Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5_Ae3Giyj58YtEefaTUYmKtfwwA.roa
File: 5_Ae3Giyj58YtEefaTUYmKtfwwA.roa (raw, json)
Hash identifier: G2/249m42GEMCjZjQxh7EUxlFS6EoPI9QTNpy+EUJD0=
Subject key identifier: E7:F0:1E:DC:68:B2:8F:9F:18:B4:47:9F:69:35:18:98:AB:5F:C3:00
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 018A3CA3734C73C1E724F1082D8142D59C4C
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5_Ae3Giyj58YtEefaTUYmKtfwwA.roa
Signing time: Mon 28 Aug 2023 14:54:19 +0000
ROA not before: Mon 28 Aug 2023 14:54:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
192.109.47.0/24 maxlen: 24
2a0f:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:a3:73:4c:73:c1:e7:24:f1:08:2d:81:42:d5:9c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Aug 28 14:54:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f01edc68b28f9f18b4479f69351898ab5fc300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:b4:04:a2:76:ee:15:7e:38:4b:65:6c:1e:
62:92:67:d9:3f:df:ae:05:24:f4:f9:0d:10:3c:18:
40:30:b8:df:0c:02:a7:7d:82:6d:b1:58:22:1b:be:
8b:a1:7e:43:40:30:93:d6:42:54:f1:4b:ab:af:37:
22:3c:02:92:7b:5b:67:ea:2b:08:ec:48:82:dc:7d:
1d:d6:86:79:ff:ee:5c:ac:71:7f:cd:7a:23:6a:29:
15:f5:24:d5:13:49:17:37:b5:a3:47:9d:22:c5:7f:
86:42:6d:f5:27:3a:40:21:40:d9:ca:f4:a9:34:be:
72:dc:aa:9d:71:25:99:ac:9c:22:bc:02:d5:e4:4b:
a0:51:7b:e9:46:5b:3e:59:7d:01:6f:04:7a:51:77:
bf:74:de:42:9c:a9:86:ab:da:45:6c:dd:75:b3:66:
ca:1b:11:02:a5:c7:9d:a9:e5:14:a1:48:65:82:44:
21:20:cc:58:dc:13:27:92:9f:d4:68:23:5f:e6:90:
e9:41:41:a6:41:4a:40:09:ef:d5:a4:64:f1:fd:53:
81:05:08:b1:c9:f0:db:8c:86:8d:7d:da:6b:05:72:
d3:d8:a2:54:ca:93:9b:1c:f9:4e:d3:c2:0f:b4:9a:
eb:2f:41:e1:ef:aa:f9:67:12:9f:08:e2:92:fb:b0:
9e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F0:1E:DC:68:B2:8F:9F:18:B4:47:9F:69:35:18:98:AB:5F:C3:00
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5_Ae3Giyj58YtEefaTUYmKtfwwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
192.109.47.0/24
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
7b:16:e6:13:c6:3b:cc:73:32:91:cb:92:bb:41:4a:29:11:7d:
04:1a:24:2b:fb:ae:66:c6:36:af:66:6f:89:d9:98:40:28:63:
14:a9:7a:f9:1b:ae:29:51:c1:06:9f:77:48:0e:a0:5b:15:70:
4e:73:79:82:ef:de:55:0a:2f:90:4d:f1:48:f7:68:69:b3:81:
de:62:97:8e:42:8b:32:86:c0:7c:52:98:84:ed:fa:57:f6:de:
cc:89:bd:7d:8d:bd:bf:ec:69:0c:cf:3e:9a:d5:cf:7a:35:f6:
7c:77:02:79:ec:cc:26:ab:e8:ce:7f:dd:8e:e2:40:0d:b6:1e:
0c:46:dc:e3:84:22:9e:a7:e6:9a:da:95:11:51:c9:15:e8:34:
57:e3:2b:dc:d8:d6:9f:d1:45:f1:12:c1:fb:32:47:88:e8:93:
00:19:26:ec:32:a3:b0:37:a7:72:ac:f8:9f:ca:9c:82:72:20:
b9:f3:36:b6:f7:af:e1:9d:79:ed:8d:80:cd:b4:e2:4d:e7:60:
e9:99:8f:e6:2e:77:3c:89:48:3b:bf:54:1f:ff:ef:b6:e3:d6:
ca:2d:23:6a:2d:1e:8c:81:5c:0f:1e:78:76:ef:08:74:71:88:
5f:3f:3c:d0:10:7d:41:15:89:6c:b5:ee:79:fd:03:15:2f:92:
80:fc:41:8e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYo8o3NMc8HnJPEILYFC1ZxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjMwODI4MTQ1NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2YwMWVkYzY4YjI4ZjlmMThiNDQ3OWY2OTM1MTg5OGFiNWZjMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVy0BKJ27hV+OEtlbB5ikmfZP9+u
BST0+Q0QPBhAMLjfDAKnfYJtsVgiG76LoX5DQDCT1kJU8UurrzciPAKSe1tn6isI
7EiC3H0d1oZ5/+5crHF/zXojaikV9STVE0kXN7WjR50ixX+GQm31JzpAIUDZyvSp
NL5y3KqdcSWZrJwivALV5EugUXvpRls+WX0BbwR6UXe/dN5CnKmGq9pFbN11s2bK
GxECpcedqeUUoUhlgkQhIMxY3BMnkp/UaCNf5pDpQUGmQUpACe/VpGTx/VOBBQix
yfDbjIaNfdprBXLT2KJUypObHPlO08IPtJrrL0Hh76r5ZxKfCOKS+7CejQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOfwHtxoso+fGLRHn2k1GJirX8MAMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvNV9BZTNHaXlqNThZdEVlZmFUVVltS3Rmd3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwG0eMAwD
BADAbSUDBADAbSYDBADAbS8wDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQAD
ggEBAHsW5hPGO8xzMpHLkrtBSikRfQQaJCv7rmbGNq9mb4nZmEAoYxSpevkbrilR
wQafd0gOoFsVcE5zeYLv3lUKL5BN8Uj3aGmzgd5il45CizKGwHxSmITt+lf23syJ
vX2Nvb/saQzPPprVz3o19nx3AnnszCar6M5/3Y7iQA22HgxG3OOEIp6n5pralRFR
yRXoNFfjK9zY1p/RRfESwfsyR4jokwAZJuwyo7A3p3Ks+J/KnIJyILnzNrb3r+Gd
ee2NgM204k3nYOmZj+YudzyJSDu/VB//77bj1sotI2otHoyBXA8eeHbvCHRxiF8/
PNAQfUEViWy17nn9AxUvkoD8QY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:57 2024 by rpki-client on console-ams.rpki-client.org