Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/aHVJTLUTbJy-Nsr0P_ESju2D7mc.roa
File: aHVJTLUTbJy-Nsr0P_ESju2D7mc.roa (raw, json)
Hash identifier: Qn/TEX2qeOC7cFQr90awWfr5gSMiEOPoTUXEZMOVNKg=
Subject key identifier: 68:75:49:4C:B5:13:6C:9C:BE:36:CA:F4:3F:F1:12:8E:ED:83:EE:67
Certificate issuer: /CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Certificate serial: 01856B77CF257F0CEC75D3FB9A1A8D528D13
Authority key identifier: D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/aHVJTLUTbJy-Nsr0P_ESju2D7mc.roa
Signing time: Sun 01 Jan 2023 03:54:51 +0000
ROA not before: Sun 01 Jan 2023 03:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 5.44.72.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:cf:25:7f:0c:ec:75:d3:fb:9a:1a:8d:52:8d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Validity
Not Before: Jan 1 03:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6875494cb5136c9cbe36caf43ff1128eed83ee67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:55:5f:64:49:80:0c:e2:5e:09:41:64:e4:
6e:23:76:d4:68:af:fc:94:a6:a7:a8:97:dd:ef:ce:
79:b2:4c:66:73:ad:0a:08:cc:89:b0:2d:62:5d:9e:
74:e9:2e:a5:cb:2b:c0:36:9d:8e:9f:f2:a2:67:3b:
f0:c5:b2:40:85:17:a4:d3:37:76:66:07:3d:63:e4:
72:e6:a5:3e:6e:c1:dc:e3:00:00:80:00:a8:d3:4a:
f9:72:27:7d:b9:60:a5:47:5e:a1:48:2b:a2:f2:a9:
41:47:f1:ea:e4:0a:5e:30:0a:a8:01:94:5b:55:c6:
7a:c8:01:3e:59:03:2d:42:44:71:43:4b:3e:82:f9:
9f:06:e2:14:73:aa:d1:e7:9b:6f:43:ec:5f:4d:23:
0a:1a:e3:ae:dc:69:d5:c7:d0:82:db:7d:98:d6:96:
ce:e6:1e:9e:43:c2:09:98:02:02:2a:b9:7f:18:6e:
b1:94:ce:d2:19:be:c4:72:91:b9:03:64:e2:93:28:
1b:00:d6:6b:94:08:6d:22:a8:d7:9b:a2:12:01:17:
c6:89:33:e5:88:7b:86:6c:3e:f4:f9:d4:ae:ae:70:
73:9b:4d:99:bd:19:a0:cb:27:f1:09:4a:42:ef:80:
ab:ad:70:c8:04:16:2c:11:b8:c1:e7:0c:ea:25:a9:
41:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:75:49:4C:B5:13:6C:9C:BE:36:CA:F4:3F:F1:12:8E:ED:83:EE:67
X509v3 Authority Key Identifier:
keyid:D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/aHVJTLUTbJy-Nsr0P_ESju2D7mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.72.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:f9:fb:75:0b:22:68:82:d6:25:7c:4b:69:70:62:7b:3c:d3:
c1:e0:a7:41:d2:fa:48:ac:5c:cc:e0:fa:95:27:0f:f1:84:cf:
10:dc:8d:1e:63:e2:72:4a:78:40:19:87:91:db:db:c7:1b:87:
5a:16:c5:db:63:36:93:b9:82:07:34:47:a3:b1:b2:5b:54:7b:
09:5d:f6:26:3d:46:ab:96:33:3b:8b:27:38:73:b4:58:ac:8f:
b0:d2:a8:a8:51:32:dd:47:08:72:50:c9:9f:41:7b:1d:6b:4d:
ad:26:20:8f:6d:4a:bb:4f:ed:ac:41:10:40:4a:62:38:6e:d0:
8a:88:45:aa:c4:fd:da:35:63:ec:61:47:ad:c8:61:7d:17:1b:
64:4e:6b:3c:14:f1:ba:89:13:3e:08:e5:30:07:62:b6:9b:da:
2d:17:0e:88:88:79:44:28:56:4b:d6:a8:05:0d:51:be:e8:ee:
8e:60:72:25:33:58:de:c1:bb:f4:0b:a2:31:4e:1c:e4:fc:d4:
e5:68:bb:f7:ea:c6:00:95:5c:fc:b1:09:44:fd:1b:b1:e4:ef:
69:07:84:84:a7:40:7d:01:b2:c0:1c:29:bc:d2:07:77:3b:52:
18:35:a6:be:14:65:5f:56:09:aa:41:e7:32:3b:7a:22:84:f7:
6c:ba:5f:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrd88lfwzsddP7mhqNUo0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RjMzVlYmNkODhkZDBlMmE4ZGIzYTVhMDg2NTRiYzNi
ZTAyNjIwHhcNMjMwMTAxMDM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc1NDk0Y2I1MTM2YzljYmUzNmNhZjQzZmYxMTI4ZWVkODNlZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSVVX2RJgAziXglBZORuI3bUaK/8
lKanqJfd7855skxmc60KCMyJsC1iXZ506S6lyyvANp2On/KiZzvwxbJAhRek0zd2
Zgc9Y+Ry5qU+bsHc4wAAgACo00r5cid9uWClR16hSCui8qlBR/Hq5ApeMAqoAZRb
VcZ6yAE+WQMtQkRxQ0s+gvmfBuIUc6rR55tvQ+xfTSMKGuOu3GnVx9CC232Y1pbO
5h6eQ8IJmAICKrl/GG6xlM7SGb7EcpG5A2TikygbANZrlAhtIqjXm6ISARfGiTPl
iHuGbD70+dSurnBzm02ZvRmgyyfxCUpC74CrrXDIBBYsEbjB5wzqJalBRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh1SUy1E2ycvjbK9D/xEo7tg+5nMB8GA1UdIwQY
MBaAFNB9w1682I3Q4qjbOloIZUvDvgJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEt
Y2JhYTQyYTYyNzI3LzEvYUhWSlRMVVRiSnktTnNyMFBfRVNqdTJEN21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEtY2JhYTQyYTYyNzI3
LzEvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSxIMA0G
CSqGSIb3DQEBCwUAA4IBAQC7+ft1CyJogtYlfEtpcGJ7PNPB4KdB0vpIrFzM4PqV
Jw/xhM8Q3I0eY+JySnhAGYeR29vHG4daFsXbYzaTuYIHNEejsbJbVHsJXfYmPUar
ljM7iyc4c7RYrI+w0qioUTLdRwhyUMmfQXsda02tJiCPbUq7T+2sQRBASmI4btCK
iEWqxP3aNWPsYUetyGF9FxtkTms8FPG6iRM+COUwB2K2m9otFw6IiHlEKFZL1qgF
DVG+6O6OYHIlM1jewbv0C6IxThzk/NTlaLv36sYAlVz8sQlE/Rux5O9pB4SEp0B9
AbLAHCm80gd3O1IYNaa+FGVfVgmqQecyO3oihPdsul8b
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:43 2024 by rpki-client on console-ams.rpki-client.org