c1:c8:10:87:bc:1f:ed:a8:aa:
5e:67:4d:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYy33sG5MktiXbHlFlrcmn07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOTc1ZDVkYTlkYThhMDc0YjMzZmJjYjVjMDlkNTAzYTNi
NDQzYTEwHhcNMjMxMjI5MjMxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRmMGM0NzYyMGMzMmUxNmE1NzVhMzdmOTUxMGYzMWUzY2JkODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoefsgmY1iZRHoXYBT57X6rFK1Vj
Fdf+pqzuY7m9BWEPbJlx3Ju1r/con2g6o1qeqRF4JBQ4zBsCOoFC5AaqgBkZq6zd
EzeysdIc0W2MqPw3ifcZxU/8Qe/kEJowFlaRr5gcLryXT/WcbbfEnHk1jsbUOAy/
nNHflpGzwk3CZz7DVujaKZFNzA8iGu+VWP8t46jZ8Fxgszg3DK0WVOud2h7Fn1Uc
nldP1IrpfRBu88xCRh0msuvqXij1Jga8MmUc4tjX3yYhDnNJkrZn/doo1Sisjh/d
zV5cR/WauVoNgFTY+SNjtBbyoWWtdx22FAd4zjKfnc/wntdVQePtHeihyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNpPDEdiDDLhaldaN/lRDzHjy9gkMB8GA1UdIwQY
MBaAFHOXXV2p2ooHSzP7y1wJ1QOjtEOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYt
OWU4MGQwZDg3YzJkLzEvMms4TVIySU1NdUZxVjFvMy1WRVBNZVBMMkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYtOWU4MGQwZDg3YzJk
LzEvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBeKQMA0E
AgACMAcDBQAqAGNAMA0GCSqGSIb3DQEBCwUAA4IBAQCW6UpV5HwBBXXRBb48e5x9
HvJ7CEcPkuo5KALfKyZW39thvjAwKRNo+/JfergJPYd8JHDOXrF61dfeuvpES438
v4BRamYdVn5NgUeXHSamORHfeRtbZluFLaN+sQtbR+Hk1s9Q1sxlLvE/WFyqLeuX
BE08QsBvZ90qEB/GiWheIp8J6nqdL4u0TnF3bogtZBhG+AV9RwSs3+ceS9h7lCMh
XbsTqHLjzLUqc5agSmrT3iVF7F1jRfEU6I5KhVDx+C+Hdr3T62pyNle1J4SkKHmv
s6MfsSOStygENQDnYSBE/IQAvO2x8QnN3+ABnAVZo7rUWKTByBCHvB/tqKpeZ014
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:55 2024 by rpki-client on console-ams.rpki-client.org