Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Y8SnZfVK0-olOgnwROa6bqhJrGQ.roa
File: Y8SnZfVK0-olOgnwROa6bqhJrGQ.roa (raw, json)
Hash identifier: 0mFHDgTkREjWvkt7jm0mNtXuS4bd9pMsDmkrol/Sudw=
Subject key identifier: 63:C4:A7:65:F5:4A:D3:EA:25:3A:09:F0:44:E6:BA:6E:A8:49:AC:64
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 018572558A2FB75D8B3BD0A0DECF589CA8BA
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Y8SnZfVK0-olOgnwROa6bqhJrGQ.roa
Signing time: Mon 02 Jan 2023 11:54:46 +0000
ROA not before: Mon 02 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60119
IP address blocks: 5.129.177.0/24 maxlen: 24
5.129.176.0/22 maxlen: 22
5.129.176.0/24 maxlen: 24
5.129.179.0/24 maxlen: 24
5.129.178.0/24 maxlen: 24
5.129.183.0/24 maxlen: 24
5.129.182.0/23 maxlen: 23
5.129.182.0/24 maxlen: 24
5.129.191.0/24 maxlen: 24
5.129.190.0/24 maxlen: 24
5.129.189.0/24 maxlen: 24
5.129.188.0/22 maxlen: 22
5.129.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:8a:2f:b7:5d:8b:3b:d0:a0:de:cf:58:9c:a8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 2 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63c4a765f54ad3ea253a09f044e6ba6ea849ac64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:48:63:1f:17:b9:8e:79:31:a5:00:8d:0d:
2d:ec:8e:4d:45:90:de:97:38:6a:68:ca:21:a4:6e:
28:64:20:44:c8:62:b2:30:03:62:59:cb:25:05:e8:
61:b8:dc:01:e5:7a:89:9a:39:c6:79:2f:e1:33:ab:
04:02:d4:dd:69:88:2f:8a:26:2d:19:7b:8a:be:10:
99:0d:f2:db:52:13:29:3c:35:96:2f:fc:6b:20:63:
4f:c2:39:24:91:73:7e:05:d3:56:55:fc:56:e1:35:
f3:a8:58:50:c0:c0:e7:43:20:f5:2f:dd:11:74:80:
61:53:0a:43:e0:47:a5:4d:bf:8c:7d:9b:a1:ca:ae:
6e:13:e0:e9:59:fc:41:7b:4a:16:8d:7c:bf:0c:61:
c0:b0:eb:ea:7e:a4:0e:e6:df:1c:a4:36:5c:93:b9:
5a:94:c2:25:4b:1b:44:7d:b7:e2:fd:84:4c:6e:71:
59:cc:44:d1:4c:ad:3a:06:56:c9:03:a8:20:b2:91:
18:a1:85:72:65:fb:8f:a4:59:a0:e0:83:8d:eb:fe:
0f:77:72:8a:7c:78:ab:e5:24:2c:a0:8f:d7:fb:3d:
3f:52:a8:7c:0c:83:3e:d5:37:8c:4d:63:24:a0:a2:
14:1d:12:74:c3:2f:6a:eb:e3:31:49:93:2c:03:da:
bb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C4:A7:65:F5:4A:D3:EA:25:3A:09:F0:44:E6:BA:6E:A8:49:AC:64
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Y8SnZfVK0-olOgnwROa6bqhJrGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.176.0/22
5.129.182.0/23
5.129.188.0/22
Signature Algorithm: sha256WithRSAEncryption
53:d1:0b:88:70:98:ab:e5:9b:e0:30:22:ff:7a:9e:7e:77:c5:
8f:88:0a:d6:3d:0d:a0:d7:d8:ce:d0:8d:33:74:29:33:24:0c:
32:bd:3f:62:44:df:d6:10:4b:87:e4:bf:6f:71:59:00:e0:ab:
5e:02:29:10:cd:a3:d7:4a:52:b6:00:d9:f1:6d:b8:03:27:98:
88:ff:6c:7e:8e:e4:89:7c:55:5d:0b:80:0a:cf:be:ee:bb:67:
61:47:3a:77:6d:43:62:e2:00:84:8c:3c:ee:71:e2:ac:cd:b6:
08:3b:a0:8f:20:e6:bf:4f:6c:94:3f:79:7c:7e:33:86:14:40:
26:8b:1c:4b:7b:e6:13:7b:80:24:62:e5:dc:11:b0:05:fe:cc:
2e:d1:26:81:a0:80:05:c5:3b:74:e6:d4:e8:b5:5d:94:c4:a2:
7c:0a:56:4e:c7:15:5f:9b:3d:76:6e:c5:e6:d0:e8:7a:f4:a9:
87:3a:d2:7b:4b:32:64:34:80:39:8e:eb:e4:42:82:b9:5e:4d:
1e:13:41:df:df:07:ac:62:b8:19:b2:f9:04:1c:ae:8e:e8:17:
94:7b:84:36:ef:40:06:1f:82:01:a2:92:67:c8:e0:7c:c2:24:
69:96:07:b9:de:ea:97:06:cb:d8:e5:1d:e5:e2:45:51:f7:e8:
64:0f:17:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyVYovt12LO9Cg3s9YnKi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjMwMTAyMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M0YTc2NWY1NGFkM2VhMjUzYTA5ZjA0NGU2YmE2ZWE4NDlhYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1VIYx8XuY55MaUAjQ0t7I5NRZDe
lzhqaMohpG4oZCBEyGKyMANiWcslBehhuNwB5XqJmjnGeS/hM6sEAtTdaYgviiYt
GXuKvhCZDfLbUhMpPDWWL/xrIGNPwjkkkXN+BdNWVfxW4TXzqFhQwMDnQyD1L90R
dIBhUwpD4EelTb+MfZuhyq5uE+DpWfxBe0oWjXy/DGHAsOvqfqQO5t8cpDZck7la
lMIlSxtEfbfi/YRMbnFZzETRTK06BlbJA6ggspEYoYVyZfuPpFmg4ION6/4Pd3KK
fHir5SQsoI/X+z0/Uqh8DIM+1TeMTWMkoKIUHRJ0wy9q6+MxSZMsA9q7iQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPEp2X1StPqJToJ8ETmum6oSaxkMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvWThTblpmVkswLW9sT2dud1JPYTZicWhKckdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBYGwAwQB
BYG2AwQCBYG8MA0GCSqGSIb3DQEBCwUAA4IBAQBT0QuIcJir5ZvgMCL/ep5+d8WP
iArWPQ2g19jO0I0zdCkzJAwyvT9iRN/WEEuH5L9vcVkA4KteAikQzaPXSlK2ANnx
bbgDJ5iI/2x+juSJfFVdC4AKz77uu2dhRzp3bUNi4gCEjDzuceKszbYIO6CPIOa/
T2yUP3l8fjOGFEAmixxLe+YTe4AkYuXcEbAF/swu0SaBoIAFxTt05tTotV2UxKJ8
ClZOxxVfmz12bsXm0Oh69KmHOtJ7SzJkNIA5juvkQoK5Xk0eE0Hf3wesYrgZsvkE
HK6O6BeUe4Q270AGH4IBopJnyOB8wiRplge53uqXBsvY5R3l4kVR9+hkDxfY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org