Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/hRQqUprzcd7npcLbKpW4cCsZO9s.roa
File: hRQqUprzcd7npcLbKpW4cCsZO9s.roa (raw, json)
Hash identifier: GB7soKb8rMriQOAqe2VZS9mKa18Y/cRBnDgpKKPsQk4=
Subject key identifier: 85:14:2A:52:9A:F3:71:DE:E7:A5:C2:DB:2A:95:B8:70:2B:19:3B:DB
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBC6D3BBCB9F0145F72717E1FB286A
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/hRQqUprzcd7npcLbKpW4cCsZO9s.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203909
IP address blocks: 5.1.77.0/24 maxlen: 32
2a00:f826:7::/48 maxlen: 48
2a00:f826:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c6:d3:bb:cb:9f:01:45:f7:27:17:e1:fb:28:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85142a529af371dee7a5c2db2a95b8702b193bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0c:50:69:65:4f:0f:9e:32:bf:18:35:b3:16:
d4:ee:79:23:ea:9e:4e:50:32:bf:cf:d3:af:f1:74:
9c:38:a7:18:d4:e4:18:20:fb:63:34:16:e9:35:39:
c8:42:f1:46:b2:15:59:07:57:8b:5b:32:d3:fb:e9:
69:c2:37:0d:b0:22:58:fc:b0:3c:25:7b:52:0d:a2:
70:da:20:58:84:2d:4d:0f:53:60:e4:61:1a:c9:55:
17:fa:cc:fb:f7:1b:11:a7:37:38:01:83:96:b1:be:
7e:32:a3:80:8c:35:17:35:bb:81:53:72:9a:04:9e:
92:79:9d:6a:87:a6:95:36:9c:bf:4c:58:f2:0d:be:
2d:f1:38:a9:be:ff:3c:32:31:20:2a:f7:19:22:c4:
be:6e:16:85:5a:77:51:cf:4f:36:83:6e:49:07:9e:
dc:dd:38:74:ee:32:53:9a:38:a0:95:0f:dc:1f:cf:
47:5b:8f:b6:44:00:4e:67:fd:27:fd:7f:d4:d9:c6:
d2:98:d9:42:b2:e8:13:f2:25:f1:a2:04:e8:89:af:
5b:86:df:99:83:78:c9:27:ec:5f:ec:f4:1a:f4:d5:
f7:5c:89:23:9d:6f:84:10:d7:fe:54:ec:f0:32:dc:
b7:31:11:74:12:40:8f:20:88:9f:49:63:b3:e9:51:
fa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:14:2A:52:9A:F3:71:DE:E7:A5:C2:DB:2A:95:B8:70:2B:19:3B:DB
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/hRQqUprzcd7npcLbKpW4cCsZO9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.77.0/24
IPv6:
2a00:f826:4::/48
2a00:f826:7::/48
Signature Algorithm: sha256WithRSAEncryption
5a:1a:ea:9e:e9:3c:b2:b1:dd:3e:d2:6c:9a:af:49:c3:5f:3c:
2e:a5:5d:74:fa:85:be:ce:78:85:bb:83:62:95:39:fc:c4:c5:
2c:39:e3:96:b1:6d:b2:e9:e2:32:06:01:03:a9:f1:89:bb:6e:
77:7e:38:43:e8:ac:74:68:c9:b5:85:2f:8f:7d:d6:d9:2b:61:
0e:e4:dc:22:50:00:e5:f0:73:bb:95:68:ef:36:48:36:d8:48:
f6:6b:27:6b:05:d4:67:1d:98:39:96:89:8e:99:9e:9b:6a:88:
f0:a1:da:2f:02:67:de:c5:74:26:a4:46:13:06:59:ba:4c:09:
a5:8b:db:0e:77:e0:b7:2c:80:77:0a:89:d5:db:da:aa:e4:46:
18:8b:4d:85:0a:6d:f1:79:c2:4b:54:1c:dc:b2:eb:93:9e:86:
fe:86:90:38:1b:08:ea:f6:9f:8e:3b:eb:a5:11:2c:c1:b9:2c:
49:38:11:17:d7:cd:f9:5d:bc:e3:3f:d8:44:a6:23:ba:0e:b9:
7b:a1:8d:9e:65:4f:2a:e7:85:76:87:e5:71:51:4a:27:9a:3d:
42:b0:9f:d5:aa:2b:b3:f5:e5:3e:15:73:37:b2:38:28:9f:39:
39:c1:57:34:b3:2d:e9:4d:e8:7f:16:e2:8e:f0:43:df:3b:74:
d0:74:6f:4a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVw+8bTu8ufAUX3Jxfh+yhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE0MmE1MjlhZjM3MWRlZTdhNWMyZGIyYTk1Yjg3MDJiMTkzYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwxQaWVPD54yvxg1sxbU7nkj6p5O
UDK/z9Ov8XScOKcY1OQYIPtjNBbpNTnIQvFGshVZB1eLWzLT++lpwjcNsCJY/LA8
JXtSDaJw2iBYhC1ND1Ng5GEayVUX+sz79xsRpzc4AYOWsb5+MqOAjDUXNbuBU3Ka
BJ6SeZ1qh6aVNpy/TFjyDb4t8Tipvv88MjEgKvcZIsS+bhaFWndRz082g25JB57c
3Th07jJTmjiglQ/cH89HW4+2RABOZ/0n/X/U2cbSmNlCsugT8iXxogToia9bht+Z
g3jJJ+xf7PQa9NX3XIkjnW+EENf+VOzwMty3MRF0EkCPIIifSWOz6VH6bwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIUUKlKa83He56XC2yqVuHArGTvbMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvaFJRcVVwcnpjZDducGNMYktwVzRjQ3NaTzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQABQFNMBgE
AgACMBIDBwAqAPgmAAQDBwAqAPgmAAcwDQYJKoZIhvcNAQELBQADggEBAFoa6p7p
PLKx3T7SbJqvScNfPC6lXXT6hb7OeIW7g2KVOfzExSw545axbbLp4jIGAQOp8Ym7
bnd+OEPorHRoybWFL4991tkrYQ7k3CJQAOXwc7uVaO82SDbYSPZrJ2sF1GcdmDmW
iY6ZnptqiPCh2i8CZ97FdCakRhMGWbpMCaWL2w534LcsgHcKidXb2qrkRhiLTYUK
bfF5wktUHNyy65Oehv6GkDgbCOr2n44766URLMG5LEk4ERfXzfldvOM/2ESmI7oO
uXuhjZ5lTyrnhXaH5XFRSieaPUKwn9WqK7P15T4VczeyOCifOTnBVzSzLelN6H8W
4o7wQ987dNB0b0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org