Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/31fNPczKCBbDi7qsA-5sfkszpPA.roa
File: 31fNPczKCBbDi7qsA-5sfkszpPA.roa (raw, json)
Hash identifier: eSNzg4FD6Dt8YdL7C7goTXS4xJdMRZ44lNL0KbauWwM=
Subject key identifier: DF:57:CD:3D:CC:CA:08:16:C3:8B:BA:AC:03:EE:6C:7E:4B:33:A4:F0
Certificate issuer: /CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Certificate serial: 018CBA27C70FE9BF98504EDAA87144F55B50
Authority key identifier: E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/31fNPczKCBbDi7qsA-5sfkszpPA.roa
Signing time: Sat 30 Dec 2023 09:56:58 +0000
ROA not before: Sat 30 Dec 2023 09:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58141
IP address blocks: 5.34.232.0/24 maxlen: 24
5.34.233.0/24 maxlen: 24
5.34.232.0/21 maxlen: 21
5.34.235.0/24 maxlen: 24
5.34.234.0/24 maxlen: 24
5.34.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:27:c7:0f:e9:bf:98:50:4e:da:a8:71:44:f5:5b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Validity
Not Before: Dec 30 09:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df57cd3dccca0816c38bbaac03ee6c7e4b33a4f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e4:1b:dc:2b:95:a5:b5:65:86:2d:bf:06:3a:
52:af:3b:bf:62:30:81:44:bc:9c:56:68:bc:2d:fe:
26:16:e8:10:1c:d4:f4:71:dd:64:74:9c:cf:ed:f7:
08:5c:4f:3c:cb:c7:d5:db:89:87:8f:90:8c:2d:cf:
f4:19:8d:bb:04:9e:32:7f:ac:8c:47:45:18:9b:94:
60:a9:0c:f4:84:f1:c4:c0:66:de:3e:95:23:56:12:
e6:a2:64:df:0d:42:07:e1:c8:fd:aa:0c:8b:cc:6f:
45:33:b9:69:de:62:47:36:2b:a6:e3:96:55:1d:02:
e0:56:40:f0:e7:c7:5d:52:f3:67:ac:7e:89:49:db:
eb:8d:ae:45:2e:24:24:cb:cf:04:0a:48:b2:50:6e:
b6:6b:c3:de:cc:ff:de:bb:36:8c:40:fc:5d:da:37:
ce:fd:2f:34:e8:ba:b7:18:44:0b:28:33:ab:27:08:
96:cd:c0:35:e7:fd:4d:a0:d6:3e:31:27:c3:ac:23:
fd:8f:46:4e:12:cc:31:9c:70:c2:e5:10:fb:35:a1:
26:69:03:1f:31:4a:7a:f9:34:9d:38:f8:89:8f:9d:
f7:a4:72:61:41:23:47:61:b4:e4:3e:a3:96:73:e1:
b9:95:12:81:7b:cc:d4:19:99:4f:c8:d9:62:9e:68:
8c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:57:CD:3D:CC:CA:08:16:C3:8B:BA:AC:03:EE:6C:7E:4B:33:A4:F0
X509v3 Authority Key Identifier:
keyid:E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/31fNPczKCBbDi7qsA-5sfkszpPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.232.0/21
Signature Algorithm: sha256WithRSAEncryption
98:a7:bd:dd:21:b4:6e:58:7e:83:96:a4:9d:01:5f:24:b3:b8:
34:b2:94:db:40:e2:a4:cf:b5:5c:6c:75:5b:a4:ea:a2:59:ad:
3b:0a:de:a5:f9:2c:1d:7e:0f:a8:60:aa:f6:71:c6:45:96:9a:
ed:66:03:32:19:56:85:86:44:9f:cb:b1:19:41:78:5f:7b:4a:
e1:ca:f1:4c:57:88:79:06:6b:03:44:27:0a:7e:84:0d:e0:44:
a2:3e:a5:ec:79:1c:5d:1f:4a:d1:e0:20:62:51:76:4b:9b:f4:
94:7f:9e:5a:1f:40:44:78:f7:f4:47:c5:26:a7:4b:12:3e:a5:
42:41:b5:bd:22:f0:96:53:6b:f4:01:4b:87:de:6f:db:c8:96:
7c:1c:6b:be:ca:8e:4f:eb:2d:24:40:86:57:a8:9f:2e:59:72:
a6:24:7a:da:6f:40:ab:d4:55:6e:a3:a9:c1:44:ac:9f:19:a7:
9d:7a:e7:49:a0:8a:d1:dc:20:6d:34:09:e9:02:5f:c8:48:0a:
45:94:06:82:98:70:fa:44:29:4c:62:fc:35:c1:e2:90:ca:d5:
6e:66:30:c6:59:36:f9:a1:e5:4a:b7:d0:5e:91:7e:54:2c:93:
12:11:a7:87:18:b9:0b:65:33:69:2b:44:82:d7:33:7f:db:94:
4a:4c:8f:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy6J8cP6b+YUE7aqHFE9VtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTllZTc0ZjJkOTg0Yzg4YWIzYjk5YWU3MWQwYjdjN2Jh
ZjgxNTAwHhcNMjMxMjMwMDk1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjU3Y2QzZGNjY2EwODE2YzM4YmJhYWMwM2VlNmM3ZTRiMzNhNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OQb3CuVpbVlhi2/BjpSrzu/YjCB
RLycVmi8Lf4mFugQHNT0cd1kdJzP7fcIXE88y8fV24mHj5CMLc/0GY27BJ4yf6yM
R0UYm5RgqQz0hPHEwGbePpUjVhLmomTfDUIH4cj9qgyLzG9FM7lp3mJHNium45ZV
HQLgVkDw58ddUvNnrH6JSdvrja5FLiQky88ECkiyUG62a8PezP/euzaMQPxd2jfO
/S806Lq3GEQLKDOrJwiWzcA15/1NoNY+MSfDrCP9j0ZOEswxnHDC5RD7NaEmaQMf
MUp6+TSdOPiJj533pHJhQSNHYbTkPqOWc+G5lRKBe8zUGZlPyNlinmiMCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9XzT3MyggWw4u6rAPubH5LM6TwMB8GA1UdIwQY
MBaAFOSp7nTy2YTIirO5mucdC3x7r4FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgt
ZDJjMGJlNDQ4NTYxLzEvMzFmTlBjektDQmJEaTdxc0EtNXNma3N6cFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgtZDJjMGJlNDQ4NTYx
LzEvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSLoMA0G
CSqGSIb3DQEBCwUAA4IBAQCYp73dIbRuWH6DlqSdAV8ks7g0spTbQOKkz7VcbHVb
pOqiWa07Ct6l+Swdfg+oYKr2ccZFlprtZgMyGVaFhkSfy7EZQXhfe0rhyvFMV4h5
BmsDRCcKfoQN4ESiPqXseRxdH0rR4CBiUXZLm/SUf55aH0BEePf0R8Ump0sSPqVC
QbW9IvCWU2v0AUuH3m/byJZ8HGu+yo5P6y0kQIZXqJ8uWXKmJHrab0Cr1FVuo6nB
RKyfGaedeudJoIrR3CBtNAnpAl/ISApFlAaCmHD6RClMYvw1weKQytVuZjDGWTb5
oeVKt9BekX5ULJMSEaeHGLkLZTNpK0SC1zN/25RKTI+t
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:15 2024 by rpki-client on console-ams.rpki-client.org