Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IJJ6lO9sLbRtC7Gikr5ayo9k2DQ.roa
File: IJJ6lO9sLbRtC7Gikr5ayo9k2DQ.roa (raw, json)
Hash identifier: rzObPIZxtNobPokDmtHhXCYAnyqweKNYv8Wmvnt0re0=
Subject key identifier: 20:92:7A:94:EF:6C:2D:B4:6D:0B:B1:A2:92:BE:5A:CA:8F:64:D8:34
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBC5010156CF3532A8E389603DD26C
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IJJ6lO9sLbRtC7Gikr5ayo9k2DQ.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202010
IP address blocks: 5.1.74.0/24 maxlen: 32
5.1.81.139/32 maxlen: 32
5.1.81.0/24 maxlen: 32
178.251.228.0/24 maxlen: 32
5.1.81.140/32 maxlen: 32
2a01:367:dead::/48 maxlen: 48
2a01:367:beef::/48 maxlen: 48
2a01:367:ffa1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c5:01:01:56:cf:35:32:a8:e3:89:60:3d:d2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20927a94ef6c2db46d0bb1a292be5aca8f64d834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:3d:f7:d6:ff:76:1b:3b:48:18:40:fb:c4:
56:6d:44:e4:4a:cc:68:44:f1:d8:18:f8:db:c7:c9:
55:a9:e6:c1:63:63:a8:65:29:2e:4c:90:cf:6a:cc:
0a:3d:11:c2:26:eb:13:62:18:33:22:c8:8b:61:6f:
e6:b4:30:ae:3f:44:e9:c7:e9:86:d6:69:01:10:84:
e7:31:9c:40:3b:63:cf:eb:3d:a6:b7:17:e1:4f:d7:
90:ae:a0:c1:72:96:c5:c2:5d:a7:34:72:8b:03:bc:
5c:1b:ed:27:8c:dd:e1:83:25:a0:9c:6b:9e:cf:94:
e2:28:6e:86:68:35:39:3d:6f:25:6c:33:cc:57:9e:
6a:c6:f4:d1:7c:bb:76:ad:82:54:d2:37:6a:9a:f4:
17:26:68:7b:b7:42:1d:9b:9b:b1:75:20:0f:f2:32:
8d:db:a3:ac:d8:06:7d:c5:eb:27:a4:bd:54:ec:32:
84:a0:05:15:4e:09:4e:5a:30:c6:61:4b:aa:b0:09:
1a:e8:af:5a:a2:b9:c4:86:69:9e:4a:68:23:f2:28:
d9:75:67:aa:68:6c:4e:c3:68:90:49:30:5e:41:1f:
e5:5a:a8:5c:45:78:1b:56:cb:90:8b:1c:f0:c4:c2:
41:13:8a:91:33:e4:df:94:20:17:64:98:d0:9a:20:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:92:7A:94:EF:6C:2D:B4:6D:0B:B1:A2:92:BE:5A:CA:8F:64:D8:34
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IJJ6lO9sLbRtC7Gikr5ayo9k2DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.74.0/24
5.1.81.0/24
178.251.228.0/24
IPv6:
2a01:367:beef::/48
2a01:367:dead::/48
2a01:367:ffa1::/48
Signature Algorithm: sha256WithRSAEncryption
90:09:69:90:55:7c:96:5e:21:09:0e:c7:5d:09:ad:13:03:c9:
5a:29:2e:fd:b2:91:a2:38:96:0a:0e:5e:e2:db:f0:ff:3c:41:
1e:70:5e:6c:b3:a9:6f:5c:a9:74:db:24:a0:4d:dd:d6:04:d0:
e8:bb:d7:75:de:ca:8f:d3:81:82:07:66:06:b1:11:70:e5:8f:
d0:88:2a:7e:f8:4d:9f:0a:2b:be:f2:a3:9a:0a:6d:b1:16:5c:
da:ef:3d:92:7d:2e:d6:75:c7:55:05:a4:0d:c1:a2:23:ce:4f:
ac:cd:85:45:b3:45:70:9e:76:d0:91:4f:f5:22:e4:2a:04:8a:
fe:34:74:cc:95:3b:0a:3a:61:a0:27:ff:83:07:4c:b5:67:59:
a2:40:ee:5a:f6:11:f6:a4:f9:85:71:6c:1a:9e:7b:68:50:af:
55:19:4b:71:7a:54:7b:5e:f6:0f:3e:7a:30:0f:72:ea:cc:78:
bb:45:3a:59:00:d2:fe:3a:ff:7d:64:67:5c:1d:53:91:ed:66:
57:08:e2:f8:13:6d:3c:83:45:d4:2b:c0:f9:44:6f:0c:af:ad:
fe:48:29:6f:91:fb:56:80:e8:ce:8d:85:d1:fc:0c:bc:38:fe:
5b:a6:a6:67:2e:6d:50:d3:a1:ae:80:7a:82:26:81:2c:83:42:
13:7a:d9:f0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVw+8UBAVbPNTKo44lgPdJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkyN2E5NGVmNmMyZGI0NmQwYmIxYTI5MmJlNWFjYThmNjRkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnk999b/dhs7SBhA+8RWbUTkSsxo
RPHYGPjbx8lVqebBY2OoZSkuTJDPaswKPRHCJusTYhgzIsiLYW/mtDCuP0Tpx+mG
1mkBEITnMZxAO2PP6z2mtxfhT9eQrqDBcpbFwl2nNHKLA7xcG+0njN3hgyWgnGue
z5TiKG6GaDU5PW8lbDPMV55qxvTRfLt2rYJU0jdqmvQXJmh7t0Idm5uxdSAP8jKN
26Os2AZ9xesnpL1U7DKEoAUVTglOWjDGYUuqsAka6K9aornEhmmeSmgj8ijZdWeq
aGxOw2iQSTBeQR/lWqhcRXgbVsuQixzwxMJBE4qRM+TflCAXZJjQmiDOmQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCCSepTvbC20bQuxopK+WsqPZNg0MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvSUpKNmxPOXNMYlJ0QzdHaWtyNWF5bzlrMkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQABQFKAwQA
BQFRAwQAsvvkMCEEAgACMBsDBwAqAQNnvu8DBwAqAQNn3q0DBwAqAQNn/6EwDQYJ
KoZIhvcNAQELBQADggEBAJAJaZBVfJZeIQkOx10JrRMDyVopLv2ykaI4lgoOXuLb
8P88QR5wXmyzqW9cqXTbJKBN3dYE0Oi713Xeyo/TgYIHZgaxEXDlj9CIKn74TZ8K
K77yo5oKbbEWXNrvPZJ9LtZ1x1UFpA3BoiPOT6zNhUWzRXCedtCRT/Ui5CoEiv40
dMyVOwo6YaAn/4MHTLVnWaJA7lr2Efak+YVxbBqee2hQr1UZS3F6VHte9g8+ejAP
curMeLtFOlkA0v46/31kZ1wdU5HtZlcI4vgTbTyDRdQrwPlEbwyvrf5IKW+R+1aA
6M6NhdH8DLw4/lumpmcubVDToa6AeoImgSyDQhN62fA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org