Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/6vBcLQsT3EwRNhKI4wPwGnbdMZg.roa
File: 6vBcLQsT3EwRNhKI4wPwGnbdMZg.roa (raw, json)
Hash identifier: Kay1YF6KjYF3D5GJY2vYXCXV2jctw4LizR3kvMgseho=
Subject key identifier: EA:F0:5C:2D:0B:13:DC:4C:11:36:12:88:E3:03:F0:1A:76:DD:31:98
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0185706721427F5D17BC881B78B21D310916
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/6vBcLQsT3EwRNhKI4wPwGnbdMZg.roa
Signing time: Mon 02 Jan 2023 02:54:44 +0000
ROA not before: Mon 02 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200370
IP address blocks: 5.202.224.0/24 maxlen: 24
5.202.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:21:42:7f:5d:17:bc:88:1b:78:b2:1d:31:09:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaf05c2d0b13dc4c11361288e303f01a76dd3198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b3:96:10:87:44:f9:ca:48:18:bd:99:ee:ce:
12:5c:d0:8f:02:a6:97:d7:3d:bb:b7:39:1e:56:0f:
5e:c3:34:1e:f4:19:bd:54:78:a7:dd:e1:32:a4:f7:
88:c1:25:35:4b:d2:de:95:05:fa:43:26:8e:8a:d9:
be:bb:27:b8:e1:27:78:44:e6:68:bf:65:6f:b0:40:
ab:e3:22:95:fc:36:b8:fe:35:d9:a0:19:f9:d8:a3:
da:22:0d:ea:5f:24:c7:0c:63:67:46:43:3e:c3:95:
60:74:35:5a:f1:54:4d:ba:23:d8:f3:e5:8c:c5:67:
1d:c2:66:c6:9d:7a:15:b1:ad:b7:79:04:a4:fb:81:
71:89:c0:b9:14:e0:59:65:0d:af:ef:3a:3d:79:7d:
ce:a3:70:cd:34:a6:5a:7c:ce:f9:2d:99:fc:45:f8:
67:80:f9:95:8e:f0:02:9d:aa:df:cf:0a:a7:e0:1c:
49:29:f9:24:7c:4b:03:2a:ea:da:97:6b:60:f9:04:
87:be:b8:e3:df:47:8e:c1:c1:81:19:df:a9:d3:44:
3f:64:7a:b2:24:37:71:10:01:6d:6e:6c:fa:57:e6:
f6:d4:9d:e4:27:36:ef:bb:bd:a2:0e:2d:b5:d8:be:
69:20:35:9a:1d:5b:e9:03:a9:45:1b:95:14:b5:37:
1e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F0:5C:2D:0B:13:DC:4C:11:36:12:88:E3:03:F0:1A:76:DD:31:98
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/6vBcLQsT3EwRNhKI4wPwGnbdMZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.224.0/23
Signature Algorithm: sha256WithRSAEncryption
64:24:f5:60:0b:bc:a7:1e:82:94:90:a6:81:d0:5d:16:d3:3b:
ae:6e:62:9d:2b:26:bc:4d:3d:9b:18:cb:30:63:8f:00:dd:44:
7b:b3:25:f4:77:70:bf:c9:ce:9c:ad:4e:31:cc:73:b5:53:d8:
04:06:e5:ee:c6:56:24:87:45:f3:d5:5b:d4:a8:de:74:72:87:
05:de:71:be:4b:49:90:02:7d:ad:e1:fd:41:44:84:3d:15:1f:
3e:89:ed:0a:1e:68:6b:6f:e4:c9:fe:8d:00:dd:09:c3:66:da:
16:a3:63:f9:07:00:82:46:17:d7:f8:b1:4e:5b:c8:7b:5a:dd:
db:1c:3c:a9:69:c5:67:50:51:d3:2a:e2:7f:97:ef:94:2b:a5:
a5:47:a5:3a:1e:6d:d4:60:fd:df:93:03:63:6c:59:60:40:66:
5d:c0:4d:92:70:87:45:3f:7a:66:9f:eb:e1:3d:36:1d:e3:11:
78:a6:30:b3:c8:7e:83:22:6c:df:91:9a:da:1b:1b:54:b0:7a:
1a:96:ac:54:1d:e4:f8:08:30:50:ba:72:c3:e1:13:1b:78:00:
7e:98:38:31:6f:2d:be:5a:a3:e1:82:95:ea:83:f1:9f:23:4b:
42:26:a0:69:b9:2b:53:d2:c0:e1:8a:05:87:de:ce:79:ec:8b:
85:68:e1:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZyFCf10XvIgbeLIdMQkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWYwNWMyZDBiMTNkYzRjMTEzNjEyODhlMzAzZjAxYTc2ZGQzMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorOWEIdE+cpIGL2Z7s4SXNCPAqaX
1z27tzkeVg9ewzQe9Bm9VHin3eEypPeIwSU1S9LelQX6QyaOitm+uye44Sd4ROZo
v2VvsECr4yKV/Da4/jXZoBn52KPaIg3qXyTHDGNnRkM+w5VgdDVa8VRNuiPY8+WM
xWcdwmbGnXoVsa23eQSk+4FxicC5FOBZZQ2v7zo9eX3Oo3DNNKZafM75LZn8Rfhn
gPmVjvACnarfzwqn4BxJKfkkfEsDKural2tg+QSHvrjj30eOwcGBGd+p00Q/ZHqy
JDdxEAFtbmz6V+b21J3kJzbvu72iDi212L5pIDWaHVvpA6lFG5UUtTce1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrwXC0LE9xMETYSiOMD8Bp23TGYMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvNnZCY0xRc1QzRXdSTmhLSTR3UHdHbmJkTVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBcrgMA0G
CSqGSIb3DQEBCwUAA4IBAQBkJPVgC7ynHoKUkKaB0F0W0zuubmKdKya8TT2bGMsw
Y48A3UR7syX0d3C/yc6crU4xzHO1U9gEBuXuxlYkh0Xz1VvUqN50cocF3nG+S0mQ
An2t4f1BRIQ9FR8+ie0KHmhrb+TJ/o0A3QnDZtoWo2P5BwCCRhfX+LFOW8h7Wt3b
HDypacVnUFHTKuJ/l++UK6WlR6U6Hm3UYP3fkwNjbFlgQGZdwE2ScIdFP3pmn+vh
PTYd4xF4pjCzyH6DImzfkZraGxtUsHoalqxUHeT4CDBQunLD4RMbeAB+mDgxby2+
WqPhgpXqg/GfI0tCJqBpuStT0sDhigWH3s557IuFaOHk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org