Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/jA3N0dS8G6Qe2E0yDadjjsrfxGQ.roa
File: jA3N0dS8G6Qe2E0yDadjjsrfxGQ.roa (raw, json)
Hash identifier: U4+QKzlerQ95N1Es4efFBp7PxDedq3AwxD8Wilk22FI=
Subject key identifier: 8C:0D:CD:D1:D4:BC:1B:A4:1E:D8:4D:32:0D:A7:63:8E:CA:DF:C4:64
Certificate issuer: /CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Certificate serial: 01856E26619C4066550352D46E2CFBE10B37
Authority key identifier: 8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/jA3N0dS8G6Qe2E0yDadjjsrfxGQ.roa
Signing time: Sun 01 Jan 2023 16:24:47 +0000
ROA not before: Sun 01 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60609
IP address blocks: 5.158.223.0/24 maxlen: 24
5.158.221.0/24 maxlen: 24
5.158.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:61:9c:40:66:55:03:52:d4:6e:2c:fb:e1:0b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Validity
Not Before: Jan 1 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c0dcdd1d4bc1ba41ed84d320da7638ecadfc464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c8:2f:8d:1e:ee:f2:aa:5f:8d:36:22:63:f3:
4b:d2:6d:c0:7a:0f:02:71:2e:d6:5e:b9:9e:1b:e6:
35:71:72:f0:ab:d6:56:bc:76:c6:5a:16:47:0f:a8:
8c:16:13:61:a8:7b:4d:e8:65:8a:fa:6e:3b:06:cd:
74:64:ab:48:e1:5d:c7:9e:8e:48:1f:fa:f8:d7:e4:
b2:39:f1:a1:0c:86:73:39:8c:f9:61:da:45:31:a1:
9b:16:1b:02:00:ea:51:63:ac:f0:7e:91:32:5c:89:
05:b5:9d:9a:40:0f:6d:95:fa:2d:0c:24:46:76:8e:
ef:71:e7:2b:dd:08:9a:03:02:33:82:7e:84:7e:a1:
b6:5e:a6:ca:fe:ac:e3:68:2e:91:33:86:47:e0:ed:
6b:f2:fc:34:20:37:30:bc:9e:c4:29:62:35:b5:e1:
39:01:19:1c:e8:bc:73:eb:39:61:62:2f:9f:8e:6e:
7a:cb:48:76:c1:96:c7:98:f0:8a:e1:81:50:bf:20:
53:be:f2:54:38:9b:c2:df:2e:59:1c:fc:fc:0e:87:
69:7d:42:74:6a:c7:38:de:20:bd:64:fb:7a:f6:da:
ad:25:34:1b:4d:19:1c:c3:91:05:1b:63:80:24:7c:
c2:47:81:1c:bd:40:4e:1c:fb:cb:d3:87:25:f7:02:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0D:CD:D1:D4:BC:1B:A4:1E:D8:4D:32:0D:A7:63:8E:CA:DF:C4:64
X509v3 Authority Key Identifier:
keyid:8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/jA3N0dS8G6Qe2E0yDadjjsrfxGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.221.0-5.158.223.255
Signature Algorithm: sha256WithRSAEncryption
8a:50:92:c4:5a:e0:25:ae:cb:f7:14:2a:72:43:4a:c6:74:33:
57:56:c7:29:2b:1d:5d:9f:af:f5:d5:61:73:18:69:51:49:4d:
d4:cf:5d:1a:41:14:83:ec:85:ef:ae:71:f3:dc:12:0e:d3:0e:
b8:39:db:7c:ab:da:e5:9c:8c:3a:65:cc:62:5e:36:48:89:2b:
ea:53:14:48:3c:a2:dd:a7:31:64:14:92:2c:81:46:a0:79:c9:
5b:f2:3f:4a:d0:ba:dd:93:d2:04:65:85:f7:f9:19:5e:da:4b:
20:58:8f:46:d2:a0:94:1c:23:82:c7:77:bf:2e:1f:6c:49:5b:
35:96:d2:04:11:ea:61:5b:43:a9:aa:e7:d5:9e:cf:4d:7f:fc:
51:9d:2b:d1:3f:35:8d:9e:f6:29:aa:d5:6f:65:d2:86:66:de:
ea:cc:d0:58:86:41:50:d2:3e:db:bf:93:60:ef:5f:44:ce:15:
8e:3c:bc:88:fc:19:88:ff:38:80:4b:2d:ff:0e:d8:29:33:9f:
0f:2f:ed:1c:3e:8d:25:16:4c:98:0b:c6:10:b8:40:9a:9d:10:
42:fb:6b:8e:9d:58:d4:93:40:9a:d6:8f:09:08:45:08:1e:9f:
b8:49:4c:69:82:02:f3:66:f5:8f:8f:95:b9:74:5d:1f:45:6a:
90:80:8c:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuJmGcQGZVA1LUbiz74Qs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDQ3YmFhOWFhNmUwYTIwYWQ5OTVhNzljMmE4ZGU2MDRm
OWFhMzcwHhcNMjMwMTAxMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBkY2RkMWQ0YmMxYmE0MWVkODRkMzIwZGE3NjM4ZWNhZGZjNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8gvjR7u8qpfjTYiY/NL0m3Aeg8C
cS7WXrmeG+Y1cXLwq9ZWvHbGWhZHD6iMFhNhqHtN6GWK+m47Bs10ZKtI4V3Hno5I
H/r41+SyOfGhDIZzOYz5YdpFMaGbFhsCAOpRY6zwfpEyXIkFtZ2aQA9tlfotDCRG
do7vcecr3QiaAwIzgn6EfqG2XqbK/qzjaC6RM4ZH4O1r8vw0IDcwvJ7EKWI1teE5
ARkc6Lxz6zlhYi+fjm56y0h2wZbHmPCK4YFQvyBTvvJUOJvC3y5ZHPz8DodpfUJ0
asc43iC9ZPt69tqtJTQbTRkcw5EFG2OAJHzCR4EcvUBOHPvL04cl9wJw1QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIwNzdHUvBukHthNMg2nY47K38RkMB8GA1UdIwQY
MBaAFIrUe6qapuCiCtmVp5wqjeYE+ao3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEt
ZjAxYTJmNThlZjg4LzEvakEzTjBkUzhHNlFlMkUweURhZGpqc3JmeEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEtZjAxYTJmNThlZjg4
LzEvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFnt0D
BAUFnsAwDQYJKoZIhvcNAQELBQADggEBAIpQksRa4CWuy/cUKnJDSsZ0M1dWxykr
HV2fr/XVYXMYaVFJTdTPXRpBFIPshe+ucfPcEg7TDrg523yr2uWcjDplzGJeNkiJ
K+pTFEg8ot2nMWQUkiyBRqB5yVvyP0rQut2T0gRlhff5GV7aSyBYj0bSoJQcI4LH
d78uH2xJWzWW0gQR6mFbQ6mq59Wez01//FGdK9E/NY2e9imq1W9l0oZm3urM0FiG
QVDSPtu/k2DvX0TOFY48vIj8GYj/OIBLLf8O2Ckznw8v7Rw+jSUWTJgLxhC4QJqd
EEL7a46dWNSTQJrWjwkIRQgen7hJTGmCAvNm9Y+Plbl0XR9FapCAjNk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:09 2024 by rpki-client on console-ams.rpki-client.org