Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/FqsujqFiTecOK1q3cRbLp1UeEPc.roa
File: FqsujqFiTecOK1q3cRbLp1UeEPc.roa (raw, json)
Hash identifier: uBGXOfFOd9WPZeESUEK0ItPwEP+yzMVRPbu58y4l5+c=
Subject key identifier: 16:AB:2E:8E:A1:62:4D:E7:0E:2B:5A:B7:71:16:CB:A7:55:1E:10:F7
Certificate issuer: /CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Certificate serial: 018963CCC7DB232428D6C9AB5ADD2DCCF52F
Authority key identifier: 56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/FqsujqFiTecOK1q3cRbLp1UeEPc.roa
Signing time: Mon 17 Jul 2023 12:21:52 +0000
ROA not before: Mon 17 Jul 2023 12:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 5.42.156.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:cc:c7:db:23:24:28:d6:c9:ab:5a:dd:2d:cc:f5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Validity
Not Before: Jul 17 12:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16ab2e8ea1624de70e2b5ab77116cba7551e10f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ea:d4:54:ba:c6:88:62:df:88:4e:f9:78:9a:
50:af:56:e4:b1:3b:2c:c7:1e:b5:b3:fd:33:ba:36:
e3:a8:ca:f2:e6:5c:66:7f:f7:a2:0e:ab:a7:42:91:
b4:51:dc:a3:f5:0d:a7:8b:ce:30:3d:15:c5:fe:c4:
8e:5b:f5:88:99:68:b9:e7:35:af:b6:78:11:98:26:
7c:d4:41:f4:42:44:52:58:09:6e:6b:f1:d0:d6:25:
85:2e:7e:91:ae:4e:16:a4:30:28:52:98:2d:e2:9c:
91:b7:ea:dc:9a:bc:45:26:c0:90:78:61:8c:4d:5f:
ca:65:ea:a7:44:2d:80:9f:a6:8c:8b:e8:0f:bf:37:
83:da:d4:3b:c2:83:dd:bb:11:86:ff:b0:d4:2f:c0:
44:70:13:14:d1:5a:09:dd:75:47:b1:a5:92:6b:ed:
80:fb:3d:50:b9:8d:00:f7:90:0a:16:e6:1d:61:f3:
40:66:23:28:3f:a9:42:d0:d3:1f:68:47:83:f9:78:
5e:4a:a2:f8:6f:f6:fc:a9:c5:c7:f4:90:cd:71:f3:
08:45:22:83:bb:f6:16:7a:4c:bf:18:38:13:4d:2f:
4f:67:e1:7f:b9:f7:c8:22:f3:5f:52:76:82:79:02:
25:e7:34:61:42:c1:09:72:3b:02:7e:46:fd:e4:4d:
46:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:AB:2E:8E:A1:62:4D:E7:0E:2B:5A:B7:71:16:CB:A7:55:1E:10:F7
X509v3 Authority Key Identifier:
keyid:56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/FqsujqFiTecOK1q3cRbLp1UeEPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/VnrJvwvpHgpIZk7ItqZ3CVeiECA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.156.0/23
Signature Algorithm: sha256WithRSAEncryption
57:f7:87:32:19:da:a1:32:96:b5:93:96:f0:40:1d:c4:96:a0:
08:0a:67:c9:03:22:42:30:0f:b0:8e:26:c7:21:e3:97:dd:24:
26:0f:62:3e:5e:3b:fb:1f:a6:2e:18:27:4c:a3:7c:f2:32:b5:
48:cd:2d:d9:94:88:27:ab:6e:56:85:86:81:54:e1:0c:11:15:
fa:b4:28:32:62:94:69:65:37:16:84:e1:ea:6b:51:2c:34:c1:
75:8a:e7:1b:30:a8:4f:c6:17:ac:7d:3d:58:15:5a:42:d9:e5:
7d:3b:40:47:c0:53:77:74:5f:93:5f:47:03:88:f6:45:1d:b9:
00:c8:21:00:ac:f5:5e:e1:e9:ab:30:25:f9:c9:5d:79:d1:be:
ac:cd:14:7e:83:05:e2:e0:c7:3c:3a:7f:54:9e:4c:ef:7f:ec:
5d:1d:24:f6:f0:bb:fa:95:62:2a:5d:59:2e:29:1f:c7:41:ef:
86:dd:bd:5d:9e:33:7d:ab:5a:6f:31:16:09:99:10:c3:73:11:
15:c7:cf:b7:ac:40:38:ff:b1:f3:11:87:81:95:a7:ef:03:a0:
57:4b:76:28:08:a6:0b:4b:78:3a:2c:e6:6f:61:dc:62:d9:34:
e4:29:b2:c3:54:9f:b9:57:b2:b3:19:6f:b7:2f:59:85:42:fc:
48:99:1e:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYljzMfbIyQo1smrWt0tzPUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2N2FjOWJmMGJlOTFlMGE0ODY2NGVjOGI2YTY3NzA5NTdh
MjEwMjAwHhcNMjMwNzE3MTIyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmFiMmU4ZWExNjI0ZGU3MGUyYjVhYjc3MTE2Y2JhNzU1MWUxMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+rUVLrGiGLfiE75eJpQr1bksTss
xx61s/0zujbjqMry5lxmf/eiDqunQpG0Udyj9Q2ni84wPRXF/sSOW/WImWi55zWv
tngRmCZ81EH0QkRSWAlua/HQ1iWFLn6Rrk4WpDAoUpgt4pyRt+rcmrxFJsCQeGGM
TV/KZeqnRC2An6aMi+gPvzeD2tQ7woPduxGG/7DUL8BEcBMU0VoJ3XVHsaWSa+2A
+z1QuY0A95AKFuYdYfNAZiMoP6lC0NMfaEeD+XheSqL4b/b8qcXH9JDNcfMIRSKD
u/YWeky/GDgTTS9PZ+F/uffIIvNfUnaCeQIl5zRhQsEJcjsCfkb95E1GEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBarLo6hYk3nDitat3EWy6dVHhD3MB8GA1UdIwQY
MBaAFFZ6yb8L6R4KSGZOyLamdwlXohAgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUt
MDE4ODljYzAzZWJhLzEvRnFzdWpxRmlUZWNPSzFxM2NSYkxwMVVlRVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUtMDE4ODljYzAzZWJh
LzEvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBSqcMA0G
CSqGSIb3DQEBCwUAA4IBAQBX94cyGdqhMpa1k5bwQB3ElqAICmfJAyJCMA+wjibH
IeOX3SQmD2I+Xjv7H6YuGCdMo3zyMrVIzS3ZlIgnq25WhYaBVOEMERX6tCgyYpRp
ZTcWhOHqa1EsNMF1iucbMKhPxhesfT1YFVpC2eV9O0BHwFN3dF+TX0cDiPZFHbkA
yCEArPVe4emrMCX5yV150b6szRR+gwXi4Mc8On9Unkzvf+xdHST28Lv6lWIqXVku
KR/HQe+G3b1dnjN9q1pvMRYJmRDDcxEVx8+3rEA4/7HzEYeBlafvA6BXS3YoCKYL
S3g6LOZvYdxi2TTkKbLDVJ+5V7KzGW+3L1mFQvxImR7j
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:10 2024 by rpki-client on console-ams.rpki-client.org