Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/5cRe920CvfevHb0cgmKUZ94QcQU.roa
File: 5cRe920CvfevHb0cgmKUZ94QcQU.roa (raw, json)
Hash identifier: sdNR1g3DisiojeJ9+78PmU9vRDEaRULNEHFWyoBFkfQ=
Subject key identifier: E5:C4:5E:F7:6D:02:BD:F7:AF:1D:BD:1C:82:62:94:67:DE:10:71:05
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBBB5EEAEB585A0E110C072C8B0F44
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/5cRe920CvfevHb0cgmKUZ94QcQU.roa
Signing time: Mon 02 Jan 2023 05:37:03 +0000
ROA not before: Mon 02 Jan 2023 05:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47536
IP address blocks: 5.1.67.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:bb:5e:ea:eb:58:5a:0e:11:0c:07:2c:8b:0f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5c45ef76d02bdf7af1dbd1c82629467de107105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:74:da:17:bc:03:ad:bd:a9:5c:a6:dd:22:
e4:24:ca:0b:da:8f:31:e6:04:66:8f:5c:8f:9e:2f:
ea:4e:e6:e7:37:9f:26:f9:43:15:5b:7a:61:6d:49:
c6:37:b3:18:aa:6f:d7:3f:4d:37:2b:43:6a:c7:85:
7f:66:78:7f:e3:67:07:da:20:2f:ef:b6:ae:76:3f:
40:a9:9a:cf:2f:d6:52:2f:31:8d:69:72:ca:48:e1:
c6:8b:83:8c:13:e2:e0:7a:c3:1b:d5:c4:ee:6b:ac:
50:2d:c6:f5:be:56:71:e9:e5:44:04:80:dd:de:f3:
f2:2a:3c:6c:13:b7:e1:9a:94:ed:32:2e:18:94:ed:
2c:62:a0:99:b8:2f:b1:6f:e5:f3:09:f4:b2:53:a4:
ba:12:49:f6:a9:e0:52:3a:a8:2d:9a:ef:f8:3c:c2:
74:cd:38:79:42:90:92:ed:1a:18:2b:80:4a:f1:32:
9d:ec:9f:d4:c5:ad:cd:32:41:a0:68:9e:ed:18:9c:
d3:23:b7:76:7a:d8:0b:84:d1:ec:12:c9:2f:44:da:
3a:2e:41:99:e3:a3:b8:0c:df:a6:ac:cb:20:f4:0a:
89:4b:fa:d8:3e:0e:46:de:8b:25:c9:e8:a7:56:12:
90:fd:16:ab:83:a0:0f:2e:93:59:95:11:f4:8d:fb:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C4:5E:F7:6D:02:BD:F7:AF:1D:BD:1C:82:62:94:67:DE:10:71:05
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/5cRe920CvfevHb0cgmKUZ94QcQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.67.0/24
Signature Algorithm: sha256WithRSAEncryption
97:97:e6:77:8c:d8:12:6f:10:ae:dd:73:e7:4b:53:3b:75:02:
c4:f0:3f:dd:74:5f:6d:28:7c:f2:1b:e5:97:ee:2b:32:19:65:
5c:f2:6f:f8:af:a3:a4:d0:30:28:6d:45:11:85:ea:2e:be:19:
ec:a7:3b:9c:c4:84:95:ac:26:8d:f2:f7:d4:c5:d5:ff:87:00:
f7:ee:87:31:81:64:fa:a6:7c:9f:c8:db:62:b8:f3:cb:37:74:
c2:ed:53:8c:cf:be:68:70:b7:fa:e8:5c:d3:b0:c4:3a:43:06:
66:79:82:b8:7c:f7:f1:92:0d:a3:f0:13:44:14:0a:4b:c6:34:
1c:a2:76:74:da:4e:c3:50:a4:81:7c:5d:3a:8e:ab:a7:6c:f4:
60:ca:32:a3:c1:8d:e5:45:5c:e1:9f:1f:0a:20:d1:d6:f6:c2:
46:a0:3b:6a:e0:ad:bc:a9:23:63:dc:3c:71:a9:74:ed:50:8d:
ef:1f:72:2b:63:3c:ac:20:96:d5:10:18:60:6e:80:8b:c9:a4:
a7:68:5f:1b:b7:aa:e3:f1:83:da:bb:fa:2a:77:3c:50:43:fe:
64:f8:32:39:9e:f0:e3:96:19:59:67:9b:a2:7c:70:d4:0c:c3:
02:ea:25:2d:2b:82:bc:49:9a:0b:3d:92:32:67:68:8c:9c:2d:
28:e2:39:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7te6utYWg4RDAcsiw9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM0NWVmNzZkMDJiZGY3YWYxZGJkMWM4MjYyOTQ2N2RlMTA3MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0502he8A629qVym3SLkJMoL2o8x
5gRmj1yPni/qTubnN58m+UMVW3phbUnGN7MYqm/XP003K0Nqx4V/Znh/42cH2iAv
77audj9AqZrPL9ZSLzGNaXLKSOHGi4OME+LgesMb1cTua6xQLcb1vlZx6eVEBIDd
3vPyKjxsE7fhmpTtMi4YlO0sYqCZuC+xb+XzCfSyU6S6Ekn2qeBSOqgtmu/4PMJ0
zTh5QpCS7RoYK4BK8TKd7J/Uxa3NMkGgaJ7tGJzTI7d2etgLhNHsEskvRNo6LkGZ
46O4DN+mrMsg9AqJS/rYPg5G3oslyeinVhKQ/Rarg6APLpNZlRH0jfszywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXEXvdtAr33rx29HIJilGfeEHEFMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvNWNSZTkyMEN2ZmV2SGIwY2dtS1VaOTRRY1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQFDMA0G
CSqGSIb3DQEBCwUAA4IBAQCXl+Z3jNgSbxCu3XPnS1M7dQLE8D/ddF9tKHzyG+WX
7isyGWVc8m/4r6Ok0DAobUURheouvhnspzucxISVrCaN8vfUxdX/hwD37ocxgWT6
pnyfyNtiuPPLN3TC7VOMz75ocLf66FzTsMQ6QwZmeYK4fPfxkg2j8BNEFApLxjQc
onZ02k7DUKSBfF06jqunbPRgyjKjwY3lRVzhnx8KINHW9sJGoDtq4K28qSNj3Dxx
qXTtUI3vH3IrYzysIJbVEBhgboCLyaSnaF8bt6rj8YPau/oqdzxQQ/5k+DI5nvDj
lhlZZ5uifHDUDMMC6iUtK4K8SZoLPZIyZ2iMnC0o4jlE
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org