Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/TgYn6qT_ZYXIqKsxe1h_mUCvDg0.roa
File: TgYn6qT_ZYXIqKsxe1h_mUCvDg0.roa (raw, json)
Hash identifier: rwMeSdu2ALfcjdkSOAugGPEmyX8mbETuJ2Vq987UAw8=
Subject key identifier: 4E:06:27:EA:A4:FF:65:85:C8:A8:AB:31:7B:58:7F:99:40:AF:0E:0D
Certificate issuer: /CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Certificate serial: 01856FE7071EA10C2039A56ECC700F9D6CC5
Authority key identifier: 6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/TgYn6qT_ZYXIqKsxe1h_mUCvDg0.roa
Signing time: Mon 02 Jan 2023 00:34:49 +0000
ROA not before: Mon 02 Jan 2023 00:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213298
IP address blocks: 5.187.56.0/24 maxlen: 24
5.187.57.0/24 maxlen: 24
5.187.58.0/24 maxlen: 24
5.187.56.0/21 maxlen: 21
5.187.63.0/24 maxlen: 24
5.187.59.0/24 maxlen: 24
5.187.60.0/24 maxlen: 24
5.187.61.0/24 maxlen: 24
5.187.62.0/24 maxlen: 24
2a01:41c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:07:1e:a1:0c:20:39:a5:6e:cc:70:0f:9d:6c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Validity
Not Before: Jan 2 00:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e0627eaa4ff6585c8a8ab317b587f9940af0e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:27:8c:7d:84:9c:e4:77:30:ed:cf:1b:d0:ae:
5f:5e:ef:be:3c:c3:58:65:4b:26:8e:67:ad:ce:56:
c1:6f:34:bb:4b:60:79:97:73:3b:5f:ac:c5:44:c5:
4d:1d:18:a6:08:53:ec:ea:8c:a0:be:b0:a0:fa:d8:
f0:ee:37:95:a3:14:1c:88:ab:f3:98:a8:60:f3:fa:
59:fc:21:df:cc:c1:7a:9e:51:c6:71:bf:d7:91:21:
6c:fe:56:29:10:aa:16:0d:76:b5:dd:c0:f2:77:81:
ed:eb:b4:50:6a:fc:a2:a9:58:f7:ac:ea:4d:5a:47:
e1:fd:24:ed:21:5e:92:c3:f0:a8:78:38:f7:b3:73:
95:32:10:cd:01:db:6e:25:55:d5:e5:a4:4d:f1:05:
d6:8d:1e:86:6c:5a:5e:a0:37:ce:97:09:1a:56:9d:
61:4f:8d:ef:d0:26:b5:aa:ce:9c:34:f7:8e:68:60:
dd:78:a9:88:c3:20:15:5e:05:eb:54:7d:b7:46:fc:
80:58:60:a7:ac:94:8b:af:d9:37:2e:8c:c6:cc:f7:
8d:39:27:43:34:15:7c:85:d0:2b:d3:db:94:8a:e3:
fa:72:c9:de:e5:ed:d2:8c:8b:e9:43:a3:ac:1f:67:
ac:61:02:90:ad:8a:61:76:83:81:b0:ce:42:76:c2:
7a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:06:27:EA:A4:FF:65:85:C8:A8:AB:31:7B:58:7F:99:40:AF:0E:0D
X509v3 Authority Key Identifier:
keyid:6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/TgYn6qT_ZYXIqKsxe1h_mUCvDg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.56.0/21
IPv6:
2a01:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
