Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/sp5CkGWlTwGvNnn1pTNJZnAlWGs.roa
File: sp5CkGWlTwGvNnn1pTNJZnAlWGs.roa (raw, json)
Hash identifier: RZB8bOusvpYzJzynfs+qPLvcWyg2ilK6bLSdvgEP+tc=
Subject key identifier: B2:9E:42:90:65:A5:4F:01:AF:36:79:F5:A5:33:49:66:70:25:58:6B
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139CC66D9BAD164D063B8A5524E02EB
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/sp5CkGWlTwGvNnn1pTNJZnAlWGs.roa
Signing time: Mon 02 Jan 2023 06:44:51 +0000
ROA not before: Mon 02 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48555
IP address blocks: 194.225.240.0/21 maxlen: 24
194.225.248.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:cc:66:d9:ba:d1:64:d0:63:b8:a5:52:4e:02:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b29e429065a54f01af3679f5a53349667025586b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:ff:85:dc:dd:ae:04:d7:1f:64:cc:34:31:
55:8b:7d:0e:88:17:d1:64:cc:3f:df:cf:ab:26:dd:
b2:c7:f6:88:54:7e:50:e1:19:8a:c3:c6:8a:a2:51:
bf:ed:ea:c6:81:6e:ca:56:2c:81:79:04:67:9a:d8:
8f:e6:27:d5:cb:58:cc:e8:d1:53:00:f9:1a:92:20:
f5:7b:a0:c0:d0:50:a2:1b:2e:39:de:e8:04:f6:4d:
eb:dc:63:2b:2d:cc:60:fb:e3:85:bd:a8:a8:3f:4d:
18:52:ee:1b:9d:67:d0:73:75:b9:c9:35:5a:ef:ea:
90:60:5d:18:0a:8a:9a:38:0a:c1:4f:d8:85:c2:46:
0a:02:e9:49:55:5b:6f:2b:0b:9a:27:37:d9:fd:c0:
29:7d:d7:f9:0f:b5:c0:4d:75:06:4e:2d:52:29:88:
3a:06:f1:3e:d5:b0:95:ee:18:fd:03:f8:89:1e:cb:
5e:44:67:47:d7:ef:d3:ae:df:6d:d5:42:39:96:52:
2e:f0:2d:16:92:3f:7f:04:b8:58:6d:f8:2b:f1:2d:
12:0b:5d:8f:81:ae:0d:81:be:b5:92:39:a1:12:0a:
00:df:74:22:6d:86:41:e1:d2:e0:50:4e:a1:73:c7:
7e:c2:42:ca:27:51:e8:a6:5e:91:1a:f3:7f:e6:37:
83:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9E:42:90:65:A5:4F:01:AF:36:79:F5:A5:33:49:66:70:25:58:6B
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/sp5CkGWlTwGvNnn1pTNJZnAlWGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.225.240.0-194.225.251.255
Signature Algorithm: sha256WithRSAEncryption
1a:f4:2e:f9:40:f2:96:7d:e1:43:0c:cf:9f:e3:10:18:4c:77:
16:c7:0e:8e:9d:0c:8c:7d:5f:b4:f6:34:e6:75:b9:71:2c:8f:
89:f8:f4:80:3c:06:b6:4f:90:b6:35:06:24:12:0d:56:54:ec:
6f:90:e8:b9:e7:f2:b4:a4:78:fa:12:ca:8f:54:eb:b4:5b:ea:
74:d7:b3:1a:68:98:35:f7:6b:2f:54:ec:52:e3:e0:da:11:6b:
d0:bc:75:5b:3d:4f:ea:e9:0f:d5:9a:85:18:b9:dc:9a:df:8c:
0e:8e:c7:de:6b:42:cc:51:90:60:3c:65:ad:d7:c9:3a:7f:5b:
a2:61:93:f1:56:2f:b2:cf:65:54:d1:fe:4b:96:82:42:ae:79:
a1:ff:06:8b:d5:c8:40:ce:6b:ae:58:6a:f2:d6:53:9f:9d:e9:
38:57:0a:4e:82:2d:2e:29:f0:34:1e:1d:5d:a6:eb:84:9d:40:
ee:86:46:f5:ad:eb:a3:db:14:41:a8:7b:f8:29:9c:b2:2f:d9:
45:b4:e7:d3:54:e0:b5:38:90:00:8a:76:97:eb:ad:d4:89:42:
a3:f0:e9:a0:eb:36:30:91:6a:e9:1c:aa:a2:bf:e4:2c:ef:30:
de:fc:68:c7:22:7f:38:f4:fe:5f:c1:aa:e1:0b:7f:32:5c:c0:
74:f8:0a:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxOcxm2brRZNBjuKVSTgLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjllNDI5MDY1YTU0ZjAxYWYzNjc5ZjVhNTMzNDk2NjcwMjU1ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhz/hdzdrgTXH2TMNDFVi30OiBfR
ZMw/38+rJt2yx/aIVH5Q4RmKw8aKolG/7erGgW7KViyBeQRnmtiP5ifVy1jM6NFT
APkakiD1e6DA0FCiGy453ugE9k3r3GMrLcxg++OFvaioP00YUu4bnWfQc3W5yTVa
7+qQYF0YCoqaOArBT9iFwkYKAulJVVtvKwuaJzfZ/cApfdf5D7XATXUGTi1SKYg6
BvE+1bCV7hj9A/iJHsteRGdH1+/Trt9t1UI5llIu8C0Wkj9/BLhYbfgr8S0SC12P
ga4Ngb61kjmhEgoA33QibYZB4dLgUE6hc8d+wkLKJ1Hopl6RGvN/5jeDjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLKeQpBlpU8BrzZ59aUzSWZwJVhrMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvc3A1Q2tHV2xUd0d2Tm5uMXBUTkpabkFsV0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATC4fAD
BALC4fgwDQYJKoZIhvcNAQELBQADggEBABr0LvlA8pZ94UMMz5/jEBhMdxbHDo6d
DIx9X7T2NOZ1uXEsj4n49IA8BrZPkLY1BiQSDVZU7G+Q6Lnn8rSkePoSyo9U67Rb
6nTXsxpomDX3ay9U7FLj4NoRa9C8dVs9T+rpD9WahRi53JrfjA6Ox95rQsxRkGA8
Za3XyTp/W6Jhk/FWL7LPZVTR/kuWgkKueaH/BovVyEDOa65YavLWU5+d6ThXCk6C
LS4p8DQeHV2m64SdQO6GRvWt66PbFEGoe/gpnLIv2UW059NU4LU4kACKdpfrrdSJ
QqPw6aDrNjCRaukcqqK/5CzvMN78aMcifzj0/l/BquELfzJcwHT4Crk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:42 2024 by rpki-client on console-ams.rpki-client.org