Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/RDSNrBiNSN-z2ExPWoczHYLAK2I.roa
File: RDSNrBiNSN-z2ExPWoczHYLAK2I.roa (raw, json)
Hash identifier: V/PWNN5gVwM8Q7ONY4+QHQ1EmajrL7B9Pf24mbhWFc8=
Subject key identifier: 44:34:8D:AC:18:8D:48:DF:B3:D8:4C:4F:5A:87:33:1D:82:C0:2B:62
Certificate issuer: /CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Certificate serial: 01856FE706A0B40CDA5A119F4512CFA34D11
Authority key identifier: 6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/RDSNrBiNSN-z2ExPWoczHYLAK2I.roa
Signing time: Mon 02 Jan 2023 00:34:49 +0000
ROA not before: Mon 02 Jan 2023 00:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199092
IP address blocks: 5.187.56.0/23 maxlen: 23
5.187.56.0/21 maxlen: 21
5.187.58.0/24 maxlen: 24
5.187.63.0/24 maxlen: 24
2a01:41c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:06:a0:b4:0c:da:5a:11:9f:45:12:cf:a3:4d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Validity
Not Before: Jan 2 00:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44348dac188d48dfb3d84c4f5a87331d82c02b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:ca:a5:1f:b7:52:64:2d:37:76:00:8c:4d:
7f:99:35:b4:dc:73:4b:cf:a6:42:96:cd:9a:21:17:
d7:40:87:09:7a:10:5c:39:81:ca:b6:24:a0:4f:99:
6f:71:57:d5:c2:d9:18:29:af:e9:3c:ce:e4:80:ad:
e2:6f:8a:00:c6:1a:d4:0e:c0:f6:90:cf:2f:8c:5f:
8c:82:9c:27:3d:bd:07:64:67:2c:b2:06:83:56:1b:
da:87:fe:0b:5c:52:cb:a6:25:7f:3c:94:46:7b:b5:
c5:29:18:03:2d:63:2c:25:a8:c8:9b:77:b2:64:cb:
b7:03:6f:88:c1:ae:d4:5e:fc:c6:f5:ff:f6:23:c5:
53:44:d8:d8:90:3c:86:56:00:5d:12:71:6c:6f:8a:
a9:0f:0a:fa:5f:b0:ed:e4:a1:a5:f4:65:12:96:62:
c3:45:7a:df:4f:57:d1:02:e9:a7:46:76:fc:0c:77:
d4:88:c8:f5:59:f3:4c:19:1e:30:b3:ad:b0:4f:d3:
90:e2:4c:0a:67:0f:83:36:47:b7:13:98:33:61:3a:
26:87:76:66:5e:cd:8c:67:99:f3:08:66:3d:10:dc:
a9:54:8a:3d:af:b2:80:4e:f0:84:93:d5:64:16:6e:
0c:71:6b:7c:8d:ae:72:9b:f3:a1:6b:e9:c5:0c:a5:
05:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:34:8D:AC:18:8D:48:DF:B3:D8:4C:4F:5A:87:33:1D:82:C0:2B:62
X509v3 Authority Key Identifier:
keyid:6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/RDSNrBiNSN-z2ExPWoczHYLAK2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.56.0/21
IPv6:
2a01:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:57:49:95:67:ff:7d:d2:d6:9e:30:12:60:d6:88:35:50:f9:
2b:81:bc:24:3d:b4:11:19:61:ac:5f:74:ef:42:87:50:78:6e:
8c:1a:37:6a:d4:cf:bd:a9:91:b7:a7:8a:97:91:df:7c:51:f2:
61:9b:b9:8d:41:c4:6c:26:cd:ad:5f:db:ab:ee:2a:a1:35:18:
71:c7:06:87:93:db:be:e8:0b:6b:4f:46:06:5d:cc:f4:e3:96:
9c:d1:16:4a:5c:b9:49:91:38:1a:d4:43:57:1b:b7:e7:c2:cc:
37:e8:3f:cc:5c:93:4a:25:9b:28:ab:a4:ec:0a:37:b1:f6:98:
f6:00:a0:fc:c7:ba:21:6d:a2:25:12:b8:12:b3:31:59:0c:c8:
cc:d9:30:9a:fc:d2:71:6f:23:46:2c:ff:a1:ae:c5:fd:44:0b:
66:f7:11:67:93:06:a3:1a:01:61:28:a8:23:6c:20:e0:67:4c:
26:db:00:de:95:13:a4:1f:83:4a:b4:87:ed:7d:bb:03:86:04:
3e:91:cf:e3:21:2e:15:2d:91:c2:32:83:56:9d:92:fc:9d:89:
0a:a2:c3:55:7d:a7:56:66:ca:7c:89:47:55:05:e6:e7:93:66:
39:b8:61:5c:81:cc:7b:0b:d3:2f:46:a2:23:df:88:26:bf:25:
a4:87:32:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5wagtAzaWhGfRRLPo00RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWRlOWY5ZGJiZDQ2MTg4NTdiNTgxMDVjNjc0MzcyMGEx
MWJjNmUwHhcNMjMwMTAyMDAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM0OGRhYzE4OGQ0OGRmYjNkODRjNGY1YTg3MzMxZDgyYzAyYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dfKpR+3UmQtN3YAjE1/mTW03HNL
z6ZCls2aIRfXQIcJehBcOYHKtiSgT5lvcVfVwtkYKa/pPM7kgK3ib4oAxhrUDsD2
kM8vjF+MgpwnPb0HZGcssgaDVhvah/4LXFLLpiV/PJRGe7XFKRgDLWMsJajIm3ey
ZMu3A2+Iwa7UXvzG9f/2I8VTRNjYkDyGVgBdEnFsb4qpDwr6X7Dt5KGl9GUSlmLD
RXrfT1fRAumnRnb8DHfUiMj1WfNMGR4ws62wT9OQ4kwKZw+DNke3E5gzYTomh3Zm
Xs2MZ5nzCGY9ENypVIo9r7KATvCEk9VkFm4McWt8ja5ym/Oha+nFDKUF3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEQ0jawYjUjfs9hMT1qHMx2CwCtiMB8GA1UdIwQY
MBaAFG9d6fnbvUYYhXtYEFxnQ3IKEbxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTkt
YWUwNTc5NGM4ZTEzLzEvUkRTTnJCaU5TTi16MkV4UFdvY3pIWUxBSzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTktYWUwNTc5NGM4ZTEz
LzEvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBbs4MA0E
AgACMAcDBQAqAUHAMA0GCSqGSIb3DQEBCwUAA4IBAQBOV0mVZ/990taeMBJg1og1
UPkrgbwkPbQRGWGsX3TvQodQeG6MGjdq1M+9qZG3p4qXkd98UfJhm7mNQcRsJs2t
X9ur7iqhNRhxxwaHk9u+6AtrT0YGXcz045ac0RZKXLlJkTga1ENXG7fnwsw36D/M
XJNKJZsoq6TsCjex9pj2AKD8x7ohbaIlErgSszFZDMjM2TCa/NJxbyNGLP+hrsX9
RAtm9xFnkwajGgFhKKgjbCDgZ0wm2wDelROkH4NKtIftfbsDhgQ+kc/jIS4VLZHC
MoNWnZL8nYkKosNVfadWZsp8iUdVBebnk2Y5uGFcgcx7C9MvRqIj34gmvyWkhzIR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:47 2024 by rpki-client on console-ams.rpki-client.org