Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/5trNRCVYBkqK3SNcjq-pCQenhFE.roa
File: 5trNRCVYBkqK3SNcjq-pCQenhFE.roa (raw, json)
Hash identifier: +9vQI4Sc/bZh2J+N43Sa5jM/oXzMG0iMKl36BZ0bhjo=
Subject key identifier: E6:DA:CD:44:25:58:06:4A:8A:DD:23:5C:8E:AF:A9:09:07:A7:84:51
Certificate issuer: /CN=22e28e550314138f9d83a28b2d666e9b8744b510
Certificate serial: 01856F26E73A109AA6B316A1A4C3496CA60D
Authority key identifier: 22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/5trNRCVYBkqK3SNcjq-pCQenhFE.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60884
IP address blocks: 185.24.24.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e7:3a:10:9a:a6:b3:16:a1:a4:c3:49:6c:a6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22e28e550314138f9d83a28b2d666e9b8744b510
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6dacd442558064a8add235c8eafa90907a78451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:40:bf:4c:ff:0d:59:3e:d9:33:99:bb:17:63:
d7:23:58:cf:59:c8:aa:59:d0:80:5e:93:ea:f0:f2:
c6:1e:08:e4:01:03:ea:81:6f:06:3e:47:93:db:7a:
ab:92:97:5a:8f:15:90:69:33:62:ff:eb:6a:f6:0d:
99:56:46:40:7b:2f:4e:36:c4:65:2d:18:98:34:22:
eb:0e:48:60:04:ec:7f:2d:8d:98:d9:f7:1e:9a:05:
51:30:8f:4a:9d:cd:1b:91:f6:d4:4b:da:fe:60:42:
47:e5:72:78:fe:d6:9c:f0:01:c3:e9:91:9c:a1:53:
54:8d:4c:ab:30:b1:da:39:b1:e1:ba:82:09:62:31:
e6:7e:df:48:67:e2:4b:3a:c6:a5:c1:ad:dc:3c:73:
0a:d6:64:48:43:e2:22:c5:22:cf:3c:1d:1d:95:1a:
de:b0:73:9e:88:2d:bc:6a:fc:51:a6:6d:ee:bb:ee:
93:3c:6e:f5:dd:06:a3:a6:be:de:56:04:95:fe:d4:
93:4b:2a:58:cd:6b:fe:e7:fd:67:d5:7c:92:e0:b3:
66:b8:9e:17:8d:9b:9a:bb:5f:2a:fe:24:6e:9e:35:
c3:93:7a:90:6b:92:a9:c4:55:af:4d:81:a5:9f:0e:
64:60:1c:70:fd:c9:0c:af:ce:59:85:40:26:f5:ad:
4f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DA:CD:44:25:58:06:4A:8A:DD:23:5C:8E:AF:A9:09:07:A7:84:51
X509v3 Authority Key Identifier:
keyid:22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/5trNRCVYBkqK3SNcjq-pCQenhFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.24.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:a3:e8:91:5f:01:b6:f0:53:c5:82:14:b2:9e:ae:85:cc:3a:
95:17:cc:1d:f7:e8:fe:02:cc:7a:ab:80:f5:46:48:14:af:83:
c4:79:fd:36:61:a1:c2:41:46:6b:a6:39:61:6e:8f:e4:9d:17:
df:67:96:8d:46:cf:21:33:dc:4f:1b:b4:67:fc:70:58:18:73:
3b:d6:8f:0a:79:5c:81:a0:36:7e:d9:25:0d:17:57:9c:50:e0:
f4:18:04:40:6e:05:4f:07:d4:5f:d6:7a:d0:94:a8:e7:1a:81:
f6:f4:55:be:63:ba:fa:20:e2:f8:ce:06:79:2e:c1:3e:7e:74:
e6:ae:ab:07:54:78:95:4d:7d:58:cb:0c:00:8f:c2:d4:36:aa:
fe:31:a4:e3:bb:fb:d0:77:d8:19:2b:2b:e7:9f:a6:41:d2:86:
ce:d2:79:b7:13:ed:20:70:05:82:1a:6f:cb:16:88:29:f4:eb:
ae:4d:3f:f2:aa:7b:e2:5e:56:bd:21:f0:c0:b6:50:14:ae:63:
7c:b2:0e:11:e1:17:27:09:46:c0:47:14:f9:1d:13:e6:2d:01:
8d:b0:11:96:09:49:b7:de:7d:68:aa:73:38:f8:a1:6f:b0:e9:
96:e6:f5:37:98:5b:86:80:e4:ef:7f:58:e7:97:e2:4a:26:8d:
27:16:da:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuc6EJqmsxahpMNJbKYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTI4ZTU1MDMxNDEzOGY5ZDgzYTI4YjJkNjY2ZTliODc0
NGI1MTAwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRhY2Q0NDI1NTgwNjRhOGFkZDIzNWM4ZWFmYTkwOTA3YTc4NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0C/TP8NWT7ZM5m7F2PXI1jPWciq
WdCAXpPq8PLGHgjkAQPqgW8GPkeT23qrkpdajxWQaTNi/+tq9g2ZVkZAey9ONsRl
LRiYNCLrDkhgBOx/LY2Y2fcemgVRMI9Knc0bkfbUS9r+YEJH5XJ4/tac8AHD6ZGc
oVNUjUyrMLHaObHhuoIJYjHmft9IZ+JLOsalwa3cPHMK1mRIQ+IixSLPPB0dlRre
sHOeiC28avxRpm3uu+6TPG713Qajpr7eVgSV/tSTSypYzWv+5/1n1XyS4LNmuJ4X
jZuau18q/iRunjXDk3qQa5KpxFWvTYGlnw5kYBxw/ckMr85ZhUAm9a1PSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObazUQlWAZKit0jXI6vqQkHp4RRMB8GA1UdIwQY
MBaAFCLijlUDFBOPnYOiiy1mbpuHRLUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYt
NGQyMDljMzI4OGFiLzEvNXRyTlJDVllCa3FLM1NOY2pxLXBDUWVuaEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYtNGQyMDljMzI4OGFi
LzEvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRgYMA0G
CSqGSIb3DQEBCwUAA4IBAQCdo+iRXwG28FPFghSynq6FzDqVF8wd9+j+Asx6q4D1
RkgUr4PEef02YaHCQUZrpjlhbo/knRffZ5aNRs8hM9xPG7Rn/HBYGHM71o8KeVyB
oDZ+2SUNF1ecUOD0GARAbgVPB9Rf1nrQlKjnGoH29FW+Y7r6IOL4zgZ5LsE+fnTm
rqsHVHiVTX1YywwAj8LUNqr+MaTju/vQd9gZKyvnn6ZB0obO0nm3E+0gcAWCGm/L
Fogp9OuuTT/yqnviXla9IfDAtlAUrmN8sg4R4RcnCUbARxT5HRPmLQGNsBGWCUm3
3n1oqnM4+KFvsOmW5vU3mFuGgOTvf1jnl+JKJo0nFtrj
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:07 2024 by rpki-client on console-ams.rpki-client.org