Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/kvsquSQkb-QpVhHWJT3UvAUj7P0.roa
File: kvsquSQkb-QpVhHWJT3UvAUj7P0.roa (raw, json)
Hash identifier: fi6kAcIIfH4beFbQXTTo3KjOAR92+E4wEjwjAE3N8uM=
Subject key identifier: 92:FB:2A:B9:24:24:6F:E4:29:56:11:D6:25:3D:D4:BC:05:23:EC:FD
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 018A6A08AC642608E906C4D1C53DBAF2548B
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/kvsquSQkb-QpVhHWJT3UvAUj7P0.roa
Signing time: Wed 06 Sep 2023 10:27:47 +0000
ROA not before: Wed 06 Sep 2023 10:27:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57099
IP address blocks: 5.181.57.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 07:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:08:ac:64:26:08:e9:06:c4:d1:c5:3d:ba:f2:54:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Sep 6 10:27:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92fb2ab924246fe4295611d6253dd4bc0523ecfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:b7:b5:9f:37:9a:e6:47:91:04:79:60:a3:
e5:e8:24:3f:60:e2:7a:5d:0c:86:21:b5:6b:fb:2e:
ed:df:85:73:8e:0b:c1:c9:2a:5d:ca:9f:ff:1b:5a:
ba:15:47:2d:3f:bb:b0:2a:d3:f4:2d:53:de:47:90:
2e:57:4e:fa:0e:5e:dd:3e:04:33:e7:c5:3b:78:ab:
08:f8:f1:bf:e6:54:d4:99:46:82:a5:6f:e2:28:4f:
2e:47:6f:77:c4:65:71:3b:20:20:9a:05:d0:16:90:
8e:0e:d5:de:a1:db:86:07:06:b8:9f:07:9b:69:1c:
8d:47:a4:71:5d:2c:9f:c9:a4:69:a5:36:b5:12:57:
9d:6d:a4:c6:11:dc:55:eb:d7:e5:6e:70:8b:f7:44:
cf:0a:c6:5d:77:2d:e3:7b:f7:2c:40:ec:50:d6:23:
c4:fa:36:16:8e:94:36:50:53:2e:69:8f:a4:c6:a4:
26:f3:47:a6:d4:e9:3d:3f:ed:5d:6f:69:8e:44:89:
6a:70:7b:9e:da:0d:02:28:49:37:35:ac:2e:de:73:
a3:a1:83:66:e8:29:e0:85:9d:c6:43:12:37:97:a1:
71:f3:30:db:e6:4f:c8:70:16:9b:2c:44:d5:44:e5:
e6:f5:bf:a5:d6:2d:e0:4d:fc:ef:8e:aa:36:d5:99:
4c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FB:2A:B9:24:24:6F:E4:29:56:11:D6:25:3D:D4:BC:05:23:EC:FD
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/kvsquSQkb-QpVhHWJT3UvAUj7P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.56.0/22
Signature Algorithm: sha256WithRSAEncryption
95:87:f8:5f:7d:68:fa:c6:99:08:66:ea:15:5e:e3:c6:a6:a9:
84:9d:68:04:2a:1f:14:03:b9:bc:85:35:e4:d8:38:fe:c2:52:
43:f0:4b:b1:21:85:10:d7:7d:3d:a5:84:d4:c3:8b:2b:2a:fd:
69:55:ea:05:7f:65:25:03:4c:84:cd:e0:b9:c4:e4:73:f7:22:
e0:7f:5b:c1:39:8e:91:8c:5b:97:38:5d:11:93:17:5e:76:6f:
8a:c1:d7:f5:e4:7c:e3:c2:da:f6:61:4f:ee:81:ce:ce:76:41:
23:b5:35:e3:6d:8c:64:36:e1:49:96:be:2f:b9:a0:e8:1b:d3:
26:e3:ac:57:4f:33:5d:6e:d8:7d:84:b6:64:80:24:04:12:29:
36:d8:8b:95:4f:ea:5e:69:d1:c2:40:7c:d7:7c:c4:8f:0a:14:
0f:c7:9c:f4:6d:c4:d6:61:ac:f6:1a:66:93:bd:c8:31:14:6f:
8c:bb:cd:ab:60:02:c3:9b:e9:77:b4:96:ec:d1:ce:e0:f4:8f:
af:bc:0f:8d:e4:75:22:17:68:81:2f:0d:2e:b3:5e:7f:ad:0b:
7d:f7:4b:93:ba:c4:20:d8:d1:7a:d0:ba:b2:4f:1e:f4:7d:00:
40:b5:e8:d6:8a:b3:66:c2:d1:2e:8c:ae:0c:87:ea:90:f5:a5:
a6:78:50:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpqCKxkJgjpBsTRxT268lSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjMwOTA2MTAyNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZiMmFiOTI0MjQ2ZmU0Mjk1NjExZDYyNTNkZDRiYzA1MjNlY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4a3tZ83muZHkQR5YKPl6CQ/YOJ6
XQyGIbVr+y7t34VzjgvBySpdyp//G1q6FUctP7uwKtP0LVPeR5AuV076Dl7dPgQz
58U7eKsI+PG/5lTUmUaCpW/iKE8uR293xGVxOyAgmgXQFpCODtXeoduGBwa4nweb
aRyNR6RxXSyfyaRppTa1EledbaTGEdxV69flbnCL90TPCsZddy3je/csQOxQ1iPE
+jYWjpQ2UFMuaY+kxqQm80em1Ok9P+1db2mORIlqcHue2g0CKEk3Nawu3nOjoYNm
6CnghZ3GQxI3l6Fx8zDb5k/IcBabLETVROXm9b+l1i3gTfzvjqo21ZlMlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJL7KrkkJG/kKVYR1iU91LwFI+z9MB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEva3ZzcXVTUWtiLVFwVmhIV0pUM1V2QVVqN1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVh/hffWj6xpkIZuoVXuPGpqmEnWgEKh8UA7m8hTXk
2Dj+wlJD8EuxIYUQ1309pYTUw4srKv1pVeoFf2UlA0yEzeC5xORz9yLgf1vBOY6R
jFuXOF0Rkxdedm+Kwdf15Hzjwtr2YU/ugc7OdkEjtTXjbYxkNuFJlr4vuaDoG9Mm
46xXTzNdbth9hLZkgCQEEik22IuVT+peadHCQHzXfMSPChQPx5z0bcTWYaz2GmaT
vcgxFG+Mu82rYALDm+l3tJbs0c7g9I+vvA+N5HUiF2iBLw0us15/rQt990uTusQg
2NF60LqyTx70fQBAtejWirNmwtEujK4Mh+qQ9aWmeFDX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:11 2024 by rpki-client on console-ams.rpki-client.org