Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/ul3p9ux8v6ItwQY7IgPOTdof92A.roa
File: ul3p9ux8v6ItwQY7IgPOTdof92A.roa (raw, json)
Hash identifier: CvNgzKTVr5vrsDe3ItQQpQQQWfZg4WV7h61t4xXhw0w=
Subject key identifier: BA:5D:E9:F6:EC:7C:BF:A2:2D:C1:06:3B:22:03:CE:4D:DA:1F:F7:60
Certificate issuer: /CN=d291741252bb9c4cda80047dfb01ce98c219d180
Certificate serial: 018C6D5F86F85FC59A7949C5B40F3651913C
Authority key identifier: D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/ul3p9ux8v6ItwQY7IgPOTdof92A.roa
Signing time: Fri 15 Dec 2023 12:07:06 +0000
ROA not before: Fri 15 Dec 2023 12:07:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209441
IP address blocks: 5.253.220.0/24 maxlen: 24
5.253.221.0/24 maxlen: 24
5.253.222.0/24 maxlen: 24
5.253.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:5f:86:f8:5f:c5:9a:79:49:c5:b4:0f:36:51:91:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d291741252bb9c4cda80047dfb01ce98c219d180
Validity
Not Before: Dec 15 12:07:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba5de9f6ec7cbfa22dc1063b2203ce4dda1ff760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6b:c4:77:7e:6f:4a:3c:44:6e:c4:4f:dc:a2:
83:58:be:ef:83:65:64:a8:bd:d9:cc:77:60:14:d2:
1b:b7:a5:e7:e6:29:52:a9:f3:f4:1f:56:5d:fc:62:
c5:d6:d1:01:88:ef:20:04:b1:c2:bc:ca:cd:c0:ab:
ec:e5:8f:ff:20:b7:4e:de:31:c9:96:b0:a9:bc:1b:
b9:8b:84:a9:30:f7:e2:ce:15:e8:d9:bf:43:99:b1:
ca:bb:1b:92:89:41:d5:16:17:dc:fd:81:84:4b:ff:
9d:46:65:17:2f:b2:61:6a:23:cc:ed:9c:45:73:e7:
ea:61:fc:50:64:56:0f:90:ee:95:8d:ab:62:e0:ba:
20:85:bb:37:98:a5:11:1d:3d:16:2e:95:5f:ed:84:
56:9a:e0:35:6a:32:49:bc:51:0f:2e:ff:ea:27:cf:
f2:49:16:04:8c:3f:1b:d9:d8:b1:c0:10:b1:36:e4:
15:7e:60:3d:e1:bc:ae:a2:61:32:d1:56:8d:dc:e4:
a3:27:be:d6:1d:a3:45:22:c1:86:f4:66:f2:a1:0e:
22:e5:54:79:75:55:81:71:56:2b:57:47:be:19:78:
0a:3d:22:70:5e:b4:c7:ac:84:4d:93:67:50:b1:1f:
f7:fd:c0:cb:86:11:0b:45:f0:36:f4:63:5b:33:be:
34:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5D:E9:F6:EC:7C:BF:A2:2D:C1:06:3B:22:03:CE:4D:DA:1F:F7:60
X509v3 Authority Key Identifier:
keyid:D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/ul3p9ux8v6ItwQY7IgPOTdof92A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.220.0/22
Signature Algorithm: sha256WithRSAEncryption
60:94:49:97:7f:61:c5:f3:2d:d9:ca:d4:33:66:7f:41:cc:e7:
4a:89:00:0e:33:be:36:5b:66:a7:ae:f2:36:cd:9e:ab:46:e1:
4a:54:52:64:a3:b9:8e:20:ca:dc:36:fa:23:33:33:8c:07:46:
d6:20:10:9d:62:e4:34:d9:22:65:60:22:64:d6:e0:09:49:ab:
c8:63:a6:2a:6b:b8:60:51:1b:ff:27:e4:bf:ed:af:0c:77:02:
b1:24:c6:5a:a2:77:0f:19:cd:9a:ac:c4:05:b9:31:d0:5d:9a:
4f:96:d4:c5:58:c9:a2:55:34:e3:dc:fe:6e:f4:2a:e3:7b:f6:
0c:57:80:28:0c:c9:04:7c:78:f6:77:8d:c2:8f:7c:c7:6c:d8:
86:b5:af:c2:83:3f:91:d7:06:67:e4:fa:0e:43:a5:72:46:f3:
8c:67:07:ea:1f:3a:cc:33:42:e9:c4:74:48:64:76:e5:87:cf:
44:c8:89:84:06:e7:3e:8e:3a:d2:f7:26:c1:ba:d9:92:e2:a3:
9f:52:43:86:be:5c:01:6d:57:ae:08:09:77:19:37:b1:de:a1:
08:a4:28:54:11:2d:25:db:17:93:fe:54:9f:c5:4c:57:ce:49:
0f:6c:7b:59:78:30:3b:cf:20:58:4d:e2:b5:48:24:b0:46:c8:
77:fe:51:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxtX4b4X8WaeUnFtA82UZE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTE3NDEyNTJiYjljNGNkYTgwMDQ3ZGZiMDFjZTk4YzIx
OWQxODAwHhcNMjMxMjE1MTIwNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVkZTlmNmVjN2NiZmEyMmRjMTA2M2IyMjAzY2U0ZGRhMWZmNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGvEd35vSjxEbsRP3KKDWL7vg2Vk
qL3ZzHdgFNIbt6Xn5ilSqfP0H1Zd/GLF1tEBiO8gBLHCvMrNwKvs5Y//ILdO3jHJ
lrCpvBu5i4SpMPfizhXo2b9DmbHKuxuSiUHVFhfc/YGES/+dRmUXL7JhaiPM7ZxF
c+fqYfxQZFYPkO6Vjati4Loghbs3mKURHT0WLpVf7YRWmuA1ajJJvFEPLv/qJ8/y
SRYEjD8b2dixwBCxNuQVfmA94byuomEy0VaN3OSjJ77WHaNFIsGG9GbyoQ4i5VR5
dVWBcVYrV0e+GXgKPSJwXrTHrIRNk2dQsR/3/cDLhhELRfA29GNbM740lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpd6fbsfL+iLcEGOyIDzk3aH/dgMB8GA1UdIwQY
MBaAFNKRdBJSu5xM2oAEffsBzpjCGdGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjkt
NDhiOTU3MjY0YzI2LzEvdWwzcDl1eDh2Nkl0d1FZN0lnUE9UZG9mOTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjktNDhiOTU3MjY0YzI2
LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3cMA0G
CSqGSIb3DQEBCwUAA4IBAQBglEmXf2HF8y3ZytQzZn9BzOdKiQAOM742W2anrvI2
zZ6rRuFKVFJko7mOIMrcNvojMzOMB0bWIBCdYuQ02SJlYCJk1uAJSavIY6Yqa7hg
URv/J+S/7a8MdwKxJMZaoncPGc2arMQFuTHQXZpPltTFWMmiVTTj3P5u9Crje/YM
V4AoDMkEfHj2d43Cj3zHbNiGta/Cgz+R1wZn5PoOQ6VyRvOMZwfqHzrMM0LpxHRI
ZHblh89EyImEBuc+jjrS9ybButmS4qOfUkOGvlwBbVeuCAl3GTex3qEIpChUES0l
2xeT/lSfxUxXzkkPbHtZeDA7zyBYTeK1SCSwRsh3/lHl
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:30 2024 by rpki-client on console-ams.rpki-client.org