Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_WjNz3tXRzoOTh7X-RxUpMyrYAU.roa
File: _WjNz3tXRzoOTh7X-RxUpMyrYAU.roa (raw, json)
Hash identifier: +ZA6gv9bVzXX/dpHieO1824oWqoNXkTHB8jt7BpEY6s=
Subject key identifier: FD:68:CD:CF:7B:57:47:3A:0E:4E:1E:D7:F9:1C:54:A4:CC:AB:60:05
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0190FDA5916B93FACE69FC94CB9AA6DA36AD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_WjNz3tXRzoOTh7X-RxUpMyrYAU.roa
Signing time: Mon 29 Jul 2024 08:40:04 +0000
ROA not before: Mon 29 Jul 2024 08:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51699
IP address blocks: 5.1.64.0/24 maxlen: 24
2a07:6fc0:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Aug 2024 12:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:a5:91:6b:93:fa:ce:69:fc:94:cb:9a:a6:da:36:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jul 29 08:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd68cdcf7b57473a0e4e1ed7f91c54a4ccab6005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:74:2c:80:0d:68:72:bd:c9:8a:ba:df:7b:77:
5b:35:31:51:99:ba:ba:87:bc:2a:7b:d5:73:19:9b:
86:b5:54:f7:2b:6d:d1:45:96:e5:0c:0c:ed:6d:0f:
f9:a3:05:b9:c0:ef:3f:56:50:0c:c7:ba:41:fb:e3:
1b:68:01:2a:aa:25:74:2b:e8:8d:02:20:b5:37:69:
31:d7:00:25:df:c3:d3:af:99:61:75:2d:b5:42:a8:
57:09:7d:47:82:34:2c:4a:f6:63:ee:f2:eb:a2:95:
59:c2:04:fe:b7:2b:c0:e7:6a:67:fa:eb:3c:ad:f9:
d1:76:5a:48:d7:09:3b:83:84:a6:fc:3a:2d:d2:f8:
cc:58:54:a4:e2:b4:a4:24:fb:5a:09:e2:41:78:b2:
8b:d5:fb:1c:43:e1:cc:ca:4d:01:52:2f:a0:42:69:
c2:76:67:f2:d7:12:72:a2:90:73:ae:f0:28:f0:52:
51:a2:7e:87:97:db:d5:00:14:dc:8d:33:36:3a:36:
27:4e:98:11:55:3b:63:32:7f:dc:9c:fe:a9:a0:4a:
58:92:c2:3c:ce:de:4c:13:fa:f2:66:da:54:b0:fa:
8f:99:4a:ac:6a:f6:2d:04:db:ea:ec:88:33:25:42:
44:c8:db:19:41:57:58:5c:1f:69:d8:0a:ea:b7:50:
12:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:68:CD:CF:7B:57:47:3A:0E:4E:1E:D7:F9:1C:54:A4:CC:AB:60:05
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_WjNz3tXRzoOTh7X-RxUpMyrYAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/24
IPv6:
2a07:6fc0:5::/48
Signature Algorithm: sha256WithRSAEncryption
58:d1:ae:0c:b4:70:36:d1:74:09:4c:50:0a:3f:d8:f9:5d:dc:
4d:74:75:5c:f6:e7:ae:32:a3:10:10:0f:28:b1:89:2d:a5:a5:
6c:80:49:c2:16:4a:5f:86:7f:6b:f2:38:98:64:85:02:35:65:
ae:09:78:f6:d8:f2:72:94:0a:31:f5:bb:49:f8:31:c1:75:30:
6b:e8:20:d5:8c:9a:78:f0:3a:8e:54:94:d6:59:a6:5e:d4:a0:
03:1b:59:f7:e4:8e:94:88:ef:6e:cb:64:8a:6d:36:b4:05:98:
50:14:85:e1:d6:43:1f:53:9b:ca:c1:f3:54:ee:68:f9:22:c9:
b7:e9:55:5d:88:63:87:3a:a7:81:dc:1a:68:e6:8b:30:a9:e2:
ab:79:84:00:4d:66:1f:54:0d:27:65:ee:87:78:c7:7e:00:51:
4a:64:10:3d:07:76:2b:ba:3e:7f:d6:dc:5c:64:bd:3d:91:fa:
85:92:f4:9c:0a:c1:06:c7:4f:a8:47:63:a1:dc:ed:3b:bb:a9:
14:50:92:a3:90:23:d9:88:c8:92:94:60:b7:46:ba:83:6c:36:
a6:1d:a0:7e:c7:0e:68:b0:77:62:61:60:c9:bc:5e:75:03:4c:
69:45:92:f6:b2:82:9e:35:e3:4b:1b:6b:5f:54:d6:5b:b5:a8:
f2:f9:bb:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZD9pZFrk/rOafyUy5qm2jatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNzI5MDg0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY4Y2RjZjdiNTc0NzNhMGU0ZTFlZDdmOTFjNTRhNGNjYWI2MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nQsgA1ocr3Jirrfe3dbNTFRmbq6
h7wqe9VzGZuGtVT3K23RRZblDAztbQ/5owW5wO8/VlAMx7pB++MbaAEqqiV0K+iN
AiC1N2kx1wAl38PTr5lhdS21QqhXCX1HgjQsSvZj7vLropVZwgT+tyvA52pn+us8
rfnRdlpI1wk7g4Sm/Dot0vjMWFSk4rSkJPtaCeJBeLKL1fscQ+HMyk0BUi+gQmnC
dmfy1xJyopBzrvAo8FJRon6Hl9vVABTcjTM2OjYnTpgRVTtjMn/cnP6poEpYksI8
zt5ME/ryZtpUsPqPmUqsavYtBNvq7IgzJUJEyNsZQVdYXB9p2Arqt1ASuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP1ozc97V0c6Dk4e1/kcVKTMq2AFMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvX1dqTnozdFhSem9PVGg3WC1SeFVwTXlyWUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQFAMA8E
AgACMAkDBwAqB2/AAAUwDQYJKoZIhvcNAQELBQADggEBAFjRrgy0cDbRdAlMUAo/
2Pld3E10dVz2564yoxAQDyixiS2lpWyAScIWSl+Gf2vyOJhkhQI1Za4JePbY8nKU
CjH1u0n4McF1MGvoINWMmnjwOo5UlNZZpl7UoAMbWffkjpSI727LZIptNrQFmFAU
heHWQx9Tm8rB81TuaPkiybfpVV2IY4c6p4HcGmjmizCp4qt5hABNZh9UDSdl7od4
x34AUUpkED0Hdiu6Pn/W3FxkvT2R+oWS9JwKwQbHT6hHY6Hc7Tu7qRRQkqOQI9mI
yJKUYLdGuoNsNqYdoH7HDmiwd2JhYMm8XnUDTGlFkvaygp4140sba19U1lu1qPL5
u1M=
-----END CERTIFICATE-----
Generated at Wed Aug 28 13:39:37 2024 by rpki-client on console-fra.rpki-client.org