Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szh6Jo1bzxZfHok0l-uxdlwtJnY.roa
File: szh6Jo1bzxZfHok0l-uxdlwtJnY.roa (raw, json)
Hash identifier: G+KUvAMmj2QQLjWYNZX6abT0aI+1VZLbzz8a4c1/4yk=
Subject key identifier: B3:38:7A:26:8D:5B:CF:16:5F:1E:89:34:97:EB:B1:76:5C:2D:26:76
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0187046CBAECEDEB25D32A53B119E4356B17
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szh6Jo1bzxZfHok0l-uxdlwtJnY.roa
Signing time: Tue 21 Mar 2023 13:47:27 +0000
ROA not before: Tue 21 Mar 2023 13:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 5.180.138.0/24 maxlen: 24
84.252.72.0/24 maxlen: 24
2a0f:7b81::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:6c:ba:ec:ed:eb:25:d3:2a:53:b1:19:e4:35:6b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 21 13:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3387a268d5bcf165f1e893497ebb1765c2d2676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:de:e4:ed:48:ee:28:59:3b:30:88:06:21:77:
7c:b0:34:e1:67:94:af:e8:ae:22:64:6b:fa:09:56:
a5:18:79:92:15:f9:27:31:5a:2b:a8:6f:0f:24:a1:
77:20:37:8e:2c:06:84:e7:63:f4:32:62:31:46:9c:
27:f1:b2:9b:da:a6:38:7e:af:12:aa:b7:9a:d0:fa:
16:6a:9e:46:e8:21:14:9c:c6:39:bd:6c:f4:cb:7d:
72:87:84:51:81:2f:9c:12:b3:68:8a:13:95:05:46:
f0:b7:2b:49:24:31:db:b9:43:10:af:73:b5:0c:f3:
27:67:3a:38:08:72:bc:04:d1:70:ec:0a:c4:c4:5e:
08:69:d9:83:b4:c7:37:35:58:f8:df:4e:78:f3:dd:
7b:d1:2c:c5:35:e3:e9:e2:6c:97:d6:df:fc:4d:1e:
3f:73:10:23:f2:a8:ef:8f:77:62:a1:02:9c:d8:0c:
17:e7:4c:47:c1:4f:55:88:aa:8a:d0:2b:20:ec:5f:
a9:56:7c:40:a1:77:a6:11:e9:e9:06:a9:5f:6b:30:
e5:50:c4:e1:89:3a:c8:60:04:fe:9c:bc:ad:bb:b1:
d9:41:c0:1f:da:7e:c1:a3:6a:bc:73:53:a1:cb:d0:
cf:9e:a0:e5:e4:d1:ef:77:8e:6e:37:df:75:4e:6c:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:38:7A:26:8D:5B:CF:16:5F:1E:89:34:97:EB:B1:76:5C:2D:26:76
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szh6Jo1bzxZfHok0l-uxdlwtJnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.138.0/24
84.252.72.0/24
IPv6:
2a0f:7b81::/48
Signature Algorithm: sha256WithRSAEncryption
8f:99:e8:cb:b0:7c:c7:4b:e3:b1:c1:85:de:05:9e:43:15:ae:
20:07:b3:02:5e:93:48:e8:3f:6c:56:1d:b1:61:ba:cd:3c:00:
62:c2:48:e7:9a:a4:ec:8b:7d:21:e0:31:b9:30:c6:4d:0b:77:
74:0e:25:4b:6e:42:dd:5d:16:c2:b8:ff:15:36:b9:ce:86:a5:
c9:80:ae:e6:1c:56:fe:f4:5a:fe:eb:39:6a:dc:04:09:a2:6d:
af:bf:0b:37:72:29:d1:a4:16:72:45:78:51:0b:0f:e5:91:5c:
c6:2b:72:aa:e7:66:dc:db:a5:92:7c:ac:c3:51:b2:99:1f:93:
d2:6e:72:03:7b:7e:5b:04:f1:c7:31:ad:ea:4e:6b:8c:33:e2:
69:6b:ae:4b:1a:e8:4a:a2:1d:10:1a:60:fe:bd:ba:3f:20:cd:
f3:82:23:9b:c7:5a:48:e5:bc:a3:17:5a:45:13:a3:23:08:98:
c9:30:a6:5e:2e:c6:6a:16:0d:b0:df:13:47:8c:bb:3b:3c:cc:
9a:36:44:60:2f:f6:86:fa:a9:d0:8d:32:27:7a:5c:3a:4a:d0:
85:32:86:53:1b:2a:1f:aa:19:62:e0:a1:e8:85:25:24:46:43:
93:7f:36:f9:30:35:67:87:b5:3a:60:3c:6d:19:e7:1f:ac:00:
68:7d:c5:c2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYcEbLrs7esl0ypTsRnkNWsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMzIxMTM0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM4N2EyNjhkNWJjZjE2NWYxZTg5MzQ5N2ViYjE3NjVjMmQyNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN7k7UjuKFk7MIgGIXd8sDThZ5Sv
6K4iZGv6CValGHmSFfknMVorqG8PJKF3IDeOLAaE52P0MmIxRpwn8bKb2qY4fq8S
qrea0PoWap5G6CEUnMY5vWz0y31yh4RRgS+cErNoihOVBUbwtytJJDHbuUMQr3O1
DPMnZzo4CHK8BNFw7ArExF4IadmDtMc3NVj4305489170SzFNePp4myX1t/8TR4/
cxAj8qjvj3dioQKc2AwX50xHwU9ViKqK0Csg7F+pVnxAoXemEenpBqlfazDlUMTh
iTrIYAT+nLytu7HZQcAf2n7Bo2q8c1Ohy9DPnqDl5NHvd45uN991TmyHGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLM4eiaNW88WXx6JNJfrsXZcLSZ2MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvc3poNkpvMWJ6eFpmSG9rMGwtdXhkbHd0Sm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABbSKAwQA
VPxIMA8EAgACMAkDBwAqD3uBAAAwDQYJKoZIhvcNAQELBQADggEBAI+Z6MuwfMdL
47HBhd4FnkMVriAHswJek0joP2xWHbFhus08AGLCSOeapOyLfSHgMbkwxk0Ld3QO
JUtuQt1dFsK4/xU2uc6GpcmAruYcVv70Wv7rOWrcBAmiba+/CzdyKdGkFnJFeFEL
D+WRXMYrcqrnZtzbpZJ8rMNRspkfk9JucgN7flsE8ccxrepOa4wz4mlrrksa6Eqi
HRAaYP69uj8gzfOCI5vHWkjlvKMXWkUToyMImMkwpl4uxmoWDbDfE0eMuzs8zJo2
RGAv9ob6qdCNMid6XDpK0IUyhlMbKh+qGWLgoeiFJSRGQ5N/NvkwNWeHtTpgPG0Z
5x+sAGh9xcI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:23 2024 by rpki-client on console-ams.rpki-client.org