97:a0:28:54:7e:45:c5:7e:7d:d0:b7:b8:2b:3e:ce:4c:4c:93:
3c:8f:e5:34:08:11:9d:dd:d0:b1:fc:2d:5b:ab:36:b5:9f:fd:
d2:d0:11:5f:5b:e9:66:80:8b:c9:dc:13:be:fd:bc:7f:74:73:
84:a3:e5:25:ed:ce:b4:28:fc:50:50:ae:7e:23:3a:5f:0f:40:
04:15:cb:90:d9:3d:b7:fd:00:1d:fb:ca:e7:5e:2f:2b:4b:e3:
75:2b:e8:6e:3c:f4:48:7c:3f:ac:70:0f:84:0e:98:e7:fb:78:
b5:27:f0:12:ce:6d:e4:94:cc:f4:97:d8:07:8c:ec:c0:03:16:
96:bd:cb:34:53:e8:e3:72:76:e3:93:96:a4:a5:ee:40:fa:43:
43:b4:f1:24:10:27:e4:f3:cd:03:87:89:21:25:fe:7c:6c:80:
93:a5:47:0e:b6:f9:a5:c3:d6:c2:70:0e:03:2c:81:cd:4f:45:
be:53:5b:a5:70:1d:87:dd:e7:ee:a9:1e:f7:62:6e:62:5c:a3:
8a:68:1b:54:c3:e1:17:94:cc:36:5a:90:09:4e:02:3f:52:be:
e5:27:57:20:f7:6a:00:67:80:0f:5d:49:b0:2a:fc:f1:f2:a1:
58:2b:b7:d9:2a:31:2e:54:c2:d6:90:ed:f2:c1:da:32:75:2e:
6b:b2:6e:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5wceoQwgOaVuzHAPnWzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWRlOWY5ZGJiZDQ2MTg4NTdiNTgxMDVjNjc0MzcyMGEx
MWJjNmUwHhcNMjMwMTAyMDAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTA2MjdlYWE0ZmY2NTg1YzhhOGFiMzE3YjU4N2Y5OTQwYWYwZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyeMfYSc5Hcw7c8b0K5fXu++PMNY
ZUsmjmetzlbBbzS7S2B5l3M7X6zFRMVNHRimCFPs6oygvrCg+tjw7jeVoxQciKvz
mKhg8/pZ/CHfzMF6nlHGcb/XkSFs/lYpEKoWDXa13cDyd4Ht67RQavyiqVj3rOpN
Wkfh/STtIV6Sw/CoeDj3s3OVMhDNAdtuJVXV5aRN8QXWjR6GbFpeoDfOlwkaVp1h
T43v0Ca1qs6cNPeOaGDdeKmIwyAVXgXrVH23RvyAWGCnrJSLr9k3LozGzPeNOSdD
NBV8hdAr09uUiuP6csne5e3SjIvpQ6OsH2esYQKQrYphdoOBsM5CdsJ6IQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE4GJ+qk/2WFyKirMXtYf5lArw4NMB8GA1UdIwQY
MBaAFG9d6fnbvUYYhXtYEFxnQ3IKEbxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTkt
YWUwNTc5NGM4ZTEzLzEvVGdZbjZxVF9aWVhJcUtzeGUxaF9tVUN2RGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTktYWUwNTc5NGM4ZTEz
LzEvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBbs4MA0E
AgACMAcDBQAqAUHAMA0GCSqGSIb3DQEBCwUAA4IBAQCXoChUfkXFfn3Qt7grPs5M
TJM8j+U0CBGd3dCx/C1bqza1n/3S0BFfW+lmgIvJ3BO+/bx/dHOEo+Ul7c60KPxQ
UK5+IzpfD0AEFcuQ2T23/QAd+8rnXi8rS+N1K+huPPRIfD+scA+EDpjn+3i1J/AS
zm3klMz0l9gHjOzAAxaWvcs0U+jjcnbjk5akpe5A+kNDtPEkECfk880Dh4khJf58
bICTpUcOtvmlw9bCcA4DLIHNT0W+U1ulcB2H3efuqR73Ym5iXKOKaBtUw+EXlMw2
WpAJTgI/Ur7lJ1cg92oAZ4APXUmwKvzx8qFYK7fZKjEuVMLWkO3ywdoydS5rsm7U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:14 2024 by rpki-client on console-fra.rpki-client.org