Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/wtZ7sEjp5TWt9y8nOYs9GOA9aUQ.roa
File: wtZ7sEjp5TWt9y8nOYs9GOA9aUQ.roa (raw, json)
Hash identifier: I2GgzskKgYexuCNz4Y4mIshxvb3KPD4Ip7R5LpyeupM=
Subject key identifier: C2:D6:7B:B0:48:E9:E5:35:AD:F7:2F:27:39:8B:3D:18:E0:3D:69:44
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 018CAFA33619B8434B83DF00DBD4B977AFF7
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/wtZ7sEjp5TWt9y8nOYs9GOA9aUQ.roa
Signing time: Thu 28 Dec 2023 08:55:58 +0000
ROA not before: Thu 28 Dec 2023 08:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59796
IP address blocks: 160.79.120.0/24 maxlen: 24
160.79.123.0/24 maxlen: 24
160.79.121.0/24 maxlen: 24
160.79.122.0/24 maxlen: 24
5.252.32.0/24 maxlen: 24
5.252.35.0/24 maxlen: 24
5.252.33.0/24 maxlen: 24
5.252.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:a3:36:19:b8:43:4b:83:df:00:db:d4:b9:77:af:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Dec 28 08:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2d67bb048e9e535adf72f27398b3d18e03d6944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:3d:c9:cb:71:b8:56:f2:33:5e:07:a2:d9:
da:9c:4d:1a:db:e5:21:6c:90:9d:31:bf:aa:50:94:
e7:a5:4e:90:9d:9c:e8:1d:c8:49:2a:03:e1:19:a0:
f0:a2:2d:e6:4e:79:61:98:bf:b9:c3:6e:82:32:92:
d2:9b:9b:0a:01:52:81:b9:b5:d7:9b:bd:a5:64:67:
6d:d7:19:94:8c:64:a8:c0:26:58:37:75:57:be:9a:
c2:ae:c4:ec:c9:b1:30:d9:15:59:6d:f5:9f:ad:1a:
3b:e9:35:27:d8:6e:61:8b:a0:d3:72:2a:12:94:46:
d4:81:72:41:57:44:d7:70:d8:48:c2:66:96:c5:65:
03:42:98:5e:9e:d1:dd:f6:80:5c:6f:fc:03:82:03:
a1:50:e6:7e:9b:85:f3:17:ec:78:57:fa:4b:46:97:
b3:a1:b0:e6:3a:25:b5:bb:6e:48:82:2f:fb:ff:61:
b3:8a:ba:aa:ea:d1:77:09:8f:d7:02:ea:b1:8b:00:
7b:1c:cc:38:05:f5:50:0f:d3:d5:a3:e5:a0:0d:7d:
08:fa:54:55:56:6c:b6:aa:97:b8:96:3c:d9:0c:dd:
6d:09:5d:a8:04:ad:e2:15:4f:99:fc:07:7e:28:9d:
13:94:29:69:c3:a2:40:89:21:02:a2:51:68:87:46:
84:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D6:7B:B0:48:E9:E5:35:AD:F7:2F:27:39:8B:3D:18:E0:3D:69:44
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/wtZ7sEjp5TWt9y8nOYs9GOA9aUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.32.0/22
160.79.120.0/22
Signature Algorithm: sha256WithRSAEncryption
26:b4:02:4f:3d:01:45:2c:8f:c1:96:18:da:87:a7:6e:a7:c5:
1b:b9:b3:23:41:4c:7c:d3:10:d6:fb:87:89:74:d4:60:78:ef:
18:99:ee:00:35:ea:83:90:be:61:83:63:7a:1a:01:56:83:da:
13:43:d7:a9:b7:5c:cb:8b:7e:3e:cb:e9:84:5c:2e:99:09:89:
6f:8a:f7:b9:8b:85:e0:13:09:10:1e:3a:8e:11:98:42:a9:6e:
ff:0f:50:22:3c:94:ec:b2:9b:7b:ad:5e:87:d5:6e:c0:10:50:
2b:e1:5b:d2:a0:85:4e:bf:1f:c7:7e:37:af:6d:e3:fd:bf:97:
8d:a7:f9:fa:64:51:b6:98:48:56:8d:36:8c:c4:7f:2b:91:fb:
6b:9e:86:55:db:92:72:4b:08:7b:7e:05:2d:ad:29:cc:bf:23:
a7:4a:6f:57:9f:c8:d9:b4:94:6b:26:14:0c:88:2e:95:f8:a7:
0e:56:b2:5e:04:bd:48:88:be:b4:fc:73:fc:af:21:db:7b:e9:
45:24:2a:b7:72:ce:94:29:10:b1:6e:99:be:6b:c1:38:14:58:
71:15:25:d7:20:41:b7:3d:ec:dc:8e:8f:a8:f4:96:8d:13:de:
2e:83:24:4b:ea:02:60:c7:5f:52:74:59:ad:bf:a3:a9:9a:8b:
93:02:e1:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyvozYZuENLg98A29S5d6/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjMxMjI4MDg1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ2N2JiMDQ4ZTllNTM1YWRmNzJmMjczOThiM2QxOGUwM2Q2OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsA9yctxuFbyM14HotnanE0a2+Uh
bJCdMb+qUJTnpU6QnZzoHchJKgPhGaDwoi3mTnlhmL+5w26CMpLSm5sKAVKBubXX
m72lZGdt1xmUjGSowCZYN3VXvprCrsTsybEw2RVZbfWfrRo76TUn2G5hi6DTcioS
lEbUgXJBV0TXcNhIwmaWxWUDQphentHd9oBcb/wDggOhUOZ+m4XzF+x4V/pLRpez
obDmOiW1u25Igi/7/2Gzirqq6tF3CY/XAuqxiwB7HMw4BfVQD9PVo+WgDX0I+lRV
Vmy2qpe4ljzZDN1tCV2oBK3iFU+Z/Ad+KJ0TlClpw6JAiSEColFoh0aEUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMLWe7BI6eU1rfcvJzmLPRjgPWlEMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvd3RaN3NFanA1VFd0OXk4bk9ZczlHT0E5YVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfwgAwQC
oE94MA0GCSqGSIb3DQEBCwUAA4IBAQAmtAJPPQFFLI/Blhjah6dup8UbubMjQUx8
0xDW+4eJdNRgeO8Yme4ANeqDkL5hg2N6GgFWg9oTQ9ept1zLi34+y+mEXC6ZCYlv
ive5i4XgEwkQHjqOEZhCqW7/D1AiPJTsspt7rV6H1W7AEFAr4VvSoIVOvx/Hfjev
beP9v5eNp/n6ZFG2mEhWjTaMxH8rkftrnoZV25JySwh7fgUtrSnMvyOnSm9Xn8jZ
tJRrJhQMiC6V+KcOVrJeBL1IiL60/HP8ryHbe+lFJCq3cs6UKRCxbpm+a8E4FFhx
FSXXIEG3Pezcjo+o9JaNE94ugyRL6gJgx19SdFmtv6OpmouTAuE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:25 2024 by rpki-client on console-ams.rpki-client.org