Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/kgY9nVTshLGOa_m1lRoFjnsgATs.roa
File: kgY9nVTshLGOa_m1lRoFjnsgATs.roa (raw, json)
Hash identifier: XQo23qOzBv129cpJ7OJGEo84BknrJzN1OKcTrAWqo88=
Subject key identifier: 92:06:3D:9D:54:EC:84:B1:8E:6B:F9:B5:95:1A:05:8E:7B:20:01:3B
Certificate issuer: /CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Certificate serial: 018963CCC808B44D3672AACF7196CFFC38D6
Authority key identifier: 56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/kgY9nVTshLGOa_m1lRoFjnsgATs.roa
Signing time: Mon 17 Jul 2023 12:21:52 +0000
ROA not before: Mon 17 Jul 2023 12:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58208
IP address blocks: 5.42.152.0/22 maxlen: 22
5.42.153.0/24 maxlen: 24
5.42.159.0/24 maxlen: 24
2a01:45c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 26 Nov 2023 21:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:cc:c8:08:b4:4d:36:72:aa:cf:71:96:cf:fc:38:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Validity
Not Before: Jul 17 12:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92063d9d54ec84b18e6bf9b5951a058e7b20013b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:65:c9:b1:97:d9:4e:37:18:e1:76:4d:c8:e8:
73:d5:5b:a8:6f:f9:13:5e:d0:64:41:da:44:22:a1:
7c:30:02:6e:56:9b:8b:0e:14:db:6a:2a:45:07:30:
a8:bf:b5:ca:72:17:42:87:da:06:2c:2a:5b:a6:69:
33:01:be:88:80:a3:b3:c7:3e:05:b0:cc:d9:64:20:
a1:06:9f:6d:af:b0:1a:a8:51:b7:36:c1:16:36:23:
5a:bd:89:a4:0d:46:ce:48:24:25:e2:28:64:40:c2:
c9:3e:e1:f1:12:80:bd:7f:a1:f6:4f:a5:d8:f6:55:
c5:08:87:48:59:b4:02:2f:71:ab:b1:76:71:38:92:
39:e3:3f:46:84:d8:1e:1e:c4:59:dc:c8:00:c7:ca:
09:bd:03:6f:a3:2d:91:68:1e:c1:04:87:44:9d:f5:
d6:1e:e8:e6:db:64:3b:99:e5:d5:db:7c:92:1f:02:
8f:fa:ec:e3:1c:23:5c:e2:03:69:27:d3:c9:5d:40:
3f:af:d6:60:c5:43:fd:63:40:9e:e5:d6:dd:fa:1f:
ec:03:74:26:f1:54:8f:1e:69:17:86:73:ba:97:2c:
70:9c:00:66:5f:bc:9e:78:1c:3e:12:a8:9d:24:c8:
88:d4:7b:23:10:0e:c0:6c:07:5c:84:c0:42:81:4a:
1d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:06:3D:9D:54:EC:84:B1:8E:6B:F9:B5:95:1A:05:8E:7B:20:01:3B
X509v3 Authority Key Identifier:
keyid:56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/kgY9nVTshLGOa_m1lRoFjnsgATs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/VnrJvwvpHgpIZk7ItqZ3CVeiECA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.152.0/22
5.42.159.0/24
IPv6:
2a01:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:d6:91:a7:3a:e4:28:1a:f5:ab:3c:21:c3:84:4e:20:f6:0c:
cc:b4:d0:39:94:62:1a:f0:a0:20:5a:b0:7f:dd:18:f1:e0:85:
85:14:11:73:b3:31:84:50:f2:d3:13:e2:1b:8d:d5:30:a3:e2:
9c:fc:18:d3:bb:b7:01:79:9a:b5:77:3b:d3:58:40:bc:29:98:
78:82:7f:50:57:be:e8:09:b5:0d:63:76:11:42:39:6f:91:f1:
ed:97:1c:ce:ff:9a:88:e9:b5:cc:d6:bf:bc:a3:a8:b8:a7:33:
02:31:12:9d:7c:11:a7:61:b1:ee:18:d6:65:38:f0:ff:e7:95:
ea:0d:54:23:dc:15:e8:bc:ba:b2:f5:4f:89:0c:69:98:69:d6:
52:78:66:5b:e8:87:5f:24:a8:3b:6c:df:93:b4:1a:93:38:dd:
35:a8:f0:05:82:1b:13:b1:b9:cd:25:ec:a1:da:f0:fe:17:cc:
b4:33:02:1b:0d:5e:a6:75:ff:80:ec:26:f8:29:ba:1f:d6:b3:
68:5c:b8:98:4d:95:be:0b:03:37:f6:68:83:55:80:b1:6a:84:
b9:9f:d0:d3:e2:c7:89:87:60:86:35:2c:5a:cf:42:7e:13:ec:
e9:01:6f:e7:41:c4:97:6c:92:8d:89:e3:f5:34:b8:4b:00:0c:
bc:64:2d:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYljzMgItE02cqrPcZbP/DjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2N2FjOWJmMGJlOTFlMGE0ODY2NGVjOGI2YTY3NzA5NTdh
MjEwMjAwHhcNMjMwNzE3MTIyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA2M2Q5ZDU0ZWM4NGIxOGU2YmY5YjU5NTFhMDU4ZTdiMjAwMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGXJsZfZTjcY4XZNyOhz1Vuob/kT
XtBkQdpEIqF8MAJuVpuLDhTbaipFBzCov7XKchdCh9oGLCpbpmkzAb6IgKOzxz4F
sMzZZCChBp9tr7AaqFG3NsEWNiNavYmkDUbOSCQl4ihkQMLJPuHxEoC9f6H2T6XY
9lXFCIdIWbQCL3GrsXZxOJI54z9GhNgeHsRZ3MgAx8oJvQNvoy2RaB7BBIdEnfXW
Hujm22Q7meXV23ySHwKP+uzjHCNc4gNpJ9PJXUA/r9ZgxUP9Y0Ce5dbd+h/sA3Qm
8VSPHmkXhnO6lyxwnABmX7yeeBw+EqidJMiI1HsjEA7AbAdchMBCgUodwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJIGPZ1U7ISxjmv5tZUaBY57IAE7MB8GA1UdIwQY
MBaAFFZ6yb8L6R4KSGZOyLamdwlXohAgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUt
MDE4ODljYzAzZWJhLzEva2dZOW5WVHNoTEdPYV9tMWxSb0ZqbnNnQVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUtMDE4ODljYzAzZWJh
LzEvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBSqYAwQA
BSqfMA0EAgACMAcDBQAqAUXAMA0GCSqGSIb3DQEBCwUAA4IBAQB/1pGnOuQoGvWr
PCHDhE4g9gzMtNA5lGIa8KAgWrB/3Rjx4IWFFBFzszGEUPLTE+IbjdUwo+Kc/BjT
u7cBeZq1dzvTWEC8KZh4gn9QV77oCbUNY3YRQjlvkfHtlxzO/5qI6bXM1r+8o6i4
pzMCMRKdfBGnYbHuGNZlOPD/55XqDVQj3BXovLqy9U+JDGmYadZSeGZb6IdfJKg7
bN+TtBqTON01qPAFghsTsbnNJeyh2vD+F8y0MwIbDV6mdf+A7Cb4Kbof1rNoXLiY
TZW+CwM39miDVYCxaoS5n9DT4seJh2CGNSxaz0J+E+zpAW/nQcSXbJKNieP1NLhL
AAy8ZC1U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:14 2024 by rpki-client on console-ams.rpki-client.org