Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zShQHfib6bV56i5t9iZeKJRwMwU.roa
File: zShQHfib6bV56i5t9iZeKJRwMwU.roa (raw, json)
Hash identifier: 5RJgf+MmDUJZYJr3BD4m4wMK+lu7WWksuUrk7Z9gThk=
Subject key identifier: CD:28:50:1D:F8:9B:E9:B5:79:EA:2E:6D:F6:26:5E:28:94:70:33:05
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018BA46A5E0C1DD171DC6BD7ABBCA0C12571
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zShQHfib6bV56i5t9iZeKJRwMwU.roa
Signing time: Mon 06 Nov 2023 11:35:16 +0000
ROA not before: Mon 06 Nov 2023 11:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207439
IP address blocks: 5.1.67.0/24 maxlen: 32
5.1.85.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:6a:5e:0c:1d:d1:71:dc:6b:d7:ab:bc:a0:c1:25:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Nov 6 11:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd28501df89be9b579ea2e6df6265e2894703305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8c:11:be:49:fc:d0:0d:88:65:dc:49:de:c3:
3d:86:e8:c9:2b:81:1c:49:68:2f:4d:69:d2:91:35:
5d:a1:b9:bf:88:17:a7:39:a5:f7:75:69:69:cb:9d:
02:24:02:a3:ef:67:a1:51:3d:b7:d8:1e:bb:de:dc:
aa:ed:70:e4:48:05:b3:8b:9d:65:ea:74:69:e7:82:
75:91:72:58:f1:49:28:0f:39:fe:cc:64:eb:b9:0f:
0c:e5:ef:5f:3d:7c:5b:94:a3:81:63:7f:b9:a5:1f:
ba:8e:0b:50:aa:ee:0d:d1:da:42:87:a7:76:0b:a3:
a3:79:bc:5e:76:be:29:0b:f6:8f:5d:8b:13:48:ca:
e5:60:f2:c4:9a:87:cd:3c:99:4f:c9:bc:24:86:81:
97:16:a4:0f:45:25:8f:80:b2:36:62:21:91:d4:2f:
61:4a:83:4b:ec:49:b8:a5:e4:f9:08:9c:81:92:71:
09:88:d0:0c:0b:2a:86:ae:6e:cc:33:f0:5b:ff:f6:
6a:d5:85:a8:d0:f9:66:1d:5f:4f:fc:80:0d:16:a1:
eb:b4:ec:f2:4d:25:90:c8:72:ae:eb:a3:30:e9:83:
b4:0c:79:d7:9b:63:39:5c:ec:63:f7:76:60:fe:a2:
30:c6:51:19:61:1e:cf:e6:27:97:0f:80:7f:b0:6e:
c9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:28:50:1D:F8:9B:E9:B5:79:EA:2E:6D:F6:26:5E:28:94:70:33:05
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zShQHfib6bV56i5t9iZeKJRwMwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.67.0/24
5.1.85.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c4:bb:9e:85:7c:2b:e2:8c:8b:b4:62:75:9c:c8:d5:17:ca:
6d:e9:f7:26:45:7c:73:a1:fd:89:b9:61:31:eb:e9:e0:9e:9a:
0b:00:b5:7e:1e:90:0f:25:43:60:af:cd:67:eb:36:13:51:55:
91:df:7f:d0:bd:96:e4:0d:bb:68:14:5c:55:05:a2:4b:ba:78:
c6:a3:21:20:04:3b:45:90:6b:e5:76:5e:1f:a9:d0:8e:2e:c1:
06:f8:70:e6:3e:44:ec:09:10:c3:ef:50:04:f2:b1:cf:3d:58:
fc:c1:f4:ef:b3:03:57:4f:27:90:0f:88:13:20:1a:5a:56:58:
68:3a:0e:79:7e:6d:c8:4c:59:f9:ec:5a:ec:b3:bc:2b:a6:8a:
d9:ce:5b:60:a0:6f:f9:bb:9f:a4:30:93:8d:75:12:34:59:b0:
3c:0c:21:fe:d2:43:14:18:f0:1d:26:fe:d6:84:18:ad:b5:ff:
28:c3:62:53:a6:e6:2c:85:9a:31:b9:f9:60:1f:26:21:e9:86:
0d:3a:a3:0c:bc:81:30:b3:52:10:1b:a9:72:66:39:bf:ba:39:
3a:9d:ed:f2:4a:ce:9d:91:fa:c4:ed:74:e9:1a:9f:16:ff:95:
3e:de:fa:12:14:18:31:68:ad:63:26:6a:f7:69:2f:c3:6c:12:
da:0c:a3:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYukal4MHdFx3GvXq7ygwSVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMxMTA2MTEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI4NTAxZGY4OWJlOWI1NzllYTJlNmRmNjI2NWUyODk0NzAzMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIwRvkn80A2IZdxJ3sM9hujJK4Ec
SWgvTWnSkTVdobm/iBenOaX3dWlpy50CJAKj72ehUT232B673tyq7XDkSAWzi51l
6nRp54J1kXJY8UkoDzn+zGTruQ8M5e9fPXxblKOBY3+5pR+6jgtQqu4N0dpCh6d2
C6Ojebxedr4pC/aPXYsTSMrlYPLEmofNPJlPybwkhoGXFqQPRSWPgLI2YiGR1C9h
SoNL7Em4peT5CJyBknEJiNAMCyqGrm7MM/Bb//Zq1YWo0PlmHV9P/IANFqHrtOzy
TSWQyHKu66Mw6YO0DHnXm2M5XOxj93Zg/qIwxlEZYR7P5ieXD4B/sG7JawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0oUB34m+m1eeoubfYmXiiUcDMFMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvelNoUUhmaWI2YlY1Nmk1dDlpWmVLSlJ3TXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQFDAwQA
BQFVMA0GCSqGSIb3DQEBCwUAA4IBAQAAxLuehXwr4oyLtGJ1nMjVF8pt6fcmRXxz
of2JuWEx6+ngnpoLALV+HpAPJUNgr81n6zYTUVWR33/QvZbkDbtoFFxVBaJLunjG
oyEgBDtFkGvldl4fqdCOLsEG+HDmPkTsCRDD71AE8rHPPVj8wfTvswNXTyeQD4gT
IBpaVlhoOg55fm3ITFn57Frss7wrporZzltgoG/5u5+kMJONdRI0WbA8DCH+0kMU
GPAdJv7WhBittf8ow2JTpuYshZoxuflgHyYh6YYNOqMMvIEws1IQG6lyZjm/ujk6
ne3ySs6dkfrE7XTpGp8W/5U+3voSFBgxaK1jJmr3aS/DbBLaDKMc
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org