Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/oNTDAsSOfxHlTu0em6Ti4f9iApQ.roa
File: oNTDAsSOfxHlTu0em6Ti4f9iApQ.roa (raw, json)
Hash identifier: CceEFCXrhKXZ1Rd59KlAwYWWti1piwDAs8aPEvHoquo=
Subject key identifier: A0:D4:C3:02:C4:8E:7F:11:E5:4E:ED:1E:9B:A4:E2:E1:FF:62:02:94
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 0189F2FF829FC15EEFDFFAB6FC261C3A9F80
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/oNTDAsSOfxHlTu0em6Ti4f9iApQ.roa
Signing time: Mon 14 Aug 2023 07:42:58 +0000
ROA not before: Mon 14 Aug 2023 07:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207734
IP address blocks: 5.11.22.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Aug 2023 07:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:ff:82:9f:c1:5e:ef:df:fa:b6:fc:26:1c:3a:9f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 14 07:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0d4c302c48e7f11e54eed1e9ba4e2e1ff620294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ef:94:4e:9f:19:e2:ac:16:18:87:d2:64:27:
52:7a:71:63:9b:8c:7a:72:ad:c5:4a:3f:52:08:25:
f4:ca:24:62:aa:3e:11:d2:a6:79:25:79:07:66:9e:
6c:ec:78:f5:2d:82:df:38:4a:3a:f6:76:0f:22:52:
89:d9:1d:ec:ae:e4:c3:cb:2a:7a:c6:a5:16:bf:1f:
29:19:2e:6e:c6:32:71:d5:7b:32:49:5a:90:a1:80:
db:64:63:54:11:7a:a4:04:7e:52:f2:90:31:82:c9:
8b:d3:1b:5b:5a:95:0b:3d:20:21:29:23:6d:03:20:
99:71:80:7a:4e:41:af:5f:73:7a:e7:f1:58:37:5f:
97:d8:b8:9e:51:da:6d:4e:4d:f8:43:3e:44:3f:c2:
a6:70:dd:08:5a:de:49:4f:32:f9:47:6c:d6:43:e1:
cd:d6:b7:67:50:bc:d6:14:a1:a1:76:0d:10:6c:cc:
7c:38:e5:59:5a:03:52:b7:4c:f1:ef:9c:47:d7:c8:
51:77:f9:1c:a6:ff:23:5d:a4:8d:03:15:c1:93:29:
c7:fa:7b:b1:1f:a8:b5:fb:74:30:a4:10:ad:1d:01:
6e:a8:89:21:53:47:92:d4:c0:f8:22:3e:3e:82:96:
d3:80:a0:6d:4a:87:bd:e6:c5:e5:7a:c3:2d:85:b0:
e4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D4:C3:02:C4:8E:7F:11:E5:4E:ED:1E:9B:A4:E2:E1:FF:62:02:94
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/oNTDAsSOfxHlTu0em6Ti4f9iApQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.22.0/24
5.11.26.0/23
Signature Algorithm: sha256WithRSAEncryption
21:dc:82:ef:1b:82:8a:e3:ef:5f:ef:0e:89:ba:07:38:de:c4:
60:bc:a7:83:ce:1a:45:72:10:93:f7:1b:2a:14:71:36:f6:e1:
a9:4e:fe:cd:10:49:51:dc:64:b7:f3:a0:0f:39:ba:29:5a:63:
f9:1b:5d:7d:d6:b4:8c:42:10:90:ed:8e:97:22:5e:10:a4:39:
e3:c9:69:cc:01:93:a2:4b:ae:4f:a4:bf:dd:64:55:81:c3:14:
a0:ac:0e:c4:8f:6e:67:8e:42:17:b5:97:42:79:ea:f9:8f:7f:
0a:30:c2:b7:aa:3f:c6:56:77:34:8e:7d:ea:9c:bd:82:ca:dc:
23:97:28:bc:d1:0a:24:68:5d:94:a0:90:c4:26:99:3e:2f:05:
4f:23:8f:63:7f:39:d6:51:ce:18:2a:31:a7:ec:4a:4f:b6:d2:
4c:3d:30:34:64:d3:af:b8:9c:f3:70:70:f3:49:0b:a8:c0:25:
3b:73:41:f2:5f:ef:19:9f:27:68:eb:3f:fd:21:4d:18:14:02:
70:2b:2f:f4:3a:83:a2:2b:52:16:0d:d1:55:ac:e2:60:56:2b:
e6:98:74:1a:6b:3d:6b:3c:82:8d:f8:2d:15:98:fc:d6:e1:25:
64:e2:a9:d3:27:1c:df:f9:dc:2f:4c:97:ff:c3:5a:23:d0:74:
ae:18:9b:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYny/4KfwV7v3/q2/CYcOp+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODE0MDc0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ0YzMwMmM0OGU3ZjExZTU0ZWVkMWU5YmE0ZTJlMWZmNjIwMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj++UTp8Z4qwWGIfSZCdSenFjm4x6
cq3FSj9SCCX0yiRiqj4R0qZ5JXkHZp5s7Hj1LYLfOEo69nYPIlKJ2R3sruTDyyp6
xqUWvx8pGS5uxjJx1XsySVqQoYDbZGNUEXqkBH5S8pAxgsmL0xtbWpULPSAhKSNt
AyCZcYB6TkGvX3N65/FYN1+X2LieUdptTk34Qz5EP8KmcN0IWt5JTzL5R2zWQ+HN
1rdnULzWFKGhdg0QbMx8OOVZWgNSt0zx75xH18hRd/kcpv8jXaSNAxXBkynH+nux
H6i1+3QwpBCtHQFuqIkhU0eS1MD4Ij4+gpbTgKBtSoe95sXlesMthbDkTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDUwwLEjn8R5U7tHpuk4uH/YgKUMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvb05UREFzU09meEhsVHUwZW02VGk0ZjlpQXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQsWAwQB
BQsaMA0GCSqGSIb3DQEBCwUAA4IBAQAh3ILvG4KK4+9f7w6Jugc43sRgvKeDzhpF
chCT9xsqFHE29uGpTv7NEElR3GS386APObopWmP5G1191rSMQhCQ7Y6XIl4QpDnj
yWnMAZOiS65PpL/dZFWBwxSgrA7Ej25njkIXtZdCeer5j38KMMK3qj/GVnc0jn3q
nL2Cytwjlyi80QokaF2UoJDEJpk+LwVPI49jfznWUc4YKjGn7EpPttJMPTA0ZNOv
uJzzcHDzSQuowCU7c0HyX+8Znydo6z/9IU0YFAJwKy/0OoOiK1IWDdFVrOJgVivm
mHQaaz1rPIKN+C0VmPzW4SVk4qnTJxzf+dwvTJf/w1oj0HSuGJvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org