Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/s5GbYLmaizLhCP9jXYpE6xoQPvQ.roa
File: s5GbYLmaizLhCP9jXYpE6xoQPvQ.roa (raw, json)
Hash identifier: bJtmQm55cSCsDYY/wFff6mEf5WtqYMvC1wy1SdRmMQc=
Subject key identifier: B3:91:9B:60:B9:9A:8B:32:E1:08:FF:63:5D:8A:44:EB:1A:10:3E:F4
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01856BC11CF82C51B5310E5A8C7B6C4A4FFF
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/s5GbYLmaizLhCP9jXYpE6xoQPvQ.roa
Signing time: Sun 01 Jan 2023 05:14:55 +0000
ROA not before: Sun 01 Jan 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 37.19.68.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:1c:f8:2c:51:b5:31:0e:5a:8c:7b:6c:4a:4f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3919b60b99a8b32e108ff635d8a44eb1a103ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:17:eb:93:30:39:9b:68:5c:c9:8e:3e:56:7d:
2f:9b:c2:d0:aa:ef:18:e3:c2:02:b0:a3:76:bc:57:
1a:2a:7b:b7:11:8f:16:e2:10:59:fb:c4:45:8d:4d:
ef:44:4e:8e:56:55:48:5f:03:7a:be:75:54:31:a1:
80:bb:13:ee:f1:2f:41:e0:92:11:7c:5d:79:9c:1d:
4a:3c:f9:a0:11:62:2e:8a:d7:7a:22:63:93:16:2e:
21:36:f0:0a:81:f6:ff:b8:c3:70:aa:44:85:74:55:
f5:44:56:66:4d:ad:07:96:a3:e9:ad:c4:f8:3a:5e:
5b:00:e6:dc:ea:4f:21:52:bc:e2:23:a4:2e:63:36:
8e:b5:18:d3:bf:6c:d5:4d:c9:18:c7:d9:be:09:bf:
2a:88:7e:26:64:9e:cb:50:0f:1a:d9:8c:b6:32:bf:
d8:f3:3d:3b:6a:a8:67:3f:88:9d:e4:7b:7d:38:62:
92:ac:6f:bb:23:ef:97:03:bc:29:2d:d7:5e:42:f5:
1a:cd:f9:f8:bd:63:12:d2:87:9d:fd:91:a0:00:69:
95:57:d9:cb:92:4d:f0:c4:2c:34:96:c5:72:fa:08:
d4:ed:c9:8b:68:1a:f6:7e:80:2e:32:7f:a8:24:c6:
a9:93:1f:99:0a:f5:67:c8:8d:22:8b:2e:ff:ca:aa:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:91:9B:60:B9:9A:8B:32:E1:08:FF:63:5D:8A:44:EB:1A:10:3E:F4
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/s5GbYLmaizLhCP9jXYpE6xoQPvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.68.0/22
Signature Algorithm: sha256WithRSAEncryption
07:d7:8d:39:07:9c:4f:e2:b5:69:e1:4f:7d:b1:8d:e1:e0:2b:
46:4a:b3:27:6b:72:c2:93:69:cd:58:57:42:ac:46:50:49:df:
df:14:cb:5e:cd:fa:cf:70:f2:a1:05:16:8a:a3:ea:d5:65:de:
42:10:9a:e2:9b:c1:13:d4:6a:5a:d4:43:04:34:77:1d:82:83:
d0:fe:fe:12:62:67:e0:7c:90:92:05:40:5a:9f:bd:45:3b:63:
d1:ff:e7:85:e6:f6:5f:c5:6c:e5:d8:05:eb:e3:cc:56:41:ab:
63:57:64:83:fe:a9:70:b8:f4:6c:df:e6:9d:2a:dd:0f:8b:e3:
02:71:b4:d7:d1:29:0d:1a:dc:ae:c5:8c:07:a4:66:94:8b:9a:
9e:c2:12:16:43:ec:23:6f:72:57:fe:7c:76:d3:90:f4:a7:89:
61:70:89:0f:f0:f2:c7:65:f1:6d:d1:cd:00:ff:3e:4c:96:f5:
5a:ba:76:51:6b:d9:6b:19:60:8f:fd:1b:99:1c:09:b6:f8:89:
7c:24:a6:39:c9:32:86:8b:dc:2e:6a:d4:3c:bd:dc:94:f4:1f:
88:cc:63:77:83:bb:91:d1:a6:e4:2d:f6:0e:0a:bc:c8:b7:7c:
f7:df:ed:72:50:ed:ee:02:65:5d:e6:68:02:9c:94:70:84:9c:
14:14:b2:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRz4LFG1MQ5ajHtsSk//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkxOWI2MGI5OWE4YjMyZTEwOGZmNjM1ZDhhNDRlYjFhMTAzZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRfrkzA5m2hcyY4+Vn0vm8LQqu8Y
48ICsKN2vFcaKnu3EY8W4hBZ+8RFjU3vRE6OVlVIXwN6vnVUMaGAuxPu8S9B4JIR
fF15nB1KPPmgEWIuitd6ImOTFi4hNvAKgfb/uMNwqkSFdFX1RFZmTa0HlqPprcT4
Ol5bAObc6k8hUrziI6QuYzaOtRjTv2zVTckYx9m+Cb8qiH4mZJ7LUA8a2Yy2Mr/Y
8z07aqhnP4id5Ht9OGKSrG+7I++XA7wpLddeQvUazfn4vWMS0oed/ZGgAGmVV9nL
kk3wxCw0lsVy+gjU7cmLaBr2foAuMn+oJMapkx+ZCvVnyI0iiy7/yqqnqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLORm2C5mosy4Qj/Y12KROsaED70MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvczVHYllMbWFpekxoQ1A5alhZcEU2eG9RUHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRNEMA0G
CSqGSIb3DQEBCwUAA4IBAQAH1405B5xP4rVp4U99sY3h4CtGSrMna3LCk2nNWFdC
rEZQSd/fFMtezfrPcPKhBRaKo+rVZd5CEJrim8ET1Gpa1EMENHcdgoPQ/v4SYmfg
fJCSBUBan71FO2PR/+eF5vZfxWzl2AXr48xWQatjV2SD/qlwuPRs3+adKt0Pi+MC
cbTX0SkNGtyuxYwHpGaUi5qewhIWQ+wjb3JX/nx205D0p4lhcIkP8PLHZfFt0c0A
/z5MlvVaunZRa9lrGWCP/RuZHAm2+Il8JKY5yTKGi9wuatQ8vdyU9B+IzGN3g7uR
0abkLfYOCrzIt3z33+1yUO3uAmVd5mgCnJRwhJwUFLI7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:30 2023 by rpki-client on console-ams.rpki-client.org