Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/P8wSlhfSn5nt95cnRqFSXC3nxCs.roa
File: P8wSlhfSn5nt95cnRqFSXC3nxCs.roa (raw, json)
Hash identifier: GE56ycfXYYmFeLoBdO3BNCBmdFOhto9QccQb1wXnl8E=
Subject key identifier: 3F:CC:12:96:17:D2:9F:99:ED:F7:97:27:46:A1:52:5C:2D:E7:C4:2B
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 0191794E07AD2422409845854F504FCAA2F3
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/P8wSlhfSn5nt95cnRqFSXC3nxCs.roa
Signing time: Thu 22 Aug 2024 08:57:22 +0000
ROA not before: Thu 22 Aug 2024 08:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
91.92.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 16:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:4e:07:ad:24:22:40:98:45:85:4f:50:4f:ca:a2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Aug 22 08:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fcc129617d29f99edf7972746a1525c2de7c42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:69:c4:78:a5:85:57:81:3a:50:d8:40:9a:8b:
5f:f1:8a:fa:42:00:6c:1d:96:7b:42:c7:dd:8b:b0:
72:81:be:49:71:11:2c:54:00:be:1d:c9:a7:d2:43:
5f:eb:09:5e:a7:80:b3:7b:c2:64:5d:dc:7c:e8:bc:
31:52:b1:73:13:12:e3:25:d3:d7:98:2b:83:bc:0d:
91:ab:e2:2b:e9:1a:6c:2f:4f:84:81:d7:a1:c9:e0:
6c:7a:67:93:b4:32:67:39:1b:4a:16:7a:67:4f:43:
12:02:6e:7f:9f:99:cf:aa:09:4b:1a:56:d6:ca:b7:
6f:7d:8e:98:f5:c2:34:6f:44:ba:4a:cd:02:10:a3:
79:f5:4e:be:8d:f3:74:05:70:20:a7:e1:a2:cc:bd:
9f:02:9e:38:24:6c:b2:a1:02:1f:59:43:ac:bc:5f:
30:3c:49:f9:44:48:66:f7:bd:de:90:b0:1c:cd:0e:
10:08:8c:8f:a0:38:08:77:81:30:d7:c2:e2:ed:98:
ba:84:49:46:ff:ca:c8:1e:74:c8:fc:b6:7c:e3:ae:
25:08:50:80:ec:de:5c:fa:7e:08:e1:2b:be:19:ce:
d7:fa:60:ce:52:d4:77:2a:f0:e7:75:1a:a6:20:d5:
5c:44:8f:e7:7a:0a:bd:32:cf:2c:ec:9f:c6:32:0f:
66:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CC:12:96:17:D2:9F:99:ED:F7:97:27:46:A1:52:5C:2D:E7:C4:2B
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/P8wSlhfSn5nt95cnRqFSXC3nxCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.61.0/24
5.255.63.0/24
23.252.66.0/24
91.92.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:76:7c:f6:2b:45:f9:46:a0:a1:d9:fe:aa:ba:8a:aa:80:7d:
79:0d:85:f2:52:d1:74:c0:11:85:c6:b4:7d:7e:ab:04:73:19:
e2:5e:85:b2:42:ac:a7:97:c6:1a:d1:7d:7e:27:04:2b:39:50:
12:c1:a1:3c:e1:12:40:64:2e:6c:07:d5:f9:2d:da:e2:62:61:
7e:a4:19:8f:2a:0c:b5:bd:b5:66:4c:d2:63:be:cc:92:43:66:
60:36:13:f3:8f:e3:d1:7e:5f:a7:90:df:b8:86:8a:a9:98:95:
b3:09:19:d3:c5:57:cc:e7:8c:f1:7f:1c:96:2a:f3:d2:7a:c4:
0e:41:39:63:75:8a:23:e9:b5:53:04:59:1d:63:07:f8:66:1d:
5c:df:58:fc:4a:cc:f8:a1:ae:9e:1e:1a:05:e2:de:3b:22:2c:
49:e8:bf:9b:46:25:c4:c5:59:96:b2:ce:18:a7:df:3b:e7:53:
02:d3:cf:8e:4b:2d:1c:c4:49:0b:ff:e3:3d:06:d0:43:18:fa:
73:98:bd:e9:90:36:fd:66:31:28:16:40:2c:31:63:43:6c:61:
c4:42:df:3e:99:e8:ba:66:46:e0:d4:0f:f6:44:76:5b:b7:a4:
8b:c0:cd:f2:59:8c:5b:da:9a:ba:27:2b:88:5e:7c:f6:a3:07:
92:5c:fc:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF5TgetJCJAmEWFT1BPyqLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjQwODIyMDg1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNjMTI5NjE3ZDI5Zjk5ZWRmNzk3Mjc0NmExNTI1YzJkZTdjNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWnEeKWFV4E6UNhAmotf8Yr6QgBs
HZZ7Qsfdi7Bygb5JcREsVAC+Hcmn0kNf6wlep4Cze8JkXdx86LwxUrFzExLjJdPX
mCuDvA2Rq+Ir6RpsL0+EgdehyeBsemeTtDJnORtKFnpnT0MSAm5/n5nPqglLGlbW
yrdvfY6Y9cI0b0S6Ss0CEKN59U6+jfN0BXAgp+GizL2fAp44JGyyoQIfWUOsvF8w
PEn5REhm973ekLAczQ4QCIyPoDgId4Ew18Li7Zi6hElG/8rIHnTI/LZ8464lCFCA
7N5c+n4I4Su+Gc7X+mDOUtR3KvDndRqmINVcRI/negq9Ms8s7J/GMg9m9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD/MEpYX0p+Z7feXJ0ahUlwt58QrMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvUDh3U2xoZlNuNW50OTVjblJxRlNYQzNueENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf89AwQA
Bf8/AwQAF/xCAwQAW1xwMA0GCSqGSIb3DQEBCwUAA4IBAQBLdnz2K0X5RqCh2f6q
uoqqgH15DYXyUtF0wBGFxrR9fqsEcxniXoWyQqynl8Ya0X1+JwQrOVASwaE84RJA
ZC5sB9X5LdriYmF+pBmPKgy1vbVmTNJjvsySQ2ZgNhPzj+PRfl+nkN+4hoqpmJWz
CRnTxVfM54zxfxyWKvPSesQOQTljdYoj6bVTBFkdYwf4Zh1c31j8Ssz4oa6eHhoF
4t47IixJ6L+bRiXExVmWss4Yp98751MC08+OSy0cxEkL/+M9BtBDGPpzmL3pkDb9
ZjEoFkAsMWNDbGHEQt8+mei6Zkbg1A/2RHZbt6SLwM3yWYxb2pq6JyuIXnz2oweS
XPwK
-----END CERTIFICATE-----
Generated at Tue Aug 27 19:31:36 2024 by rpki-client on console-ams.rpki-client.org