Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5FWFTYjLl3HNhGrPkXkNgy04YeU.roa
File: 5FWFTYjLl3HNhGrPkXkNgy04YeU.roa (raw, json)
Hash identifier: SZNLXjgFY1JzaLzS9rgKD9bqZebxzQ6iLonFf1gkSLA=
Subject key identifier: E4:55:85:4D:88:CB:97:71:CD:84:6A:CF:91:79:0D:83:2D:38:61:E5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189C6E62406A61F6701FB7E459359CA9E80
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5FWFTYjLl3HNhGrPkXkNgy04YeU.roa
Signing time: Sat 05 Aug 2023 18:11:58 +0000
ROA not before: Sat 05 Aug 2023 18:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 203.0.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:e6:24:06:a6:1f:67:01:fb:7e:45:93:59:ca:9e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 5 18:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e455854d88cb9771cd846acf91790d832d3861e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:5a:7c:f7:0d:99:ca:fb:36:da:43:f4:cf:
18:d8:b5:72:0e:20:b4:03:f7:5d:9e:c5:5d:97:ba:
91:d3:05:07:7c:0c:17:bb:2d:2d:93:51:31:ba:19:
0a:a7:66:35:a5:20:8b:12:f6:2c:3c:b8:49:19:5d:
91:ad:0f:d4:f8:d2:0d:66:7f:3e:2d:6d:53:13:f3:
53:47:e0:76:32:82:fa:b9:e0:60:f0:3d:94:ea:7d:
0c:ec:d6:e1:97:69:34:4f:b5:25:f8:4f:d5:0a:d3:
74:a7:03:ea:94:8a:ac:aa:e6:c1:f2:25:8f:4d:dd:
e4:26:4c:a6:af:02:e6:5e:86:42:7f:fc:7d:9c:e8:
d2:e7:98:11:d8:f2:d2:2b:2d:71:2d:84:92:e3:2c:
2b:df:53:07:5b:91:fc:ac:b6:f0:f3:71:98:eb:8b:
88:12:c8:cb:78:9d:87:03:3d:8b:26:fc:12:e4:33:
09:a6:e8:03:10:a6:d0:98:ee:ef:22:ea:b3:f0:9d:
8a:2a:6f:99:d0:03:f3:07:d9:8f:2d:be:07:d6:e0:
3e:f7:a1:4f:e5:2d:3e:79:03:9b:08:39:d0:21:d8:
7f:e3:5c:e0:ae:5e:df:fb:a6:e9:b6:84:0c:56:3d:
c9:b2:7a:c6:e5:bf:2d:3a:08:81:02:3e:84:9e:5d:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:55:85:4D:88:CB:97:71:CD:84:6A:CF:91:79:0D:83:2D:38:61:E5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5FWFTYjLl3HNhGrPkXkNgy04YeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.0.9.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8e:a6:f4:6b:59:68:b4:1c:8a:5f:2f:0f:38:d2:74:48:bf:
64:37:13:36:0b:f8:e0:92:da:45:6c:8d:c8:55:a7:e5:f4:24:
8a:51:b2:c5:23:cf:7c:e6:4c:54:c6:18:bd:fc:b8:16:4b:e4:
8a:cf:12:76:32:0f:e5:2b:2c:0d:57:1c:e1:0d:46:3b:bf:aa:
c8:fd:7c:86:df:bd:41:9f:a0:69:95:b4:22:5d:b8:05:6f:27:
0b:05:26:dc:08:ff:3a:4a:6b:60:82:2a:47:a3:ff:7f:cd:b5:
1c:96:66:05:d8:23:c1:3d:1b:3b:a2:aa:bd:01:3f:e5:f2:6a:
d1:12:47:27:3a:91:91:c8:61:b6:a8:08:bb:ec:de:21:65:28:
85:9f:ec:34:a2:45:04:3e:3b:76:e4:00:32:82:be:40:52:1e:
6d:09:16:da:d9:5e:d0:1f:1a:70:ba:dd:44:be:c6:4d:11:0f:
2e:dd:3f:85:c4:a5:f5:55:1d:ae:1e:07:88:59:2a:2f:8b:4c:
07:17:8f:59:50:3f:f4:c0:a3:63:de:06:95:18:ac:9e:d0:8b:
d2:30:1e:fe:01:f9:5d:5d:75:60:8f:6f:f0:fa:44:66:2c:aa:
d8:cd:a5:36:c3:d9:30:6a:e7:46:b4:62:86:4b:88:20:38:9f:
6b:5b:f9:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnG5iQGph9nAft+RZNZyp6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA1MTgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU1ODU0ZDg4Y2I5NzcxY2Q4NDZhY2Y5MTc5MGQ4MzJkMzg2MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWZafPcNmcr7NtpD9M8Y2LVyDiC0
A/ddnsVdl7qR0wUHfAwXuy0tk1ExuhkKp2Y1pSCLEvYsPLhJGV2RrQ/U+NINZn8+
LW1TE/NTR+B2MoL6ueBg8D2U6n0M7Nbhl2k0T7Ul+E/VCtN0pwPqlIqsqubB8iWP
Td3kJkymrwLmXoZCf/x9nOjS55gR2PLSKy1xLYSS4ywr31MHW5H8rLbw83GY64uI
EsjLeJ2HAz2LJvwS5DMJpugDEKbQmO7vIuqz8J2KKm+Z0APzB9mPLb4H1uA+96FP
5S0+eQObCDnQIdh/41zgrl7f+6bptoQMVj3JsnrG5b8tOgiBAj6Enl1bVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORVhU2Iy5dxzYRqz5F5DYMtOGHlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNUZXRlRZakxsM0hOaEdyUGtYa05neTA0WWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAywAJMA0G
CSqGSIb3DQEBCwUAA4IBAQCFjqb0a1lotByKXy8PONJ0SL9kNxM2C/jgktpFbI3I
Vafl9CSKUbLFI8985kxUxhi9/LgWS+SKzxJ2Mg/lKywNVxzhDUY7v6rI/XyG371B
n6BplbQiXbgFbycLBSbcCP86SmtggipHo/9/zbUclmYF2CPBPRs7oqq9AT/l8mrR
EkcnOpGRyGG2qAi77N4hZSiFn+w0okUEPjt25AAygr5AUh5tCRba2V7QHxpwut1E
vsZNEQ8u3T+FxKX1VR2uHgeIWSovi0wHF49ZUD/0wKNj3gaVGKye0IvSMB7+Afld
XXVgj2/w+kRmLKrYzaU2w9kwaudGtGKGS4ggOJ9rW/l5
-----END CERTIFICATE-----
Generated at Tue Aug 8 05:57:18 2023 by rpki-client on console-fra.rpki-client.org