Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/PBp_I1NMen8lfk13hP90wR1ol9k.roa
File: PBp_I1NMen8lfk13hP90wR1ol9k.roa (raw, json)
Hash identifier: hycAwlResHvwh6xA8d6jTrv8D5EdsZSBFA20ZGDLBQ4=
Subject key identifier: 3C:1A:7F:23:53:4C:7A:7F:25:7E:4D:77:84:FF:74:C1:1D:68:97:D9
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 01856FE6ED862783DD5974376C5D7C68A2D1
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/PBp_I1NMen8lfk13hP90wR1ol9k.roa
Signing time: Mon 02 Jan 2023 00:34:43 +0000
ROA not before: Mon 02 Jan 2023 00:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31400
IP address blocks: 5.132.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ed:86:27:83:dd:59:74:37:6c:5d:7c:68:a2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 2 00:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c1a7f23534c7a7f257e4d7784ff74c11d6897d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:8e:40:74:15:01:9c:02:98:3b:a9:35:07:
68:f4:3f:77:5a:25:d9:52:59:99:06:6d:74:bb:5c:
67:18:bf:31:29:c2:1a:38:14:d5:fd:1a:73:d4:e5:
a2:b7:65:9f:88:ca:64:92:f8:8c:0f:61:b8:8e:8a:
1c:79:e2:e0:87:48:bf:0b:72:c7:8a:1d:f4:ba:c8:
79:cf:6b:7f:50:fe:17:bd:9b:cc:b3:ad:4b:68:2c:
14:2e:d0:6f:b0:1b:f2:b3:ab:66:33:42:2f:1a:28:
67:dd:f5:47:5e:30:ee:da:f9:34:30:b7:c6:46:1a:
a7:2b:5e:59:e2:db:59:8d:f5:aa:da:6f:46:e6:dc:
7f:7d:9c:60:5f:54:46:3d:7a:da:03:0f:58:07:38:
5c:eb:28:3f:67:83:80:73:f0:9f:ce:43:00:ac:a8:
e3:27:5b:11:8e:eb:ef:00:28:e2:54:5f:e5:8d:3f:
20:cd:6a:a7:fa:f2:e3:ad:02:54:28:c9:20:2d:a5:
71:5c:3d:42:02:83:e6:1d:6d:46:f3:0e:d8:ae:71:
84:03:93:1a:4e:7c:4a:a6:e8:33:1c:3d:43:cc:22:
8e:6a:c5:0a:c0:75:2f:7f:09:23:dc:ec:9e:15:33:
68:68:02:cc:2c:43:53:f7:e0:1d:a0:55:e4:2b:9a:
26:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:7F:23:53:4C:7A:7F:25:7E:4D:77:84:FF:74:C1:1D:68:97:D9
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/PBp_I1NMen8lfk13hP90wR1ol9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.158.0/24
Signature Algorithm: sha256WithRSAEncryption
68:6f:42:3a:72:af:55:33:fe:97:70:5e:2b:23:08:58:12:e2:
15:3c:88:61:d4:26:6c:88:c4:ce:45:ac:d4:65:37:ba:01:ae:
0a:0e:33:e1:eb:99:04:a6:7e:7d:38:df:a4:ee:d0:a2:0f:f1:
d1:97:78:30:0d:63:02:f4:78:ac:2e:d9:b2:d5:de:8b:8c:2f:
6b:43:32:12:3e:54:0c:d3:89:9c:e7:d3:0b:5a:02:ad:23:cb:
6d:b5:22:df:9c:c7:83:74:a3:c8:e1:7e:1d:03:7f:b2:a9:90:
6e:45:a0:60:5a:e9:ff:02:0e:6a:82:b3:22:fe:15:a3:49:b4:
8a:d4:2c:b4:c9:8e:dd:83:b7:c2:a7:a6:a7:1f:43:f4:5f:3c:
8b:55:be:ec:73:59:29:63:0e:72:09:c3:3b:ce:bf:76:e0:bb:
c3:79:bc:7c:3f:46:27:23:fc:55:55:dc:f4:3f:c7:3a:c1:96:
13:17:ad:96:dd:04:a9:d1:88:e7:34:3f:b7:b8:38:da:de:d6:
20:0d:26:f4:e6:3f:d4:ee:38:2d:0d:ce:04:31:a1:5f:ef:30:
f3:19:bf:3c:e4:07:ca:02:9a:83:f8:e1:f2:85:d0:a2:96:7e:
a9:3a:81:fa:17:f2:03:49:cf:18:48:d9:aa:99:84:bd:b4:6c:
b6:1e:b6:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5u2GJ4PdWXQ3bF18aKLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNGEyMDIwYjgyZDAyOTRlOTBhMmQ2YjJjMGYyOGQxMTcz
YjY0NjUwHhcNMjMwMTAyMDAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFhN2YyMzUzNGM3YTdmMjU3ZTRkNzc4NGZmNzRjMTFkNjg5N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI6OQHQVAZwCmDupNQdo9D93WiXZ
UlmZBm10u1xnGL8xKcIaOBTV/Rpz1OWit2WfiMpkkviMD2G4jooceeLgh0i/C3LH
ih30ush5z2t/UP4XvZvMs61LaCwULtBvsBvys6tmM0IvGihn3fVHXjDu2vk0MLfG
RhqnK15Z4ttZjfWq2m9G5tx/fZxgX1RGPXraAw9YBzhc6yg/Z4OAc/CfzkMArKjj
J1sRjuvvACjiVF/ljT8gzWqn+vLjrQJUKMkgLaVxXD1CAoPmHW1G8w7YrnGEA5Ma
TnxKpugzHD1DzCKOasUKwHUvfwkj3OyeFTNoaALMLENT9+AdoFXkK5omwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwafyNTTHp/JX5Nd4T/dMEdaJfZMB8GA1UdIwQY
MBaAFB5KICC4LQKU6QotaywPKNEXO2RlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQt
NTMwNDQwYzRmYTI5LzEvUEJwX0kxTk1lbjhsZmsxM2hQOTB3UjFvbDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQtNTMwNDQwYzRmYTI5
LzEvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABYSeMA0G
CSqGSIb3DQEBCwUAA4IBAQBob0I6cq9VM/6XcF4rIwhYEuIVPIhh1CZsiMTORazU
ZTe6Aa4KDjPh65kEpn59ON+k7tCiD/HRl3gwDWMC9HisLtmy1d6LjC9rQzISPlQM
04mc59MLWgKtI8tttSLfnMeDdKPI4X4dA3+yqZBuRaBgWun/Ag5qgrMi/hWjSbSK
1Cy0yY7dg7fCp6anH0P0XzyLVb7sc1kpYw5yCcM7zr924LvDebx8P0YnI/xVVdz0
P8c6wZYTF62W3QSp0YjnND+3uDja3tYgDSb05j/U7jgtDc4EMaFf7zDzGb885AfK
ApqD+OHyhdCiln6pOoH6F/IDSc8YSNmqmYS9tGy2HraR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-fra.rpki-client.org