Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/5MWHKSuoJ2qz9hOCD0BP70FkAVw.roa
File: 5MWHKSuoJ2qz9hOCD0BP70FkAVw.roa (raw, json)
Hash identifier: SpNEiJwkN04kbiIpbdApbFVkHmg9FuKJlBxP1yDkvVc=
Subject key identifier: E4:C5:87:29:2B:A8:27:6A:B3:F6:13:82:0F:40:4F:EF:41:64:01:5C
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: 018570396315D7BA1A0A24C1015E4E22A375
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/5MWHKSuoJ2qz9hOCD0BP70FkAVw.roa
Signing time: Mon 02 Jan 2023 02:04:47 +0000
ROA not before: Mon 02 Jan 2023 02:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209383
IP address blocks: 139.28.192.0/23 maxlen: 23
139.28.192.0/22 maxlen: 22
139.28.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:63:15:d7:ba:1a:0a:24:c1:01:5e:4e:22:a3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 2 02:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4c587292ba8276ab3f613820f404fef4164015c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:87:6a:56:fc:a0:9c:32:0d:26:40:ae:fd:36:
43:f2:13:96:cc:74:55:e8:60:6b:76:30:b3:1d:74:
ca:a6:2d:1b:23:71:37:57:45:5c:46:9b:4a:6d:1b:
5a:18:44:2e:54:95:83:47:29:ae:dc:6e:1e:ce:35:
84:c2:8d:93:02:2b:4b:aa:e8:55:57:90:3a:3d:4c:
bf:62:d7:a9:73:6e:81:40:b2:37:42:30:57:82:7c:
fb:ca:59:92:5d:5f:44:b5:f8:ed:39:ee:a6:de:ca:
5d:19:08:a3:41:10:1f:ea:49:36:58:97:1c:ff:f0:
45:36:c2:7d:27:8e:35:b0:c2:5e:84:dd:cd:55:57:
b2:e2:24:05:24:0c:d3:94:77:a6:52:73:eb:d9:16:
f0:d6:c3:b4:ad:27:4e:fb:40:76:bb:e7:d6:d2:84:
7e:c8:d9:92:c8:9c:c0:c9:3a:b6:5c:73:de:78:8d:
d5:38:6b:76:0d:db:b4:f2:d1:78:2d:71:36:6e:76:
35:ed:b0:eb:6c:ff:1d:e2:1d:79:2b:68:d2:a4:f9:
c6:91:8c:e9:0f:c0:1c:18:f4:7b:9e:a4:f4:27:2e:
81:f5:3a:54:86:63:68:30:df:dd:75:cb:6e:f3:84:
a8:06:f1:08:f9:5b:b8:67:f6:38:72:59:3f:66:68:
24:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C5:87:29:2B:A8:27:6A:B3:F6:13:82:0F:40:4F:EF:41:64:01:5C
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/5MWHKSuoJ2qz9hOCD0BP70FkAVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
50:47:2d:39:e2:57:5e:79:47:8d:c7:b6:02:16:08:51:ad:96:
f1:e3:e5:a6:f8:71:20:42:5c:82:62:2a:f5:df:98:00:3d:90:
aa:dc:79:df:e5:60:c4:c3:99:38:64:a2:da:6e:ad:b9:ae:fe:
99:c8:fa:23:8d:1a:ce:f8:26:a4:d3:f1:3a:78:7f:90:d3:1f:
9e:3f:23:13:18:c2:bf:4c:59:b5:33:f1:2a:b3:0f:4e:5d:07:
a2:a8:02:5d:7f:af:bc:4c:ac:75:28:bd:24:a4:25:21:df:ac:
14:2d:0f:46:a1:24:03:5f:1b:5d:b0:ed:18:08:61:4c:cc:43:
d1:dc:4a:7d:bb:2b:ea:a8:39:09:e6:55:40:db:32:5f:fe:30:
3b:44:00:a9:1d:3b:5e:05:90:77:59:f2:90:53:46:6f:ca:e7:
23:ca:e5:37:a0:a4:06:b3:72:25:97:f9:5d:21:e5:6a:93:37:
58:ed:2a:69:d6:62:da:b4:be:57:25:30:33:f3:fc:06:1c:33:
79:fc:7f:ad:17:99:72:d8:7f:5e:9e:7c:9d:a5:17:90:2e:3b:
f3:8d:5d:0c:c4:0a:9c:22:bb:5e:43:6a:11:d2:75:6a:ad:34:
ec:d2:54:a3:6d:dc:cc:50:00:8e:90:6c:db:ad:11:6e:89:86:
8f:24:10:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWMV17oaCiTBAV5OIqN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODU4MjFiYjdhODQ0NWVmYmY0MzNkNGMxOTg5MGE3ZmE5
NDlmYTgwHhcNMjMwMTAyMDIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM1ODcyOTJiYTgyNzZhYjNmNjEzODIwZjQwNGZlZjQxNjQwMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYdqVvygnDINJkCu/TZD8hOWzHRV
6GBrdjCzHXTKpi0bI3E3V0VcRptKbRtaGEQuVJWDRymu3G4ezjWEwo2TAitLquhV
V5A6PUy/Ytepc26BQLI3QjBXgnz7ylmSXV9EtfjtOe6m3spdGQijQRAf6kk2WJcc
//BFNsJ9J441sMJehN3NVVey4iQFJAzTlHemUnPr2Rbw1sO0rSdO+0B2u+fW0oR+
yNmSyJzAyTq2XHPeeI3VOGt2Ddu08tF4LXE2bnY17bDrbP8d4h15K2jSpPnGkYzp
D8AcGPR7nqT0Jy6B9TpUhmNoMN/ddctu84SoBvEI+Vu4Z/Y4clk/ZmgkMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTFhykrqCdqs/YTgg9AT+9BZAFcMB8GA1UdIwQY
MBaAFEKFghu3qERe+/Qz1MGYkKf6lJ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjct
OGEzZDhkYzM1OGViLzEvNU1XSEtTdW9KMnF6OWhPQ0QwQlA3MEZrQVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjctOGEzZDhkYzM1OGVi
LzEvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixzAMA0G
CSqGSIb3DQEBCwUAA4IBAQBQRy054ldeeUeNx7YCFghRrZbx4+Wm+HEgQlyCYir1
35gAPZCq3Hnf5WDEw5k4ZKLabq25rv6ZyPojjRrO+Cak0/E6eH+Q0x+ePyMTGMK/
TFm1M/Eqsw9OXQeiqAJdf6+8TKx1KL0kpCUh36wULQ9GoSQDXxtdsO0YCGFMzEPR
3Ep9uyvqqDkJ5lVA2zJf/jA7RACpHTteBZB3WfKQU0ZvyucjyuU3oKQGs3Ill/ld
IeVqkzdY7Spp1mLatL5XJTAz8/wGHDN5/H+tF5ly2H9ennydpReQLjvzjV0MxAqc
IrteQ2oR0nVqrTTs0lSjbdzMUACOkGzbrRFuiYaPJBCH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:49 2024 by rpki-client on console-fra.rpki-client.org