Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5ck-7PZe9LD2aZE4daf5y4DYhao.roa
File: 5ck-7PZe9LD2aZE4daf5y4DYhao.roa (raw, json)
Hash identifier: /SnTTP2pPXvvNC7jkWusQfrfrXzArxv+ve6WGJk776k=
Subject key identifier: E5:C9:3E:EC:F6:5E:F4:B0:F6:69:91:38:75:A7:F9:CB:80:D8:85:AA
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019102882E1314B7531978D4226C3E1E72CD
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5ck-7PZe9LD2aZE4daf5y4DYhao.roa
Signing time: Tue 30 Jul 2024 07:26:04 +0000
ROA not before: Tue 30 Jul 2024 07:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
91.218.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 15:45:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:88:2e:13:14:b7:53:19:78:d4:22:6c:3e:1e:72:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jul 30 07:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5c93eecf65ef4b0f669913875a7f9cb80d885aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:f5:22:7b:35:48:35:98:e6:00:0b:ce:d4:
72:e7:25:61:77:0e:f3:17:ab:34:b4:d8:22:0e:77:
66:1f:b8:7d:c7:bf:c1:e5:8d:18:64:1d:63:db:5d:
3d:bc:3f:88:30:a1:f3:f1:80:10:11:4a:65:e9:44:
40:78:2f:16:3f:fc:13:de:cf:67:c8:d4:2e:39:87:
67:97:a8:3c:4c:18:f0:a0:f6:47:91:94:6e:e7:12:
37:92:29:87:0b:3d:21:06:a0:e5:3c:d3:68:ce:b6:
d6:9c:00:2d:04:d8:7e:34:b4:e3:a4:bc:d5:38:2f:
7a:d9:b5:30:6e:32:da:1c:a9:86:60:07:d8:48:05:
b9:2e:96:6f:00:ca:2d:cc:79:ce:3f:60:0a:f7:4c:
99:2a:38:d9:0e:ae:be:3a:64:13:98:e8:a4:2f:cc:
a1:5c:a3:e3:59:66:66:75:48:ef:47:db:fc:a8:40:
ff:ad:62:b0:5b:1f:d0:ff:96:7f:86:92:ec:8e:b5:
2e:55:f3:85:40:8a:06:6e:94:8f:f9:03:e6:54:c9:
80:77:a7:f9:b3:13:32:f2:43:c9:eb:48:45:53:5e:
d2:c4:31:61:7f:b3:4e:19:ac:bc:90:7f:05:d3:90:
8e:66:3e:5f:a4:ed:43:28:d1:78:90:e1:3f:b6:61:
9c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C9:3E:EC:F6:5E:F4:B0:F6:69:91:38:75:A7:F9:CB:80:D8:85:AA
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5ck-7PZe9LD2aZE4daf5y4DYhao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
91.218.142.0/23
Signature Algorithm: sha256WithRSAEncryption
19:46:53:e3:1d:0e:17:44:43:48:19:e6:ea:d5:f8:49:04:d3:
89:e5:a7:ca:c7:a0:f5:b5:e1:20:f5:05:cc:37:ec:40:91:45:
a8:b0:0a:28:44:cf:2d:fb:b8:c5:2e:ee:10:d7:20:4b:ef:0d:
a4:4a:24:79:22:13:ad:98:2b:b2:a2:7a:49:71:e1:9d:47:e3:
90:aa:aa:80:4e:31:f0:bf:17:f5:c0:b9:46:d5:d1:3f:83:96:
1b:89:85:a8:dd:ef:31:f2:a0:c8:0b:7c:d6:a8:e9:7c:f9:d0:
ef:60:36:72:97:88:c9:3e:dd:81:7f:f7:04:cf:3d:43:b8:36:
b6:77:2f:2a:95:30:ee:aa:a7:a6:f8:23:de:c4:af:7b:40:f9:
aa:40:dd:aa:0f:92:2c:d2:16:c1:59:ba:f6:f9:e4:2c:34:22:
d6:66:b7:a3:9b:92:bb:d1:9b:7a:cd:68:97:c5:2c:56:52:49:
a3:68:8b:03:f0:ea:d9:88:17:ec:3e:f7:a7:94:49:16:f7:84:
d1:54:00:9d:6f:dd:4b:19:10:3c:30:fd:07:2b:58:e7:c7:02:
53:da:02:9d:c6:f9:36:96:73:fb:ec:dd:b0:fa:de:88:0e:f6:
d6:12:b6:36:23:a1:2a:31:6b:dd:ba:80:03:b5:98:86:42:d6:
af:9e:6e:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZECiC4TFLdTGXjUImw+HnLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwNzMwMDcyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM5M2VlY2Y2NWVmNGIwZjY2OTkxMzg3NWE3ZjljYjgwZDg4NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5n1Ins1SDWY5gALztRy5yVhdw7z
F6s0tNgiDndmH7h9x7/B5Y0YZB1j2109vD+IMKHz8YAQEUpl6URAeC8WP/wT3s9n
yNQuOYdnl6g8TBjwoPZHkZRu5xI3kimHCz0hBqDlPNNozrbWnAAtBNh+NLTjpLzV
OC962bUwbjLaHKmGYAfYSAW5LpZvAMotzHnOP2AK90yZKjjZDq6+OmQTmOikL8yh
XKPjWWZmdUjvR9v8qED/rWKwWx/Q/5Z/hpLsjrUuVfOFQIoGbpSP+QPmVMmAd6f5
sxMy8kPJ60hFU17SxDFhf7NOGay8kH8F05COZj5fpO1DKNF4kOE/tmGcbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOXJPuz2XvSw9mmROHWn+cuA2IWqMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvNWNrLTdQWmU5TEQyYVpFNGRhZjV5NERZaGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4AgAwQB
W9qOMA0GCSqGSIb3DQEBCwUAA4IBAQAZRlPjHQ4XRENIGebq1fhJBNOJ5afKx6D1
teEg9QXMN+xAkUWosAooRM8t+7jFLu4Q1yBL7w2kSiR5IhOtmCuyonpJceGdR+OQ
qqqATjHwvxf1wLlG1dE/g5YbiYWo3e8x8qDIC3zWqOl8+dDvYDZyl4jJPt2Bf/cE
zz1DuDa2dy8qlTDuqqem+CPexK97QPmqQN2qD5Is0hbBWbr2+eQsNCLWZrejm5K7
0Zt6zWiXxSxWUkmjaIsD8OrZiBfsPvenlEkW94TRVACdb91LGRA8MP0HK1jnxwJT
2gKdxvk2lnP77N2w+t6IDvbWErY2I6EqMWvduoADtZiGQtavnm6z
-----END CERTIFICATE-----
Generated at Tue Aug 13 19:14:40 2024 by rpki-client on console-fra.rpki-client.org