Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/d07yrKqI-BhM6DznKat1GO6moHU.roa
File: d07yrKqI-BhM6DznKat1GO6moHU.roa (raw, json)
Hash identifier: ENQTbGIuW7xma4GG7kkWNT43tet58MjtYgyDJUh+mpA=
Subject key identifier: 77:4E:F2:AC:AA:88:F8:18:4C:E8:3C:E7:29:AB:75:18:EE:A6:A0:75
Certificate issuer: /CN=d291741252bb9c4cda80047dfb01ce98c219d180
Certificate serial: 0185727A1A307DD380AB78B2A83DE878F3B0
Authority key identifier: D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/d07yrKqI-BhM6DznKat1GO6moHU.roa
Signing time: Mon 02 Jan 2023 12:34:42 +0000
ROA not before: Mon 02 Jan 2023 12:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209441
IP address blocks: 5.253.220.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:1a:30:7d:d3:80:ab:78:b2:a8:3d:e8:78:f3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d291741252bb9c4cda80047dfb01ce98c219d180
Validity
Not Before: Jan 2 12:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=774ef2acaa88f8184ce83ce729ab7518eea6a075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:1b:ce:ab:9f:33:ba:37:0d:2f:a4:64:ba:
5a:82:af:44:ed:5a:34:80:63:d4:27:69:5e:21:45:
dd:22:fc:b0:b9:86:0f:ec:04:07:f5:2e:44:c1:f4:
b8:ca:b8:7e:ac:2f:32:b8:12:c1:d4:1a:4c:5e:12:
9f:b3:0d:c6:14:b7:1b:19:a2:20:82:e5:49:8a:2f:
26:29:15:b7:eb:8a:8e:88:58:85:c5:21:15:c8:4c:
cc:17:e7:96:8c:a1:06:7e:82:ca:82:92:55:b3:22:
3d:df:ee:ec:50:77:76:88:71:33:45:22:25:71:46:
8b:f0:e5:25:7f:13:1f:ec:c3:38:9f:85:fc:f0:60:
9d:bc:49:46:08:50:ec:8e:92:5d:63:32:7f:20:63:
85:a2:c1:09:fb:69:d4:71:61:46:9c:95:21:22:5b:
02:c0:27:60:c0:fc:1f:29:bb:32:30:7d:4a:63:d3:
12:4d:b9:03:7c:91:3d:75:e7:19:b5:5f:81:1b:e6:
46:1a:1a:b0:54:78:d9:1d:87:46:b2:f4:51:2d:a7:
3a:ff:73:9b:76:9c:4e:0a:a2:99:3b:43:7f:24:df:
f2:13:14:13:fd:b8:85:1e:39:9c:c2:2e:01:ff:a8:
9f:ec:46:89:09:3f:0f:b2:24:01:60:bb:c5:c8:02:
ab:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4E:F2:AC:AA:88:F8:18:4C:E8:3C:E7:29:AB:75:18:EE:A6:A0:75
X509v3 Authority Key Identifier:
keyid:D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/d07yrKqI-BhM6DznKat1GO6moHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.220.0/22
Signature Algorithm: sha256WithRSAEncryption
65:ca:26:c4:a5:c5:7d:a9:aa:ca:83:c0:8e:72:4c:04:a6:21:
13:0f:fb:37:33:ca:22:65:c1:20:7e:94:00:34:98:d7:05:f2:
78:48:54:c0:e8:a7:7f:86:54:c0:02:44:6e:39:24:1c:6d:59:
0f:4d:ef:7b:d7:14:41:25:49:76:2c:9c:a2:22:81:78:04:17:
7b:a1:47:d9:06:5f:b4:06:85:54:52:f5:ca:5b:d5:7a:91:0a:
b4:e0:15:7c:c4:9c:f6:d2:11:8f:d5:eb:96:da:51:c7:ba:de:
50:0f:68:d9:84:ff:5f:db:36:1e:3d:d6:a1:c6:fc:61:98:0b:
1d:bd:cf:db:62:60:a9:a2:4d:99:a8:7f:49:d6:d0:b3:13:23:
df:b7:44:8e:e2:b0:96:bd:87:35:5c:18:7d:56:d8:4d:b9:88:
88:3c:80:2f:42:5c:b7:44:ea:4e:62:59:35:f6:36:85:5b:84:
76:21:29:9f:25:8d:f8:0e:a4:ba:30:43:8b:e9:03:84:97:10:
d5:ac:4a:da:0a:c2:d3:dd:7c:f6:40:36:33:20:14:49:1a:9f:
22:3f:ad:33:9f:fe:0e:0d:f3:b8:c3:10:14:cd:ca:21:14:ed:
db:5d:5f:84:51:ce:8b:53:27:41:22:1a:c9:9d:5c:19:ce:7f:
af:90:bb:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyehowfdOAq3iyqD3oePOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTE3NDEyNTJiYjljNGNkYTgwMDQ3ZGZiMDFjZTk4YzIx
OWQxODAwHhcNMjMwMTAyMTIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzRlZjJhY2FhODhmODE4NGNlODNjZTcyOWFiNzUxOGVlYTZhMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr0bzqufM7o3DS+kZLpagq9E7Vo0
gGPUJ2leIUXdIvywuYYP7AQH9S5EwfS4yrh+rC8yuBLB1BpMXhKfsw3GFLcbGaIg
guVJii8mKRW364qOiFiFxSEVyEzMF+eWjKEGfoLKgpJVsyI93+7sUHd2iHEzRSIl
cUaL8OUlfxMf7MM4n4X88GCdvElGCFDsjpJdYzJ/IGOFosEJ+2nUcWFGnJUhIlsC
wCdgwPwfKbsyMH1KY9MSTbkDfJE9decZtV+BG+ZGGhqwVHjZHYdGsvRRLac6/3Ob
dpxOCqKZO0N/JN/yExQT/biFHjmcwi4B/6if7EaJCT8PsiQBYLvFyAKraQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdO8qyqiPgYTOg85ymrdRjupqB1MB8GA1UdIwQY
MBaAFNKRdBJSu5xM2oAEffsBzpjCGdGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjkt
NDhiOTU3MjY0YzI2LzEvZDA3eXJLcUktQmhNNkR6bkthdDFHTzZtb0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjktNDhiOTU3MjY0YzI2
LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3cMA0G
CSqGSIb3DQEBCwUAA4IBAQBlyibEpcV9qarKg8COckwEpiETD/s3M8oiZcEgfpQA
NJjXBfJ4SFTA6Kd/hlTAAkRuOSQcbVkPTe971xRBJUl2LJyiIoF4BBd7oUfZBl+0
BoVUUvXKW9V6kQq04BV8xJz20hGP1euW2lHHut5QD2jZhP9f2zYePdahxvxhmAsd
vc/bYmCpok2ZqH9J1tCzEyPft0SO4rCWvYc1XBh9VthNuYiIPIAvQly3ROpOYlk1
9jaFW4R2ISmfJY34DqS6MEOL6QOElxDVrEraCsLT3Xz2QDYzIBRJGp8iP60zn/4O
DfO4wxAUzcohFO3bXV+EUc6LUydBIhrJnVwZzn+vkLsB
-----END CERTIFICATE-----
Generated at Thu Dec 14 15:02:44 2023 by rpki-client on console-ams.rpki-client.org