Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5VRQzFEgrSnOXxqzGEtllgVFCF0.roa
File: 5VRQzFEgrSnOXxqzGEtllgVFCF0.roa (raw, json)
Hash identifier: lpsZ7a2yY4HeByG+nadcS3XfMCPpJBbpvuk1GVSNiDo=
Subject key identifier: E5:54:50:CC:51:20:AD:29:CE:5F:1A:B3:18:4B:65:96:05:45:08:5D
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018A6A3A1CC48A9029796B1D0CAFD53D6791
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5VRQzFEgrSnOXxqzGEtllgVFCF0.roa
Signing time: Wed 06 Sep 2023 11:21:47 +0000
ROA not before: Wed 06 Sep 2023 11:21:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 85.153.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:3a:1c:c4:8a:90:29:79:6b:1d:0c:af:d5:3d:67:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Sep 6 11:21:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e55450cc5120ad29ce5f1ab3184b65960545085d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:23:cf:46:85:ec:fc:21:6b:57:52:a2:db:
27:03:c0:65:7f:62:b8:17:b4:de:ad:64:be:6e:a1:
21:87:17:b0:cc:0b:42:03:d2:95:be:79:06:9d:f5:
0b:ee:29:95:93:37:f0:3c:b0:25:fd:be:da:00:4c:
4e:b0:e8:10:61:ab:ef:32:7b:0d:47:7d:ed:50:ec:
e5:d6:f2:94:d5:9d:c3:50:4c:3b:c2:9d:74:68:28:
4b:39:ae:b8:24:0c:9c:93:a1:31:11:24:c4:b7:89:
dd:6d:fe:eb:4a:44:eb:9b:4f:23:01:93:8a:5b:ef:
09:c9:ac:b8:c7:76:07:50:ee:43:59:0d:25:da:df:
8e:b2:88:ad:92:4c:c3:40:6f:ce:5c:00:14:87:66:
a0:86:4d:9f:52:00:3a:69:02:a9:0d:e1:b7:9b:1a:
8b:f7:5b:81:60:be:1f:3a:f6:b5:87:f0:65:b6:7f:
6c:e3:5c:63:c7:21:e9:b7:79:eb:21:75:14:df:3b:
d9:40:57:62:8e:3d:3c:1a:77:57:d5:37:01:b9:2f:
d7:c1:57:55:b2:b4:8b:b3:55:1c:dd:2d:6e:af:81:
d3:9c:7f:7b:24:36:9b:a4:95:46:fc:ec:8b:d6:b1:
3f:d4:15:3a:28:c0:7d:61:24:bd:aa:4d:6f:6e:f9:
0b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:54:50:CC:51:20:AD:29:CE:5F:1A:B3:18:4B:65:96:05:45:08:5D
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5VRQzFEgrSnOXxqzGEtllgVFCF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.9.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f2:5f:4b:e1:97:11:c4:c8:d8:37:1a:3f:ae:c4:ba:35:46:
72:7b:39:13:7f:9b:81:03:6d:21:51:ae:cb:76:65:57:9a:fe:
7d:65:09:20:07:00:38:2f:f2:b9:96:79:de:e4:43:87:35:01:
02:c3:8f:05:38:ad:5a:43:4d:ed:39:bb:50:57:1a:9f:47:ab:
a2:4e:49:52:e0:7a:df:97:f6:31:23:88:0a:d8:2f:b1:3f:c9:
e9:5e:4e:a8:62:cf:b6:ca:fc:32:5e:58:93:1b:ce:d6:45:52:
44:b9:56:dc:11:fb:da:c7:bf:46:ef:c7:ac:73:63:b3:b5:8f:
d7:29:ae:4b:df:32:b4:4e:24:a0:f9:6b:e9:ec:fc:8f:b2:24:
f0:af:73:92:c1:c1:0c:bb:0c:16:74:76:4e:e6:94:0f:dd:e6:
d3:ba:af:e2:df:c4:a0:a3:e8:4f:ae:13:f0:91:86:86:97:bb:
3c:c9:13:ff:55:31:ea:9d:c7:cb:f8:d2:7e:44:29:64:9b:27:
c7:7e:b5:4a:63:3b:9e:86:ec:21:92:93:35:d8:2a:63:95:13:
00:94:17:97:50:e2:ad:0d:cc:0b:9e:7b:ef:11:ab:c4:76:ca:
44:82:6b:a0:e9:7d:df:47:c8:39:f4:3b:04:ee:5a:f4:68:4b:
9b:36:5f:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpqOhzEipApeWsdDK/VPWeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwOTA2MTEyMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU0NTBjYzUxMjBhZDI5Y2U1ZjFhYjMxODRiNjU5NjA1NDUwODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUojz0aF7Pwha1dSotsnA8Blf2K4
F7TerWS+bqEhhxewzAtCA9KVvnkGnfUL7imVkzfwPLAl/b7aAExOsOgQYavvMnsN
R33tUOzl1vKU1Z3DUEw7wp10aChLOa64JAyck6ExESTEt4ndbf7rSkTrm08jAZOK
W+8Jyay4x3YHUO5DWQ0l2t+OsoitkkzDQG/OXAAUh2aghk2fUgA6aQKpDeG3mxqL
91uBYL4fOva1h/Bltn9s41xjxyHpt3nrIXUU3zvZQFdijj08GndX1TcBuS/XwVdV
srSLs1Uc3S1ur4HTnH97JDabpJVG/OyL1rE/1BU6KMB9YSS9qk1vbvkL2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVUUMxRIK0pzl8asxhLZZYFRQhdMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvNVZSUXpGRWdyU25PWHhxekdFdGxsZ1ZGQ0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZkJMA0G
CSqGSIb3DQEBCwUAA4IBAQAt8l9L4ZcRxMjYNxo/rsS6NUZyezkTf5uBA20hUa7L
dmVXmv59ZQkgBwA4L/K5lnne5EOHNQECw48FOK1aQ03tObtQVxqfR6uiTklS4Hrf
l/YxI4gK2C+xP8npXk6oYs+2yvwyXliTG87WRVJEuVbcEfvax79G78esc2OztY/X
Ka5L3zK0TiSg+Wvp7PyPsiTwr3OSwcEMuwwWdHZO5pQP3ebTuq/i38Sgo+hPrhPw
kYaGl7s8yRP/VTHqncfL+NJ+RClkmyfHfrVKYzuehuwhkpM12CpjlRMAlBeXUOKt
DcwLnnvvEavEdspEgmug6X3fR8g59DsE7lr0aEubNl9k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org