Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/P0VprxenG8u1AqRNSO12NQpMgSw.roa
File: P0VprxenG8u1AqRNSO12NQpMgSw.roa (raw, json)
Hash identifier: KjROK2XvuLErZAfit8G56IJmftc/mOwNJn72Ybvg20Q=
Subject key identifier: 3F:45:69:AF:17:A7:1B:CB:B5:02:A4:4D:48:ED:76:35:0A:4C:81:2C
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 018570C2DEFED4F11B37CB161D26AA05F0EA
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/P0VprxenG8u1AqRNSO12NQpMgSw.roa
Signing time: Mon 02 Jan 2023 04:34:57 +0000
ROA not before: Mon 02 Jan 2023 04:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47215
IP address blocks: 5.28.40.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:de:fe:d4:f1:1b:37:cb:16:1d:26:aa:05:f0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Jan 2 04:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f4569af17a71bcbb502a44d48ed76350a4c812c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6a:0a:e4:42:7e:d5:11:02:88:93:c0:3e:12:
d3:62:78:d6:a7:3a:29:2d:7e:5e:b2:47:6b:07:b0:
72:b7:12:56:84:49:f1:51:28:ab:38:25:91:28:7c:
57:d0:fe:55:3b:4c:de:5d:f8:1e:30:3a:ef:cd:22:
3e:ce:b9:d1:56:5f:a2:74:e0:9f:70:61:ac:76:79:
6b:dd:b3:d5:73:cf:74:ab:72:a3:78:39:8e:c7:6c:
1c:08:aa:9f:af:90:5b:dd:2a:d9:3e:ed:9a:2b:0d:
ac:bb:02:31:51:00:4e:51:d0:b8:62:fa:91:56:8a:
89:7a:50:13:69:60:55:38:ee:69:31:f2:3c:49:ca:
61:66:cd:40:f2:01:16:f1:f7:6e:17:79:be:77:1b:
82:2e:47:a7:a0:a7:a5:65:f5:fa:3d:99:e5:07:75:
6a:5b:a3:68:cf:03:3f:e0:df:09:88:8f:c5:77:32:
70:2d:61:b6:ef:cc:22:6d:e1:6b:f3:e1:b1:89:5d:
e9:c2:ae:d9:d3:3b:31:dc:34:cc:ed:b9:0e:96:78:
91:83:ba:a1:18:8f:76:1c:31:c7:61:5d:45:a3:18:
6c:48:a8:70:66:8d:d3:d7:06:b0:15:49:5f:20:e9:
04:6b:6d:4a:68:53:ee:6e:66:64:13:2e:49:cc:0a:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:45:69:AF:17:A7:1B:CB:B5:02:A4:4D:48:ED:76:35:0A:4C:81:2C
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/P0VprxenG8u1AqRNSO12NQpMgSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
33:6c:ad:f7:3b:b8:4c:64:ac:d8:1a:89:34:2c:67:63:26:38:
de:c6:60:2e:e7:29:a2:fd:16:56:c8:91:26:37:12:4f:48:24:
8a:96:77:e2:1d:85:7b:cd:be:6d:95:96:2b:49:94:c8:55:f6:
06:98:cc:99:ca:4f:d3:37:ea:0f:e5:43:0a:41:58:66:3a:ba:
26:b0:d5:26:01:ab:12:94:c3:5b:9e:e5:36:cf:4e:31:a6:f1:
fe:ee:c4:59:7b:66:28:13:b2:44:9a:a5:d9:45:89:ff:a7:03:
ee:25:54:db:62:79:93:ad:a0:9b:15:1e:79:4e:3a:65:94:ac:
e6:85:19:50:9c:84:bc:a8:ce:23:a9:00:34:c5:8b:bc:3d:e4:
2c:8f:88:37:88:bc:6a:70:b6:26:e6:70:e4:9c:47:52:7f:01:
c9:f3:5d:45:88:d9:8a:6e:7b:e0:8c:0d:dc:2e:8c:a0:be:8a:
f2:c5:20:26:15:9a:db:0f:c6:f3:0e:a4:13:68:22:55:a2:8c:
fd:4f:b7:4f:b8:e5:4f:2b:d9:2a:ee:f8:2c:83:58:f3:89:af:
78:1e:e8:6c:5a:22:21:15:dc:8e:83:5f:09:15:ac:d7:92:ee:
26:3d:7f:b3:c6:8d:b9:65:c9:b5:fe:4e:2e:23:fe:c3:0b:b9:
f5:1e:fd:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwt7+1PEbN8sWHSaqBfDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjMwMTAyMDQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQ1NjlhZjE3YTcxYmNiYjUwMmE0NGQ0OGVkNzYzNTBhNGM4MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGoK5EJ+1RECiJPAPhLTYnjWpzop
LX5eskdrB7BytxJWhEnxUSirOCWRKHxX0P5VO0zeXfgeMDrvzSI+zrnRVl+idOCf
cGGsdnlr3bPVc890q3KjeDmOx2wcCKqfr5Bb3SrZPu2aKw2suwIxUQBOUdC4YvqR
VoqJelATaWBVOO5pMfI8ScphZs1A8gEW8fduF3m+dxuCLkenoKelZfX6PZnlB3Vq
W6NozwM/4N8JiI/FdzJwLWG278wibeFr8+GxiV3pwq7Z0zsx3DTM7bkOlniRg7qh
GI92HDHHYV1FoxhsSKhwZo3T1wawFUlfIOkEa21KaFPubmZkEy5JzAp4HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9Faa8XpxvLtQKkTUjtdjUKTIEsMB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvUDBWcHJ4ZW5HOHUxQXFSTlNPMTJOUXBNZ1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBRwoMA0G
CSqGSIb3DQEBCwUAA4IBAQAzbK33O7hMZKzYGok0LGdjJjjexmAu5ymi/RZWyJEm
NxJPSCSKlnfiHYV7zb5tlZYrSZTIVfYGmMyZyk/TN+oP5UMKQVhmOromsNUmAasS
lMNbnuU2z04xpvH+7sRZe2YoE7JEmqXZRYn/pwPuJVTbYnmTraCbFR55TjpllKzm
hRlQnIS8qM4jqQA0xYu8PeQsj4g3iLxqcLYm5nDknEdSfwHJ811FiNmKbnvgjA3c
LoygvoryxSAmFZrbD8bzDqQTaCJVooz9T7dPuOVPK9kq7vgsg1jzia94HuhsWiIh
FdyOg18JFazXku4mPX+zxo25Zcm1/k4uI/7DC7n1Hv3u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:28 2024 by rpki-client on console-fra.rpki-client.org