Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/u7-dPSrkAJMt73LPxcARTAl0e84.roa
File: u7-dPSrkAJMt73LPxcARTAl0e84.roa (raw, json)
Hash identifier: qXxZ7n9IyO058YAXo2py6d1BL3LUKaWtwL6J8rBUQqc=
Subject key identifier: BB:BF:9D:3D:2A:E4:00:93:2D:EF:72:CF:C5:C0:11:4C:09:74:7B:CE
Certificate issuer: /CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Certificate serial: 018CC50147A76CE2FAB139BD8617FBDA72A2
Authority key identifier: 56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/u7-dPSrkAJMt73LPxcARTAl0e84.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34549
IP address blocks: 5.42.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 09:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:47:a7:6c:e2:fa:b1:39:bd:86:17:fb:da:72:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbbf9d3d2ae400932def72cfc5c0114c09747bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:d9:1f:5b:97:65:3b:89:63:4a:03:58:72:
a8:27:ce:a1:4d:fb:dc:8c:e0:45:14:b8:0d:96:d8:
cc:9e:99:b7:af:05:9e:38:a3:15:54:52:fc:89:49:
d4:a7:ab:97:51:23:bb:43:fb:66:80:36:13:a4:75:
e7:ad:ae:55:33:a5:e6:72:85:b4:2b:0e:32:75:66:
f5:fa:ca:c2:2d:e2:ac:8d:42:9b:7d:c0:68:66:8d:
81:7f:67:56:18:69:b6:7d:32:79:e3:38:d2:df:53:
df:85:ed:75:82:fe:ab:19:bd:3c:dd:7c:a6:99:55:
a0:9b:f0:b7:c8:01:f2:de:7d:94:92:00:9b:ae:60:
3c:7f:3b:ba:6c:00:b6:6e:56:fa:95:62:6d:8b:3d:
30:ea:f7:71:46:91:9d:b4:34:b8:3b:a1:e3:a6:72:
77:42:8b:f7:a7:d2:65:59:d2:2d:3f:84:f9:21:c7:
d6:92:30:7a:28:f5:b8:97:4d:8c:35:ac:3b:14:f0:
c9:dc:37:30:94:36:07:be:87:f8:24:f6:69:e0:b5:
b4:b9:4e:2e:c5:95:71:1a:1d:8c:86:f9:34:2c:b5:
ae:3e:36:9d:0d:8e:2d:8a:46:7b:4f:7f:98:63:f8:
2e:b5:64:c2:be:46:d1:16:88:9d:d0:ae:34:5f:51:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BF:9D:3D:2A:E4:00:93:2D:EF:72:CF:C5:C0:11:4C:09:74:7B:CE
X509v3 Authority Key Identifier:
keyid:56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/u7-dPSrkAJMt73LPxcARTAl0e84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/VnrJvwvpHgpIZk7ItqZ3CVeiECA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.156.0/23
Signature Algorithm: sha256WithRSAEncryption
04:7d:7d:a8:3c:48:cf:98:3d:15:41:20:e6:a2:c3:8a:39:a0:
d3:85:98:39:d1:d9:9a:8c:a3:9c:b6:62:85:e8:c6:56:f8:56:
fb:19:51:f0:f0:c7:d1:56:82:61:3f:c4:54:59:83:dd:ff:42:
4d:a6:ad:ec:d4:6f:8e:c1:fa:ed:e4:3c:99:89:10:97:88:1c:
b0:86:f8:60:4a:78:dd:ac:d7:63:d2:9e:38:0c:5f:9a:f8:8f:
1d:ee:ed:05:44:42:64:1e:ff:55:87:b1:d9:e3:9e:37:27:47:
b0:d5:d5:77:5d:ae:87:65:1b:fd:9e:2a:65:81:e1:90:7c:05:
5f:b1:fe:2f:e5:d2:cf:e9:7c:5c:6d:75:ad:63:ab:55:86:b4:
22:d8:8d:0b:d2:61:5a:3b:72:5d:84:06:7d:5a:83:b7:40:d4:
a4:32:9d:8a:66:ac:50:a7:3d:c5:cb:c8:54:e2:a6:52:0c:00:
21:5e:0e:76:67:16:ce:e2:d5:b9:23:28:c3:4f:ee:1f:72:e3:
e0:9d:7b:21:60:d1:37:78:e6:59:3b:a4:39:65:71:15:a3:d2:
69:fb:5a:f3:9f:6c:e0:63:88:fe:20:d2:61:e1:44:0c:d3:f0:
bf:31:fc:8d:1a:96:dd:98:e9:13:d2:58:19:65:e9:78:d3:80:
06:81:a9:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUenbOL6sTm9hhf72nKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2N2FjOWJmMGJlOTFlMGE0ODY2NGVjOGI2YTY3NzA5NTdh
MjEwMjAwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJmOWQzZDJhZTQwMDkzMmRlZjcyY2ZjNWMwMTE0YzA5NzQ3YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqfZH1uXZTuJY0oDWHKoJ86hTfvc
jOBFFLgNltjMnpm3rwWeOKMVVFL8iUnUp6uXUSO7Q/tmgDYTpHXnra5VM6XmcoW0
Kw4ydWb1+srCLeKsjUKbfcBoZo2Bf2dWGGm2fTJ54zjS31Pfhe11gv6rGb083Xym
mVWgm/C3yAHy3n2UkgCbrmA8fzu6bAC2blb6lWJtiz0w6vdxRpGdtDS4O6HjpnJ3
Qov3p9JlWdItP4T5IcfWkjB6KPW4l02MNaw7FPDJ3DcwlDYHvof4JPZp4LW0uU4u
xZVxGh2Mhvk0LLWuPjadDY4tikZ7T3+YY/gutWTCvkbRFoid0K40X1HkkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLu/nT0q5ACTLe9yz8XAEUwJdHvOMB8GA1UdIwQY
MBaAFFZ6yb8L6R4KSGZOyLamdwlXohAgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUt
MDE4ODljYzAzZWJhLzEvdTctZFBTcmtBSk10NzNMUHhjQVJUQWwwZTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUtMDE4ODljYzAzZWJh
LzEvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBSqcMA0G
CSqGSIb3DQEBCwUAA4IBAQAEfX2oPEjPmD0VQSDmosOKOaDThZg50dmajKOctmKF
6MZW+Fb7GVHw8MfRVoJhP8RUWYPd/0JNpq3s1G+Owfrt5DyZiRCXiBywhvhgSnjd
rNdj0p44DF+a+I8d7u0FREJkHv9Vh7HZ4543J0ew1dV3Xa6HZRv9niplgeGQfAVf
sf4v5dLP6XxcbXWtY6tVhrQi2I0L0mFaO3JdhAZ9WoO3QNSkMp2KZqxQpz3Fy8hU
4qZSDAAhXg52ZxbO4tW5IyjDT+4fcuPgnXshYNE3eOZZO6Q5ZXEVo9Jp+1rzn2zg
Y4j+INJh4UQM0/C/MfyNGpbdmOkT0lgZZel404AGgaku
-----END CERTIFICATE-----
Generated at Wed Mar 13 13:54:10 2024 by rpki-client on console-ams.rpki-client.org