Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vYVnyjBMChdg_YonvRQU-qVRDHE.roa
File: vYVnyjBMChdg_YonvRQU-qVRDHE.roa (raw, json)
Hash identifier: 1hsxD7JmkSGlRcjCzINrm6WzswDhoCQwI495egdHFBk=
Subject key identifier: BD:85:67:CA:30:4C:0A:17:60:FD:8A:27:BD:14:14:FA:A5:51:0C:71
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018570797CC0DD248F7A9FB99188B1474B4D
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vYVnyjBMChdg_YonvRQU-qVRDHE.roa
Signing time: Mon 02 Jan 2023 03:14:47 +0000
ROA not before: Mon 02 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207734
IP address blocks: 5.11.22.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Aug 2023 09:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7c:c0:dd:24:8f:7a:9f:b9:91:88:b1:47:4b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd8567ca304c0a1760fd8a27bd1414faa5510c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:5a:f2:62:91:c8:db:f8:47:40:19:30:20:
c6:c8:8b:f1:b6:64:ec:b9:e1:dd:2e:cc:06:0f:e1:
90:ec:3c:72:17:f5:54:74:56:e3:29:a9:9e:5d:b5:
49:09:9f:88:3b:f6:61:d5:69:15:82:b3:c2:72:67:
1d:60:45:f7:45:f9:69:db:f5:9a:af:94:58:03:6b:
ea:11:d1:01:92:88:31:90:34:ad:f8:f1:a0:47:0f:
10:ba:ed:77:df:33:8b:6c:83:ff:81:46:85:f1:89:
7c:15:90:5f:57:0b:60:d6:3f:6d:02:fa:3e:50:b2:
08:fc:cf:fc:ff:7e:a7:9b:e1:93:32:54:e7:ee:7d:
51:cc:bb:69:f8:d4:39:87:ce:41:76:4c:1e:75:b2:
41:15:98:f6:2c:10:98:02:ee:c5:43:42:2e:d3:7f:
0f:fe:3c:18:8b:98:16:05:9a:c6:42:9d:cc:aa:92:
5d:2c:ea:2c:a5:b6:75:cc:e2:5e:7f:af:67:a1:cc:
73:ff:0b:34:56:a0:33:ec:74:4c:7d:50:00:19:71:
27:95:ae:32:9e:5f:2e:cc:70:44:17:64:d4:67:55:
8a:76:51:ca:24:d5:60:57:85:ca:f9:1b:76:ea:b0:
d9:7a:7b:e9:20:74:c2:7c:ff:d2:ea:68:cd:96:43:
ce:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:85:67:CA:30:4C:0A:17:60:FD:8A:27:BD:14:14:FA:A5:51:0C:71
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vYVnyjBMChdg_YonvRQU-qVRDHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.21.0-5.11.22.255
5.11.26.0/23
Signature Algorithm: sha256WithRSAEncryption
66:16:6f:d3:12:d4:6f:46:7c:61:49:ee:b9:9b:bc:6f:2e:e0:
43:35:f5:f8:eb:2e:c5:5f:ac:0a:5e:a6:45:58:37:1f:c9:66:
62:b8:85:77:b0:1e:70:1d:7d:a7:ce:f6:37:4e:ac:b5:b9:68:
93:4f:e0:dc:fa:70:6e:a2:50:f0:2b:83:82:17:c5:93:c1:f2:
c2:81:d2:6e:0d:d3:73:e4:de:c4:dd:91:e9:dc:d2:08:31:e4:
79:7a:52:55:a5:87:a9:cd:99:b1:72:a9:d3:7b:28:ae:fb:e0:
06:2c:44:02:42:42:7e:3f:3b:a0:5f:64:42:7a:d8:8c:79:d3:
44:a0:73:98:0c:8a:b2:01:61:2d:ce:d4:71:04:1d:f0:0f:08:
e3:91:df:92:93:0d:ef:7c:d9:59:95:c1:5b:e6:b8:57:8d:00:
a9:c1:c0:ac:17:b4:12:1e:a5:68:f5:81:b8:ef:b3:6d:79:26:
9d:cc:81:4b:62:28:4f:1e:6d:18:ce:a6:1c:d7:5f:fb:c4:98:
86:e1:a6:86:89:b1:aa:73:16:50:d0:8e:7d:f7:ce:58:6a:61:
12:02:67:d2:f7:e7:51:58:1b:78:5d:c3:4e:03:c7:66:fd:32:
5e:4e:c4:af:bc:eb:c5:01:9e:c0:af:f9:9f:fa:e6:bb:5c:dc:
df:57:e5:61
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVweXzA3SSPep+5kYixR0tNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg1NjdjYTMwNGMwYTE3NjBmZDhhMjdiZDE0MTRmYWE1NTEwYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovla8mKRyNv4R0AZMCDGyIvxtmTs
ueHdLswGD+GQ7DxyF/VUdFbjKameXbVJCZ+IO/Zh1WkVgrPCcmcdYEX3Rflp2/Wa
r5RYA2vqEdEBkogxkDSt+PGgRw8Quu133zOLbIP/gUaF8Yl8FZBfVwtg1j9tAvo+
ULII/M/8/36nm+GTMlTn7n1RzLtp+NQ5h85BdkwedbJBFZj2LBCYAu7FQ0Iu038P
/jwYi5gWBZrGQp3MqpJdLOospbZ1zOJef69nocxz/ws0VqAz7HRMfVAAGXEnla4y
nl8uzHBEF2TUZ1WKdlHKJNVgV4XK+Rt26rDZenvpIHTCfP/S6mjNlkPOoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL2FZ8owTAoXYP2KJ70UFPqlUQxxMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvdllWbnlqQk1DaGRnX1lvbnZSUVUtcVZSREhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAFCxUD
BAAFCxYDBAEFCxowDQYJKoZIhvcNAQELBQADggEBAGYWb9MS1G9GfGFJ7rmbvG8u
4EM19fjrLsVfrApepkVYNx/JZmK4hXewHnAdfafO9jdOrLW5aJNP4Nz6cG6iUPAr
g4IXxZPB8sKB0m4N03Pk3sTdkenc0ggx5Hl6UlWlh6nNmbFyqdN7KK774AYsRAJC
Qn4/O6BfZEJ62Ix500Sgc5gMirIBYS3O1HEEHfAPCOOR35KTDe982VmVwVvmuFeN
AKnBwKwXtBIepWj1gbjvs215Jp3MgUtiKE8ebRjOphzXX/vEmIbhpoaJsapzFlDQ
jn33zlhqYRICZ9L351FYG3hdw04Dx2b9Ml5OxK+868UBnsCv+Z/65rtc3N9X5WE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org