Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/41apvX8MdgIb2xeEoWuAxMDB7I0.roa
File: 41apvX8MdgIb2xeEoWuAxMDB7I0.roa (raw, json)
Hash identifier: MvpRmsnsSuHVfXKL0EDl1HdgHRQSzG6wh2Vr9zXFVQo=
Subject key identifier: E3:56:A9:BD:7F:0C:76:02:1B:DB:17:84:A1:6B:80:C4:C0:C1:EC:8D
Certificate issuer: /CN=d291741252bb9c4cda80047dfb01ce98c219d180
Certificate serial: 018C68B2EF614AD74B5A91260B4FE6EBA7FD
Authority key identifier: D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/41apvX8MdgIb2xeEoWuAxMDB7I0.roa
Signing time: Thu 14 Dec 2023 14:20:06 +0000
ROA not before: Thu 14 Dec 2023 14:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209441
IP address blocks: 5.253.220.0/24 maxlen: 24
5.253.221.0/24 maxlen: 24
5.253.222.0/24 maxlen: 24
5.253.223.0/24 maxlen: 24
5.253.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 15 Dec 2023 12:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:b2:ef:61:4a:d7:4b:5a:91:26:0b:4f:e6:eb:a7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d291741252bb9c4cda80047dfb01ce98c219d180
Validity
Not Before: Dec 14 14:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e356a9bd7f0c76021bdb1784a16b80c4c0c1ec8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c7:3f:1c:47:ae:61:67:93:94:77:1e:ad:6f:
cc:b1:a8:34:6b:85:b1:4a:ba:1c:22:08:79:ba:60:
39:3f:a4:dd:26:f3:52:0b:3a:dc:18:d8:2e:f4:dd:
28:b1:39:e6:45:fd:a2:7a:96:b9:ee:94:42:11:74:
4d:85:b7:b5:2c:9e:fd:c1:cd:13:33:29:18:c0:2d:
78:af:0b:f6:28:98:36:5f:93:40:08:01:1c:7c:8c:
72:89:d6:d6:a5:d4:29:b6:1d:31:67:3c:49:54:37:
df:a5:5a:a6:7e:21:7a:dc:5f:e7:56:42:09:ea:d8:
07:23:d7:b7:37:ab:8e:1a:11:fd:bd:0f:8b:a8:3d:
5f:f8:6f:17:53:7c:f8:17:23:0e:ac:69:c2:ef:eb:
1f:32:31:8d:94:d1:2f:cd:d9:6c:b1:ba:62:af:a9:
01:18:61:e3:3f:1f:df:c5:af:f8:69:cb:75:26:d0:
8d:37:2b:fe:2c:6b:c8:da:ba:42:07:ea:fa:98:8d:
96:7c:f8:84:2a:d5:05:3e:4d:50:ec:7a:bc:50:3f:
48:dc:82:ac:11:b9:d2:cf:25:06:0b:14:a2:5e:10:
f7:93:39:b0:e7:69:4f:d0:40:4b:b1:55:8e:a3:be:
c9:fb:61:c2:ed:9d:fa:01:50:af:01:91:2a:67:db:
f5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:56:A9:BD:7F:0C:76:02:1B:DB:17:84:A1:6B:80:C4:C0:C1:EC:8D
X509v3 Authority Key Identifier:
keyid:D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/41apvX8MdgIb2xeEoWuAxMDB7I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:b6:6e:5d:f7:04:f4:86:bb:74:f3:5f:3d:da:f3:55:e9:26:
f1:51:19:51:da:93:62:6c:e2:cd:88:31:e5:a4:88:35:43:0d:
9a:7c:31:70:71:f6:ba:29:7c:c0:eb:d0:85:e5:71:50:40:14:
0e:e8:9b:4f:92:88:3f:57:29:73:d6:f3:14:39:e0:00:aa:ae:
6c:53:b7:e6:2f:6c:5c:21:0b:8b:e0:f8:f3:d9:f9:10:60:d8:
71:d6:13:78:09:5a:8d:c8:7b:61:f5:8a:bc:b1:52:d5:ee:43:
db:d8:8c:12:eb:ea:9a:8d:81:dc:b0:d3:50:e7:d3:02:19:78:
3c:81:0e:cc:ab:5f:97:1a:09:56:0e:54:a2:f0:2f:03:0f:44:
16:3b:8e:ad:1b:86:21:d6:b5:78:e0:59:95:0f:e6:c7:73:d7:
d2:03:43:ac:a5:26:20:b2:f0:55:97:79:8d:42:4e:50:ac:d3:
b5:6c:94:56:6a:74:e0:1b:e7:dd:c4:1e:6c:aa:3a:68:57:5e:
5c:78:2f:f8:1b:ca:63:08:b3:6f:d1:12:8f:30:5d:e3:e6:d6:
fb:86:04:87:d7:59:09:a1:83:e7:db:d4:5e:dc:2b:86:01:06:
c6:29:07:75:a8:ec:86:ee:18:63:39:18:fd:b5:51:b9:10:cd:
b2:a7:5a:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxosu9hStdLWpEmC0/m66f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTE3NDEyNTJiYjljNGNkYTgwMDQ3ZGZiMDFjZTk4YzIx
OWQxODAwHhcNMjMxMjE0MTQyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU2YTliZDdmMGM3NjAyMWJkYjE3ODRhMTZiODBjNGMwYzFlYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMc/HEeuYWeTlHcerW/Msag0a4Wx
SrocIgh5umA5P6TdJvNSCzrcGNgu9N0osTnmRf2iepa57pRCEXRNhbe1LJ79wc0T
MykYwC14rwv2KJg2X5NACAEcfIxyidbWpdQpth0xZzxJVDffpVqmfiF63F/nVkIJ
6tgHI9e3N6uOGhH9vQ+LqD1f+G8XU3z4FyMOrGnC7+sfMjGNlNEvzdlssbpir6kB
GGHjPx/fxa/4act1JtCNNyv+LGvI2rpCB+r6mI2WfPiEKtUFPk1Q7Hq8UD9I3IKs
EbnSzyUGCxSiXhD3kzmw52lP0EBLsVWOo77J+2HC7Z36AVCvAZEqZ9v1JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONWqb1/DHYCG9sXhKFrgMTAweyNMB8GA1UdIwQY
MBaAFNKRdBJSu5xM2oAEffsBzpjCGdGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjkt
NDhiOTU3MjY0YzI2LzEvNDFhcHZYOE1kZ0liMnhlRW9XdUF4TURCN0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjktNDhiOTU3MjY0YzI2
LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3cMA0G
CSqGSIb3DQEBCwUAA4IBAQBetm5d9wT0hrt081892vNV6SbxURlR2pNibOLNiDHl
pIg1Qw2afDFwcfa6KXzA69CF5XFQQBQO6JtPkog/Vylz1vMUOeAAqq5sU7fmL2xc
IQuL4Pjz2fkQYNhx1hN4CVqNyHth9Yq8sVLV7kPb2IwS6+qajYHcsNNQ59MCGXg8
gQ7Mq1+XGglWDlSi8C8DD0QWO46tG4Yh1rV44FmVD+bHc9fSA0OspSYgsvBVl3mN
Qk5QrNO1bJRWanTgG+fdxB5sqjpoV15ceC/4G8pjCLNv0RKPMF3j5tb7hgSH11kJ
oYPn29Re3CuGAQbGKQd1qOyG7hhjORj9tVG5EM2yp1rK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:13 2024 by rpki-client on console-fra.rpki-client.org