Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5flMPZeTfsAS6Yha1CNdM-2EFTo.roa
File: 5flMPZeTfsAS6Yha1CNdM-2EFTo.roa (raw, json)
Hash identifier: 5tCW0e2wv3yyT6ZaeFo3XeOtXFABSn3UmtUSd6YMKHw=
Subject key identifier: E5:F9:4C:3D:97:93:7E:C0:12:E9:88:5A:D4:23:5D:33:ED:84:15:3A
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018BFB5CC15187AA1963E3365EEEB9635AAD
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5flMPZeTfsAS6Yha1CNdM-2EFTo.roa
Signing time: Thu 23 Nov 2023 08:47:21 +0000
ROA not before: Thu 23 Nov 2023 08:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200436
IP address blocks: 5.57.32.0/24 maxlen: 24
5.57.39.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:5c:c1:51:87:aa:19:63:e3:36:5e:ee:b9:63:5a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 23 08:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5f94c3d97937ec012e9885ad4235d33ed84153a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:37:f9:de:5d:86:3b:0d:bf:85:ad:9b:1b:8d:
18:ba:66:70:3f:81:28:6c:96:33:4a:eb:25:c3:1e:
2a:4c:34:cd:c6:ad:19:d9:00:6f:40:2d:1a:e7:77:
d5:4a:fe:b4:da:f6:aa:78:14:d6:e5:95:1a:74:d6:
75:d8:04:d1:90:49:d5:80:78:cf:ce:fa:16:f3:7e:
32:2f:a1:2d:dd:c2:d4:2f:ba:75:34:52:25:a1:47:
df:d5:63:3c:5b:1d:8b:c3:c3:b4:33:22:d2:ad:b6:
b3:1f:bf:ff:fc:47:74:0e:ea:9e:4b:61:60:f8:4e:
7a:53:5d:29:77:45:b5:d9:f3:28:a4:69:d8:cc:2c:
e2:13:fa:bc:6e:a5:3a:be:13:31:58:d8:1f:6f:4b:
e5:8f:ad:06:27:0e:e3:77:1b:7c:f4:24:8a:bf:f8:
47:ac:a6:1f:35:76:fc:07:c2:53:b7:db:e3:6f:52:
8c:68:4c:5e:f9:c8:72:fb:30:2a:44:0c:53:35:75:
8f:cd:b9:77:7d:06:ca:d4:3b:97:c4:52:d4:66:98:
cf:a6:02:b3:d8:3e:6a:31:e9:23:bb:22:0d:41:e2:
a2:36:e4:a4:f3:2a:49:1f:f0:02:ac:ae:75:16:14:
ed:f0:2e:f7:b0:6c:81:cc:88:3b:16:af:0c:6f:08:
ee:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F9:4C:3D:97:93:7E:C0:12:E9:88:5A:D4:23:5D:33:ED:84:15:3A
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/5flMPZeTfsAS6Yha1CNdM-2EFTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
5.57.39.0/24
185.212.49.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0b:4c:8c:6e:dc:f1:62:98:5b:ff:b9:51:c5:dd:dd:66:35:
8b:e9:ef:60:bc:d9:ff:b5:a6:ee:04:42:40:77:12:9b:9d:8d:
c3:ba:78:99:d6:46:53:7c:25:5b:bf:34:77:91:ee:75:1e:0b:
59:1a:6f:cc:7d:e8:22:62:71:1c:c5:dc:e3:40:79:33:80:67:
e3:bd:34:4a:e3:09:97:0f:f8:48:f3:27:4a:17:32:ee:56:81:
6b:f5:fa:f5:3c:a3:c2:07:c5:f6:70:d6:bc:d2:ae:40:f8:b8:
e1:a6:cc:96:83:6a:56:af:8b:57:a1:fc:d2:80:bf:d8:cd:b0:
45:52:13:db:2a:10:de:7e:8a:57:da:14:bf:07:e7:f5:61:b7:
05:7d:9c:72:7f:82:77:06:d7:75:4f:ed:8f:a5:db:4c:d6:9c:
14:cf:4c:52:8b:9b:d5:84:5c:0d:be:47:22:8a:3e:f1:a1:8f:
2d:3e:89:ed:39:e2:ad:58:9f:67:4a:b5:58:1b:08:4b:72:72:
27:85:2a:ab:c9:3b:2c:cf:ed:6a:a2:1e:73:76:18:17:53:9e:
b3:5e:80:13:9d:e6:73:ca:80:98:8e:c0:62:5f:fb:a4:fb:9c:
b8:49:dd:0e:8e:2f:18:5b:2f:07:5e:5f:3e:6d:9b:35:e4:a6:
07:ad:85:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv7XMFRh6oZY+M2Xu65Y1qtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMTIzMDg0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWY5NGMzZDk3OTM3ZWMwMTJlOTg4NWFkNDIzNWQzM2VkODQxNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDf53l2GOw2/ha2bG40YumZwP4Eo
bJYzSuslwx4qTDTNxq0Z2QBvQC0a53fVSv602vaqeBTW5ZUadNZ12ATRkEnVgHjP
zvoW834yL6Et3cLUL7p1NFIloUff1WM8Wx2Lw8O0MyLSrbazH7///Ed0DuqeS2Fg
+E56U10pd0W12fMopGnYzCziE/q8bqU6vhMxWNgfb0vlj60GJw7jdxt89CSKv/hH
rKYfNXb8B8JTt9vjb1KMaExe+chy+zAqRAxTNXWPzbl3fQbK1DuXxFLUZpjPpgKz
2D5qMekjuyINQeKiNuSk8ypJH/ACrK51FhTt8C73sGyBzIg7Fq8MbwjuBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOX5TD2Xk37AEumIWtQjXTPthBU6MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvNWZsTVBaZVRmc0FTNlloYTFDTmRNLTJFRlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABTkgAwQA
BTknAwQAudQxMA0GCSqGSIb3DQEBCwUAA4IBAQAGC0yMbtzxYphb/7lRxd3dZjWL
6e9gvNn/tabuBEJAdxKbnY3DuniZ1kZTfCVbvzR3ke51HgtZGm/MfegiYnEcxdzj
QHkzgGfjvTRK4wmXD/hI8ydKFzLuVoFr9fr1PKPCB8X2cNa80q5A+LjhpsyWg2pW
r4tXofzSgL/YzbBFUhPbKhDefopX2hS/B+f1YbcFfZxyf4J3Btd1T+2PpdtM1pwU
z0xSi5vVhFwNvkciij7xoY8tPontOeKtWJ9nSrVYGwhLcnInhSqryTssz+1qoh5z
dhgXU56zXoATneZzyoCYjsBiX/uk+5y4Sd0Oji8YWy8HXl8+bZs15KYHrYUR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:09 2024 by rpki-client on console-ams.rpki-client.org