Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/jCa3Cpi0Fsh3LRDrBg-DxIQvx3E.roa
File: jCa3Cpi0Fsh3LRDrBg-DxIQvx3E.roa (raw, json)
Hash identifier: xwJZ422OzvEjLTWO1JvC1QkjsgJMsnDYSHyn8xLIZLk=
Subject key identifier: 8C:26:B7:0A:98:B4:16:C8:77:2D:10:EB:06:0F:83:C4:84:2F:C7:71
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CCA2874AE60D2EB435484804CBA870B7A
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/jCa3Cpi0Fsh3LRDrBg-DxIQvx3E.roa
Signing time: Tue 02 Jan 2024 12:31:38 +0000
ROA not before: Tue 02 Jan 2024 12:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 5.57.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 18:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:74:ae:60:d2:eb:43:54:84:80:4c:ba:87:0b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 2 12:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c26b70a98b416c8772d10eb060f83c4842fc771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9c:ac:60:9e:90:1b:3d:6a:bb:b4:d8:49:15:
17:03:e0:4a:d6:f4:22:39:2c:60:a9:84:d2:6e:21:
18:a3:5e:67:1c:48:3a:39:f8:68:3a:1f:16:bc:d9:
ef:00:43:f6:02:b1:3b:a4:9c:37:d3:b0:3e:e5:4e:
c8:70:c8:b7:61:d3:53:b7:4f:4f:4c:84:d2:c8:d2:
46:49:1d:23:3f:ab:bd:3b:b1:a0:e5:17:e5:3e:9d:
f8:5c:d9:19:79:d3:3c:98:e9:f9:af:46:94:b5:4c:
63:ab:ef:31:39:29:bb:02:fa:86:48:e9:6a:f2:1f:
e1:d4:57:d3:01:1b:7f:70:e3:c8:6f:a7:68:44:a5:
01:2c:46:93:d5:94:27:64:5c:93:ad:36:5e:d9:40:
c1:a5:c1:be:37:06:5a:c4:34:74:28:8c:20:2f:02:
3a:30:9a:54:fb:a4:9d:6e:b8:6f:0e:ca:9f:28:20:
75:f0:73:61:21:53:44:2e:0d:50:d2:7d:e5:88:60:
7e:dc:50:5c:7e:a1:ba:83:91:c7:4c:4e:0e:a8:c1:
7b:28:32:36:76:7f:62:9e:e9:ff:a8:a4:80:ca:c7:
ff:00:b7:3a:0c:83:31:76:d2:95:f8:47:19:b7:fe:
12:db:e0:b4:7a:b9:19:36:17:59:92:26:62:95:50:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:26:B7:0A:98:B4:16:C8:77:2D:10:EB:06:0F:83:C4:84:2F:C7:71
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/jCa3Cpi0Fsh3LRDrBg-DxIQvx3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.33.0/24
Signature Algorithm: sha256WithRSAEncryption
78:2a:76:d8:e7:95:89:5b:cb:63:d8:26:33:f2:c4:cf:24:42:
5a:eb:4f:e9:e8:60:11:d6:d3:76:65:3b:3a:ca:27:43:0b:95:
76:dc:34:82:49:39:9f:60:8e:42:a8:a6:31:2e:ef:b2:d9:3f:
94:00:0d:20:6f:45:d8:0e:66:32:d4:bc:ac:60:39:51:5a:1d:
75:07:a4:29:b5:fd:0c:04:0f:9c:a0:04:7b:c2:87:3f:2c:cd:
1f:f7:6b:49:bc:4e:73:82:56:fd:84:9d:67:45:7b:54:8a:7b:
0b:47:57:b4:e5:f1:17:29:0f:74:c7:5d:d1:9b:d5:96:63:d4:
03:f3:97:af:1a:53:3d:d1:72:d9:39:b7:a3:0e:3f:a1:8a:f3:
f8:c4:c0:00:c4:48:8a:88:c3:75:dc:1c:ca:29:fd:fa:f6:e6:
c5:28:9d:21:99:63:13:12:7f:6c:66:da:48:6b:80:45:09:57:
7b:8a:ef:b0:ad:3b:76:d4:56:a8:83:24:c0:ce:80:b8:3f:e8:
44:99:ec:6d:41:f6:88:24:9a:51:88:14:f1:92:08:a3:b3:26:
79:22:ba:e2:e1:57:94:a7:60:55:54:84:e4:a4:2a:64:6f:7e:
da:90:53:55:ee:60:d9:7f:af:b0:d4:b6:f7:78:7c:6a:c1:4b:
66:74:9e:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKHSuYNLrQ1SEgEy6hwt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAyMTIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzI2YjcwYTk4YjQxNmM4NzcyZDEwZWIwNjBmODNjNDg0MmZjNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JysYJ6QGz1qu7TYSRUXA+BK1vQi
OSxgqYTSbiEYo15nHEg6OfhoOh8WvNnvAEP2ArE7pJw307A+5U7IcMi3YdNTt09P
TITSyNJGSR0jP6u9O7Gg5RflPp34XNkZedM8mOn5r0aUtUxjq+8xOSm7AvqGSOlq
8h/h1FfTARt/cOPIb6doRKUBLEaT1ZQnZFyTrTZe2UDBpcG+NwZaxDR0KIwgLwI6
MJpU+6SdbrhvDsqfKCB18HNhIVNELg1Q0n3liGB+3FBcfqG6g5HHTE4OqMF7KDI2
dn9inun/qKSAysf/ALc6DIMxdtKV+EcZt/4S2+C0erkZNhdZkiZilVDCGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwmtwqYtBbIdy0Q6wYPg8SEL8dxMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvakNhM0NwaTBGc2gzTFJEckJnLUR4SVF2eDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTkhMA0G
CSqGSIb3DQEBCwUAA4IBAQB4KnbY55WJW8tj2CYz8sTPJEJa60/p6GAR1tN2ZTs6
yidDC5V23DSCSTmfYI5CqKYxLu+y2T+UAA0gb0XYDmYy1LysYDlRWh11B6Qptf0M
BA+coAR7woc/LM0f92tJvE5zglb9hJ1nRXtUinsLR1e05fEXKQ90x13Rm9WWY9QD
85evGlM90XLZObejDj+hivP4xMAAxEiKiMN13BzKKf369ubFKJ0hmWMTEn9sZtpI
a4BFCVd7iu+wrTt21FaogyTAzoC4P+hEmextQfaIJJpRiBTxkgijsyZ5Irri4VeU
p2BVVITkpCpkb37akFNV7mDZf6+w1Lb3eHxqwUtmdJ7K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:58 2025 by rpki-client