Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tai5jhW3iqm5MBFUta6vayNpd20.roa
File: tai5jhW3iqm5MBFUta6vayNpd20.roa (raw, json)
Hash identifier: flQiabNeBjjAf3jfOwW77RoID/H0GlbnkHqpEfRKu10=
Subject key identifier: B5:A8:B9:8E:15:B7:8A:A9:B9:30:11:54:B5:AE:AF:6B:23:69:77:6D
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26D7F775D9BF519F1C1C6F4ED6F574
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tai5jhW3iqm5MBFUta6vayNpd20.roa
Signing time: Sun 01 Jan 2023 21:04:54 +0000
ROA not before: Sun 01 Jan 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28753
IP address blocks: 37.1.192.0/21 maxlen: 21
5.61.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d7:f7:75:d9:bf:51:9f:1c:1c:6f:4e:d6:f5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a8b98e15b78aa9b9301154b5aeaf6b2369776d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:4d:dd:26:31:34:d9:a6:0a:39:13:60:3b:
fe:89:94:09:1f:d6:65:19:c1:51:6e:d1:2c:f3:45:
aa:11:2a:7f:7b:85:03:00:4b:88:d6:ba:4d:1e:cd:
9d:e9:eb:9f:48:e1:2b:d2:e4:31:e0:5c:0b:69:54:
57:dd:0b:f3:9e:46:0a:e1:7d:d0:c8:e4:1b:aa:53:
39:0c:cf:82:8d:6a:fa:6e:e7:b3:a5:b0:0c:5c:da:
43:cf:7f:ee:bf:eb:ea:bc:73:9f:c5:3e:56:dd:a9:
6c:d5:77:04:ab:8a:19:45:9d:ca:88:3f:10:80:9a:
6e:04:6a:a8:05:45:72:45:08:b5:e6:a0:54:bf:cd:
b5:cd:7a:8c:a2:62:d4:5f:e9:c2:fd:fc:64:2e:88:
aa:d2:0f:ee:63:f9:4a:12:70:fe:c8:6d:2b:a9:f1:
50:78:21:c2:03:88:06:0b:e4:4d:56:79:06:99:78:
27:e4:9e:5c:5c:4a:55:48:85:0c:17:81:7a:d0:47:
c7:cf:99:08:95:b8:55:47:3b:36:a6:0d:03:2c:5d:
93:c9:46:d3:7e:fb:57:a0:0f:f6:4f:9c:96:27:e1:
28:9e:60:33:e0:33:b2:5a:d3:18:55:af:22:26:7a:
67:5b:8c:41:ce:92:ac:b5:85:51:cf:1e:2c:9e:36:
e5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A8:B9:8E:15:B7:8A:A9:B9:30:11:54:B5:AE:AF:6B:23:69:77:6D
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tai5jhW3iqm5MBFUta6vayNpd20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.32.0/20
37.1.192.0/21
Signature Algorithm: sha256WithRSAEncryption
08:59:f2:ca:46:83:9d:cf:cf:e1:18:80:80:cd:a3:8b:a3:54:
2f:0b:cb:45:25:2e:9c:88:a0:1b:25:21:bd:79:43:bd:66:36:
e3:a2:c2:22:a3:74:b3:65:b4:48:75:48:2b:3b:67:d5:e3:19:
3e:de:da:2b:94:b8:da:1b:2e:5e:4f:1c:8f:59:6d:05:c4:30:
61:46:25:d5:ae:2d:b1:45:37:87:ac:47:2a:a3:cd:d1:75:9b:
ed:89:97:48:a8:fb:51:da:87:9e:40:0d:f3:18:83:29:d6:8b:
7a:60:c0:4a:90:ad:83:a8:ad:b0:df:5c:ed:1b:10:52:de:33:
7e:77:4c:b4:08:ce:0e:65:74:70:24:7b:96:ff:2e:41:d6:68:
76:33:b5:12:50:64:58:40:70:9f:1a:b3:92:70:47:e1:4f:9c:
2d:ab:9f:0c:f5:29:d9:02:79:41:02:5e:d3:80:f9:74:68:9b:
64:24:d1:34:3d:73:76:87:fb:57:86:95:67:e0:43:08:9f:da:
41:25:10:73:01:22:ca:dc:14:ea:8b:07:f1:45:19:95:cd:7f:
c8:65:d6:a4:95:30:a2:7b:61:38:c0:00:d9:4d:0a:00:0e:ba:
a6:5e:75:32:de:b9:4c:50:53:54:75:14:70:da:a1:3e:c8:50:
da:17:df:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJtf3ddm/UZ8cHG9O1vV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE4Yjk4ZTE1Yjc4YWE5YjkzMDExNTRiNWFlYWY2YjIzNjk3NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRhN3SYxNNmmCjkTYDv+iZQJH9Zl
GcFRbtEs80WqESp/e4UDAEuI1rpNHs2d6eufSOEr0uQx4FwLaVRX3QvznkYK4X3Q
yOQbqlM5DM+CjWr6buezpbAMXNpDz3/uv+vqvHOfxT5W3als1XcEq4oZRZ3KiD8Q
gJpuBGqoBUVyRQi15qBUv821zXqMomLUX+nC/fxkLoiq0g/uY/lKEnD+yG0rqfFQ
eCHCA4gGC+RNVnkGmXgn5J5cXEpVSIUMF4F60EfHz5kIlbhVRzs2pg0DLF2TyUbT
fvtXoA/2T5yWJ+EonmAz4DOyWtMYVa8iJnpnW4xBzpKstYVRzx4snjblGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLWouY4Vt4qpuTARVLWur2sjaXdtMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvdGFpNWpoVzNpcW01TUJGVXRhNnZheU5wZDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBT0gAwQD
JQHAMA0GCSqGSIb3DQEBCwUAA4IBAQAIWfLKRoOdz8/hGICAzaOLo1QvC8tFJS6c
iKAbJSG9eUO9ZjbjosIio3SzZbRIdUgrO2fV4xk+3torlLjaGy5eTxyPWW0FxDBh
RiXVri2xRTeHrEcqo83RdZvtiZdIqPtR2oeeQA3zGIMp1ot6YMBKkK2DqK2w31zt
GxBS3jN+d0y0CM4OZXRwJHuW/y5B1mh2M7USUGRYQHCfGrOScEfhT5wtq58M9SnZ
AnlBAl7TgPl0aJtkJNE0PXN2h/tXhpVn4EMIn9pBJRBzASLK3BTqiwfxRRmVzX/I
ZdaklTCie2E4wADZTQoADrqmXnUy3rlMUFNUdRRw2qE+yFDaF9+f
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:59 2024 by rpki-client on console-fra.rpki-client.org