Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tf9JiSczTHvAuq0nWTt287BU2xQ.roa
File: tf9JiSczTHvAuq0nWTt287BU2xQ.roa (raw, json)
Hash identifier: BFfrQkp5aPXU8YTJLXulhalyYOM9RT5SBeUmW7YH234=
Subject key identifier: B5:FF:49:89:27:33:4C:7B:C0:BA:AD:27:59:3B:76:F3:B0:54:DB:14
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018BFC3FCDFA7120ADA8DD782C3C4730A8D8
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tf9JiSczTHvAuq0nWTt287BU2xQ.roa
Signing time: Thu 23 Nov 2023 12:55:21 +0000
ROA not before: Thu 23 Nov 2023 12:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.18.0/24 maxlen: 24
5.11.19.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:3f:cd:fa:71:20:ad:a8:dd:78:2c:3c:47:30:a8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Nov 23 12:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5ff498927334c7bc0baad27593b76f3b054db14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4c:13:c1:e9:52:23:48:75:01:5d:13:a6:97:
cc:07:e5:a3:9e:8d:4e:1a:85:51:9b:ec:09:93:5b:
09:8e:9c:50:0c:18:75:22:21:ae:9a:53:74:8d:51:
a0:96:83:8c:2d:16:41:28:1a:88:11:d7:26:c0:46:
72:91:5c:a8:1b:42:63:3f:8d:53:ca:26:5b:ef:cd:
ce:61:47:3c:eb:37:9a:28:88:f3:c9:d2:aa:50:51:
65:2a:ea:b3:f7:cb:86:fb:79:16:1d:3c:8f:68:ab:
da:3a:7d:98:18:a5:a4:9a:53:10:86:60:8d:9a:d1:
a6:8e:a9:11:e1:b6:d9:85:2a:7e:c6:3f:51:cf:46:
47:90:56:7f:5b:75:a8:c4:f0:a3:93:55:d0:21:a0:
d6:8f:b1:45:79:ed:96:14:d5:0d:0a:ad:56:c4:c7:
10:72:ce:a8:87:92:d8:bf:8d:69:ed:7d:82:51:a9:
ad:a3:e5:30:8c:26:f3:73:96:47:c9:7d:a8:db:bc:
bf:b7:67:e5:59:9f:b6:af:a8:d0:a5:dc:ff:93:62:
03:81:9f:cf:8b:8d:77:58:b6:6a:94:95:6f:e6:86:
ef:ca:96:4a:04:a8:d0:bf:26:99:5a:42:e6:78:be:
bb:fa:98:88:68:95:2d:af:8b:71:c7:3f:1b:a7:c9:
27:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FF:49:89:27:33:4C:7B:C0:BA:AD:27:59:3B:76:F3:B0:54:DB:14
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/tf9JiSczTHvAuq0nWTt287BU2xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/22
Signature Algorithm: sha256WithRSAEncryption
07:79:28:1c:ea:10:16:65:91:e2:28:bc:3d:64:13:4e:33:db:
c2:af:fa:f1:ca:3d:d3:e5:c7:95:4c:be:07:e4:bf:7f:db:40:
a6:cf:92:e8:91:01:5d:e9:d6:47:8e:4e:66:f0:94:a6:b2:f4:
13:d4:d9:89:b1:50:5f:73:70:a5:c0:8c:19:cd:fc:f5:97:70:
a0:35:9b:9f:a1:bc:d1:d2:0b:7e:96:2a:da:17:29:07:29:36:
53:2f:81:67:05:42:a5:f6:34:48:99:c0:ed:a7:00:93:91:84:
33:80:df:30:3d:8d:6c:ac:76:2a:11:a6:53:cd:db:77:1f:55:
c7:e9:d1:66:e1:44:f1:84:f8:8b:9e:75:a5:e4:ab:6e:fd:e5:
af:1e:2e:ab:30:df:8f:42:3b:86:15:84:4c:a6:ab:c8:04:bb:
b0:02:fd:ac:15:03:fc:98:6d:8e:0e:03:53:2b:88:9b:9d:70:
ba:8d:a1:99:c3:98:ac:f0:5f:ed:0d:5b:b7:bd:0a:b0:bf:76:
aa:cf:91:58:d5:34:cf:37:29:37:97:f6:84:72:12:5b:fa:84:
74:25:e4:d2:6e:b9:20:9a:18:1d:13:12:52:e3:3f:1d:7b:35:
28:0e:76:80:45:a2:88:60:b7:4e:8d:70:a1:f0:4b:20:6e:41:
44:85:1e:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYv8P836cSCtqN14LDxHMKjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMxMTIzMTI1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZmNDk4OTI3MzM0YzdiYzBiYWFkMjc1OTNiNzZmM2IwNTRkYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEwTwelSI0h1AV0TppfMB+Wjno1O
GoVRm+wJk1sJjpxQDBh1IiGumlN0jVGgloOMLRZBKBqIEdcmwEZykVyoG0JjP41T
yiZb783OYUc86zeaKIjzydKqUFFlKuqz98uG+3kWHTyPaKvaOn2YGKWkmlMQhmCN
mtGmjqkR4bbZhSp+xj9Rz0ZHkFZ/W3WoxPCjk1XQIaDWj7FFee2WFNUNCq1WxMcQ
cs6oh5LYv41p7X2CUamto+UwjCbzc5ZHyX2o27y/t2flWZ+2r6jQpdz/k2IDgZ/P
i413WLZqlJVv5obvypZKBKjQvyaZWkLmeL67+piIaJUtr4txxz8bp8knYQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLX/SYknM0x7wLqtJ1k7dvOwVNsUMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvdGY5SmlTY3pUSHZBdXEwbldUdDI4N0JVMnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAIFCxgwDQYJKoZIhvcNAQELBQADggEBAAd5KBzqEBZlkeIo
vD1kE04z28Kv+vHKPdPlx5VMvgfkv3/bQKbPkuiRAV3p1keOTmbwlKay9BPU2Ymx
UF9zcKXAjBnN/PWXcKA1m5+hvNHSC36WKtoXKQcpNlMvgWcFQqX2NEiZwO2nAJOR
hDOA3zA9jWysdioRplPN23cfVcfp0WbhRPGE+IuedaXkq2795a8eLqsw349CO4YV
hEymq8gEu7AC/awVA/yYbY4OA1MriJudcLqNoZnDmKzwX+0NW7e9CrC/dqrPkVjV
NM83KTeX9oRyElv6hHQl5NJuuSCaGB0TElLjPx17NSgOdoBFoohgt06NcKHwSyBu
QUSFHt4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org