Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/5YOEAn5KGVSzJooWk4JBnT9lgdM.roa
File: 5YOEAn5KGVSzJooWk4JBnT9lgdM.roa (raw, json)
Hash identifier: NzhIPLkhT+cztksFI03vycecWNeWqFr3JyqQwrOzDQE=
Subject key identifier: E5:83:84:02:7E:4A:19:54:B3:26:8A:16:93:82:41:9D:3F:65:81:D3
Certificate issuer: /CN=cc6532649a6aef4714841b9c8f54660d889b0629
Certificate serial: 01856E5D50E5A7031FCA3D7B5CE856BDB6F5
Authority key identifier: CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/5YOEAn5KGVSzJooWk4JBnT9lgdM.roa
Signing time: Sun 01 Jan 2023 17:24:47 +0000
ROA not before: Sun 01 Jan 2023 17:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15983
IP address blocks: 195.234.145.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:50:e5:a7:03:1f:ca:3d:7b:5c:e8:56:bd:b6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6532649a6aef4714841b9c8f54660d889b0629
Validity
Not Before: Jan 1 17:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e58384027e4a1954b3268a169382419d3f6581d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c8:9d:ad:45:86:1c:04:b4:0f:39:83:39:fa:
6f:8b:a9:b6:28:b0:60:02:d0:36:51:ee:ef:5a:f5:
bb:12:da:b3:10:b0:10:48:90:8a:df:21:09:2b:f7:
9d:1e:c1:29:f2:59:5d:10:2d:51:3a:1d:51:d2:d5:
ba:77:fc:a2:a2:b3:7c:62:dd:ec:22:3b:9e:4d:a7:
42:a4:2c:29:a4:af:7e:06:d2:24:07:a0:8c:cb:a5:
7d:f0:8f:81:7e:76:92:3e:5d:f8:5d:32:c3:bc:26:
ee:a4:0d:64:dc:8f:28:f8:79:a9:49:48:b6:f5:2d:
68:14:c0:51:12:e9:0c:ac:60:d4:5a:46:e9:33:f9:
4e:c8:72:c6:0e:d6:d4:ae:48:3a:57:6a:1a:2a:d8:
09:29:a2:47:f2:23:7b:b6:3b:16:4a:c8:9f:4b:18:
ec:09:76:bf:e2:01:0f:ad:22:b2:cb:55:bd:23:da:
0a:e1:a3:e3:62:99:94:bc:2a:0e:a2:94:92:f0:4f:
0a:34:1b:bc:48:11:61:5e:35:44:30:28:f9:3a:e5:
08:be:ef:86:0c:a4:f0:5d:16:2d:a4:c5:83:88:37:
d8:ec:9e:4e:97:d6:29:6e:19:7b:d4:0b:8a:cc:23:
ed:9c:c9:0d:63:87:58:6e:8d:48:37:cb:0d:97:89:
1e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:83:84:02:7E:4A:19:54:B3:26:8A:16:93:82:41:9D:3F:65:81:D3
X509v3 Authority Key Identifier:
keyid:CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/5YOEAn5KGVSzJooWk4JBnT9lgdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.145.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:0a:3a:53:db:c6:93:dd:90:ff:d8:85:87:05:21:47:5a:44:
10:97:ed:ea:20:d2:1a:5c:dc:1d:fe:89:23:23:8e:84:fb:89:
ee:44:5f:01:fb:dc:7f:cf:ca:0a:8d:f0:68:f5:9a:27:f4:3a:
be:b9:97:a3:38:6a:46:67:07:1b:2c:c4:7d:dc:47:b5:ac:d6:
5b:58:33:21:52:6b:ba:d4:e5:58:a4:6a:20:af:89:f0:d9:e6:
84:f8:19:74:71:5c:9f:c4:45:22:d3:b1:c5:db:0d:d9:5d:8a:
73:f2:c2:7b:dd:76:23:e7:0e:12:20:61:3f:38:a6:ab:4a:33:
6e:0f:51:be:41:67:fc:26:e7:1f:99:ed:af:b5:ff:34:3d:25:
f3:4e:5c:66:5e:a7:5c:ec:a4:6e:a2:31:7b:0c:1c:bb:0c:db:
12:1a:ca:ec:76:95:33:36:09:4d:da:f4:01:b0:a4:47:aa:b1:
47:e2:3b:c9:03:81:d2:19:19:50:11:4b:f9:1a:5e:64:d2:55:
10:3f:46:1a:fe:57:61:c9:27:77:b1:45:e6:d8:ad:a9:67:f3:
65:63:ad:ab:18:31:7a:2b:f5:a7:ea:9d:7a:3f:93:f6:ba:c1:
0b:12:78:df:bd:4d:18:ea:7b:9e:52:89:22:4d:dc:d2:7c:05:
ce:12:26:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVDlpwMfyj17XOhWvbb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjUzMjY0OWE2YWVmNDcxNDg0MWI5YzhmNTQ2NjBkODg5
YjA2MjkwHhcNMjMwMTAxMTcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTgzODQwMjdlNGExOTU0YjMyNjhhMTY5MzgyNDE5ZDNmNjU4MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisidrUWGHAS0DzmDOfpvi6m2KLBg
AtA2Ue7vWvW7EtqzELAQSJCK3yEJK/edHsEp8lldEC1ROh1R0tW6d/yiorN8Yt3s
IjueTadCpCwppK9+BtIkB6CMy6V98I+BfnaSPl34XTLDvCbupA1k3I8o+HmpSUi2
9S1oFMBREukMrGDUWkbpM/lOyHLGDtbUrkg6V2oaKtgJKaJH8iN7tjsWSsifSxjs
CXa/4gEPrSKyy1W9I9oK4aPjYpmUvCoOopSS8E8KNBu8SBFhXjVEMCj5OuUIvu+G
DKTwXRYtpMWDiDfY7J5Ol9Ypbhl71AuKzCPtnMkNY4dYbo1IN8sNl4keUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWDhAJ+ShlUsyaKFpOCQZ0/ZYHTMB8GA1UdIwQY
MBaAFMxlMmSaau9HFIQbnI9UZg2ImwYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2Mt
NjQ4ZjUwMWFmYWU1LzEvNVlPRUFuNUtHVlN6Sm9vV2s0SkJuVDlsZ2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2MtNjQ4ZjUwMWFmYWU1
LzEvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qRMA0G
CSqGSIb3DQEBCwUAA4IBAQCsCjpT28aT3ZD/2IWHBSFHWkQQl+3qINIaXNwd/okj
I46E+4nuRF8B+9x/z8oKjfBo9Zon9Dq+uZejOGpGZwcbLMR93Ee1rNZbWDMhUmu6
1OVYpGogr4nw2eaE+Bl0cVyfxEUi07HF2w3ZXYpz8sJ73XYj5w4SIGE/OKarSjNu
D1G+QWf8Jucfme2vtf80PSXzTlxmXqdc7KRuojF7DBy7DNsSGsrsdpUzNglN2vQB
sKRHqrFH4jvJA4HSGRlQEUv5Gl5k0lUQP0Ya/ldhySd3sUXm2K2pZ/NlY62rGDF6
K/Wn6p16P5P2usELEnjfvU0Y6nueUokiTdzSfAXOEiah
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:34 2024 by rpki-client on console-ams.rpki-client.org