Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/PrbRZYSEy8aKFoMO7-3QVHuWVQk.roa
File: PrbRZYSEy8aKFoMO7-3QVHuWVQk.roa (raw, json)
Hash identifier: hu01PD9+N9sJ8QJm7oAVo25+g8b5CeZKOkZJ7Tx2Bo4=
Subject key identifier: 3E:B6:D1:65:84:84:CB:C6:8A:16:83:0E:EF:ED:D0:54:7B:96:55:09
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 0188043879B2424EBACF75173EE964F990E3
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/PrbRZYSEy8aKFoMO7-3QVHuWVQk.roa
Signing time: Wed 10 May 2023 05:53:10 +0000
ROA not before: Wed 10 May 2023 05:53:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58250
IP address blocks: 5.42.235.0/24 maxlen: 24
5.42.234.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:38:79:b2:42:4e:ba:cf:75:17:3e:e9:64:f9:90:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: May 10 05:53:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eb6d1658484cbc68a16830eefedd0547b965509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:be:71:22:1f:72:2b:5c:bd:8e:a8:cd:a9:6a:
11:b6:b8:07:6e:b0:cf:be:48:1a:4c:14:d8:da:e7:
cc:42:d6:73:0a:7e:e6:5f:dd:ca:48:37:90:e9:83:
cb:ff:cf:ae:da:85:d8:d9:b1:46:de:16:50:c2:27:
5b:6f:b6:24:81:1d:99:b8:e2:40:44:e7:f2:a8:a6:
e6:d4:1c:c2:81:f8:4d:a2:53:1e:6f:fc:ef:09:0b:
c7:d5:f2:91:c8:c4:38:36:14:57:6f:65:8a:ec:8c:
cc:f3:cd:d5:73:9a:1e:04:72:54:09:6f:37:4f:1a:
c1:bb:63:3a:99:6d:9a:50:50:c4:08:55:c3:80:c6:
9c:69:ab:08:13:cf:a3:f0:e8:38:f1:87:77:90:18:
ce:20:21:18:34:c7:cb:94:7f:33:ce:85:87:4f:d5:
7e:00:7e:6a:dc:7f:5b:b8:62:60:32:db:14:25:ee:
61:33:8b:ce:a0:9f:e4:e4:ef:a5:92:38:5d:cd:29:
7e:5a:98:38:22:15:c6:c6:41:57:f4:72:9d:20:84:
3f:99:ca:79:c7:fd:a7:93:ca:5c:dd:ce:e8:7b:96:
d3:59:1b:86:73:8f:3c:45:e9:31:7a:4d:d6:80:9c:
d5:a7:06:e0:2d:84:54:b7:03:3a:f5:28:88:76:f0:
07:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B6:D1:65:84:84:CB:C6:8A:16:83:0E:EF:ED:D0:54:7B:96:55:09
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/PrbRZYSEy8aKFoMO7-3QVHuWVQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.234.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:3d:24:b9:30:b0:98:a2:d6:32:92:56:da:99:53:71:25:91:
40:8c:48:dd:3d:ba:64:ce:e8:09:b8:73:fc:ed:dc:92:51:eb:
75:5f:5a:d4:5d:4f:53:6f:57:fc:ff:66:3b:96:11:96:69:15:
9b:6a:52:9b:f3:1a:f7:31:e7:bf:39:4e:ed:bf:09:2d:9e:ee:
24:9b:e2:ad:15:ab:93:da:03:42:73:27:cc:a6:b0:8e:ac:34:
ef:22:20:6c:72:e2:02:56:55:28:2d:55:59:6c:4a:5e:2e:f0:
f4:04:4f:ec:92:53:d8:14:42:8c:88:a7:2c:7c:b6:a5:61:f0:
a4:4b:a2:0f:a8:7d:d4:6f:b5:8e:4a:4c:0b:df:5a:41:19:92:
cf:5a:e6:cf:9b:f0:ac:3d:a5:86:7f:e8:b9:fc:10:e9:23:bc:
d0:ab:5e:cf:f7:0c:34:32:9d:20:24:c8:d6:19:a3:f2:64:b7:
80:25:69:b6:f2:4b:27:0f:b6:c8:11:c7:26:b4:16:56:93:fd:
0c:54:1c:1f:cf:25:44:37:09:39:8d:47:f2:c2:d4:b8:83:0a:
44:15:04:f6:f2:8f:d0:a9:b3:97:7c:2e:89:e8:9b:57:d2:9e:
d8:76:b8:cd:92:12:f7:1d:81:35:59:1d:5f:31:ef:8c:89:cb:
02:fd:2b:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgEOHmyQk66z3UXPulk+ZDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjMwNTEwMDU1MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI2ZDE2NTg0ODRjYmM2OGExNjgzMGVlZmVkZDA1NDdiOTY1NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL5xIh9yK1y9jqjNqWoRtrgHbrDP
vkgaTBTY2ufMQtZzCn7mX93KSDeQ6YPL/8+u2oXY2bFG3hZQwidbb7YkgR2ZuOJA
ROfyqKbm1BzCgfhNolMeb/zvCQvH1fKRyMQ4NhRXb2WK7IzM883Vc5oeBHJUCW83
TxrBu2M6mW2aUFDECFXDgMacaasIE8+j8Og48Yd3kBjOICEYNMfLlH8zzoWHT9V+
AH5q3H9buGJgMtsUJe5hM4vOoJ/k5O+lkjhdzSl+Wpg4IhXGxkFX9HKdIIQ/mcp5
x/2nk8pc3c7oe5bTWRuGc488Rekxek3WgJzVpwbgLYRUtwM69SiIdvAHLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD620WWEhMvGihaDDu/t0FR7llUJMB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvUHJiUlpZU0V5OGFLRm9NTzctM1FWSHVXVlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBSrqMA0G
CSqGSIb3DQEBCwUAA4IBAQA6PSS5MLCYotYyklbamVNxJZFAjEjdPbpkzugJuHP8
7dySUet1X1rUXU9Tb1f8/2Y7lhGWaRWbalKb8xr3Mee/OU7tvwktnu4km+KtFauT
2gNCcyfMprCOrDTvIiBscuICVlUoLVVZbEpeLvD0BE/sklPYFEKMiKcsfLalYfCk
S6IPqH3Ub7WOSkwL31pBGZLPWubPm/CsPaWGf+i5/BDpI7zQq17P9ww0Mp0gJMjW
GaPyZLeAJWm28ksnD7bIEccmtBZWk/0MVBwfzyVENwk5jUfywtS4gwpEFQT28o/Q
qbOXfC6J6JtX0p7YdrjNkhL3HYE1WR1fMe+MicsC/StY
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:54 2024 by rpki-client on console-ams.rpki-client.org