Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa
File: u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa (raw, json)
Hash identifier: l9hFTy23313g8dkpSrqZochWs7b2Hl6sW66jqv3n8aI=
Subject key identifier: BB:7F:24:3C:F7:55:73:00:C7:27:75:85:51:EF:06:6B:F4:75:DD:FA
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 018571276D8F5FEDB5B6E7C1756A99C2464B
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209459
IP address blocks: 5.253.24.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6d:8f:5f:ed:b5:b6:e7:c1:75:6a:99:c2:46:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb7f243cf7557300c727758551ef066bf475ddfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dc:74:26:fa:bd:0d:f8:a0:43:48:df:0d:58:
1b:56:ec:f6:51:bf:18:8d:a7:bb:12:94:53:f6:31:
3e:d5:ef:dd:69:a4:1d:11:92:8c:be:61:79:ab:13:
49:cb:7b:d4:54:c5:51:bd:7b:41:69:22:75:a9:91:
87:cd:94:2b:6c:cb:f9:74:fe:48:35:55:79:da:d4:
11:8d:71:08:99:ef:95:70:7c:54:db:98:37:75:a0:
b2:16:b6:70:da:a7:01:72:33:d1:9f:e8:9a:db:54:
d6:c4:0f:ff:83:c4:1d:08:c4:bf:25:cf:27:a7:d4:
03:3d:df:02:af:33:19:77:b9:b4:e4:6c:0c:35:1e:
ce:07:83:5a:2c:ce:10:d8:20:02:ea:d4:38:11:90:
1d:ad:c1:14:0a:4f:1a:48:c6:d0:cc:69:a1:99:0b:
99:25:0f:01:6e:d7:79:15:ad:2c:2a:ab:19:b7:25:
a3:54:17:4d:c8:54:74:6d:5a:49:02:3b:77:7c:84:
44:28:df:9d:76:f4:a9:2a:27:c4:32:db:c5:4a:c0:
9d:52:fa:2c:28:4c:a7:18:53:32:0c:9c:b8:bd:e2:
90:e8:12:5b:a4:54:3a:81:f8:fe:08:c2:df:c2:06:
a5:ae:f7:5e:31:0e:73:d0:16:95:0d:47:b7:21:79:
16:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7F:24:3C:F7:55:73:00:C7:27:75:85:51:EF:06:6B:F4:75:DD:FA
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/u38kPPdVcwDHJ3WFUe8Ga_R13fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:ac:9d:8e:6d:ff:0f:68:4a:8c:bf:24:02:2c:f5:5a:4f:82:
40:0a:c0:f4:98:2a:01:1c:92:4e:10:39:3c:ae:7c:54:c8:8c:
e0:a4:66:03:ff:a0:c1:ce:0d:e3:13:f1:f8:77:c7:45:70:d3:
20:ed:11:3e:fd:53:ea:a0:bf:de:1a:46:a6:6d:fa:35:6f:36:
f4:aa:10:ea:bd:15:2d:56:6d:f6:78:e9:e2:70:46:cd:5c:8b:
5e:4a:61:09:02:39:44:f4:6d:74:8c:35:c2:c9:06:f7:2c:34:
61:14:7f:86:20:f7:1b:fd:74:95:06:01:b7:5e:7f:71:42:4b:
e1:f4:e2:3e:8e:6d:a8:24:05:5c:90:67:a8:5a:c7:b4:d9:7e:
e2:02:86:bf:4f:19:0b:3d:96:a1:94:96:4c:8a:d6:2a:0c:63:
25:53:42:45:b5:94:ef:21:94:df:1d:23:59:af:bf:48:0a:c1:
ea:8f:48:3f:6c:cd:9d:5b:6c:fc:a9:3d:38:de:20:bc:73:9c:
ea:de:72:6a:76:bd:37:a6:a2:11:40:55:81:6f:cf:58:16:c6:
09:03:4b:e0:fd:d6:0b:0f:4b:6a:b9:f0:90:34:fc:24:02:e6:
d8:11:f0:46:ff:8a:23:c7:81:d0:38:3d:9e:1c:cb:a4:1c:52:
aa:6e:02:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ22PX+21tufBdWqZwkZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdmMjQzY2Y3NTU3MzAwYzcyNzc1ODU1MWVmMDY2YmY0NzVkZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndx0Jvq9DfigQ0jfDVgbVuz2Ub8Y
jae7EpRT9jE+1e/daaQdEZKMvmF5qxNJy3vUVMVRvXtBaSJ1qZGHzZQrbMv5dP5I
NVV52tQRjXEIme+VcHxU25g3daCyFrZw2qcBcjPRn+ia21TWxA//g8QdCMS/Jc8n
p9QDPd8CrzMZd7m05GwMNR7OB4NaLM4Q2CAC6tQ4EZAdrcEUCk8aSMbQzGmhmQuZ
JQ8Bbtd5Fa0sKqsZtyWjVBdNyFR0bVpJAjt3fIREKN+ddvSpKifEMtvFSsCdUvos
KEynGFMyDJy4veKQ6BJbpFQ6gfj+CMLfwgalrvdeMQ5z0BaVDUe3IXkWPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLt/JDz3VXMAxyd1hVHvBmv0dd36MB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvdTM4a1BQZFZjd0RISjNXRlVlOEdhX1IxM2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQALrJ2Obf8PaEqMvyQCLPVaT4JACsD0mCoBHJJOEDk8
rnxUyIzgpGYD/6DBzg3jE/H4d8dFcNMg7RE+/VPqoL/eGkambfo1bzb0qhDqvRUt
Vm32eOnicEbNXIteSmEJAjlE9G10jDXCyQb3LDRhFH+GIPcb/XSVBgG3Xn9xQkvh
9OI+jm2oJAVckGeoWse02X7iAoa/TxkLPZahlJZMitYqDGMlU0JFtZTvIZTfHSNZ
r79ICsHqj0g/bM2dW2z8qT043iC8c5zq3nJqdr03pqIRQFWBb89YFsYJA0vg/dYL
D0tqufCQNPwkAubYEfBG/4ojx4HQOD2eHMukHFKqbgLD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:56 2024 by rpki-client on console-ams.rpki-client.org