Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/3c4386-4238-4de6-b50b-e8092dd65c7f/1/aYy_IwmAC-Q3v-YyHNaTXar-3SY.roa
File: aYy_IwmAC-Q3v-YyHNaTXar-3SY.roa (raw, json)
Hash identifier: 8ZgsfSndn4aJGgQezpKDk/g0aqVvchcvpfoGdQL4wHI=
Subject key identifier: 69:8C:BF:23:09:80:0B:E4:37:BF:E6:32:1C:D6:93:5D:AA:FE:DD:26
Certificate issuer: /CN=55e93cc3e61cf334b16111cae34ae9928c4fc3fa
Certificate serial: 018B014FD2421663D8541369914C041DB239
Authority key identifier: 55:E9:3C:C3:E6:1C:F3:34:B1:61:11:CA:E3:4A:E9:92:8C:4F:C3:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vek8w-Yc8zSxYRHK40rpkoxPw_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/3c4386-4238-4de6-b50b-e8092dd65c7f/1/aYy_IwmAC-Q3v-YyHNaTXar-3SY.roa
Signing time: Thu 05 Oct 2023 19:28:10 +0000
ROA not before: Thu 05 Oct 2023 19:28:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59499
IP address blocks: 5.159.8.0/22 maxlen: 22
5.159.8.0/21 maxlen: 21
5.159.12.0/22 maxlen: 22
185.141.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:4f:d2:42:16:63:d8:54:13:69:91:4c:04:1d:b2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55e93cc3e61cf334b16111cae34ae9928c4fc3fa
Validity
Not Before: Oct 5 19:28:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=698cbf2309800be437bfe6321cd6935daafedd26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:22:fe:25:6e:53:84:2b:e4:91:56:9e:62:83:
95:0b:24:08:11:bf:0d:cb:32:8f:76:85:84:c4:a0:
bc:66:36:a7:cf:df:c4:dd:ed:24:18:75:7f:80:d2:
58:cd:9b:8e:6a:51:16:7f:92:7e:61:d2:56:d6:c3:
3d:b0:62:dc:31:38:30:68:48:2f:04:78:9d:18:89:
4d:3e:44:48:00:ef:4d:ac:13:d8:6e:d4:6a:eb:1f:
10:a6:3f:e0:f4:52:2e:bc:84:66:79:b6:62:70:f7:
bb:18:bb:b3:ba:8a:90:9d:a8:5e:99:2a:8c:03:30:
9b:d4:b4:05:21:4e:67:99:d6:04:c2:10:ad:5b:c8:
4c:0b:33:c3:0e:fc:12:c7:e6:2f:7f:f3:81:4b:5f:
56:70:6c:98:55:26:a5:42:b3:de:57:a4:82:7e:e8:
a9:7e:5f:ac:72:9c:a7:6e:e0:27:4f:af:27:d0:af:
2a:e4:15:c7:4e:af:35:8a:13:ee:df:b4:f2:52:31:
70:63:10:8f:56:c7:8a:49:b9:66:5a:6a:c6:d3:72:
bb:40:b0:2a:77:7c:bf:06:b5:b7:10:c7:a7:57:1b:
84:e6:4c:27:e8:cf:56:c3:46:d1:c1:e1:3b:9a:56:
39:fc:57:72:1c:f3:60:14:6e:fb:80:36:fb:ba:49:
ee:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8C:BF:23:09:80:0B:E4:37:BF:E6:32:1C:D6:93:5D:AA:FE:DD:26
X509v3 Authority Key Identifier:
keyid:55:E9:3C:C3:E6:1C:F3:34:B1:61:11:CA:E3:4A:E9:92:8C:4F:C3:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vek8w-Yc8zSxYRHK40rpkoxPw_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3c4386-4238-4de6-b50b-e8092dd65c7f/1/aYy_IwmAC-Q3v-YyHNaTXar-3SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3c4386-4238-4de6-b50b-e8092dd65c7f/1/Vek8w-Yc8zSxYRHK40rpkoxPw_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.8.0/21
185.141.16.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:aa:89:85:7b:a8:5b:4e:5e:f8:e6:2f:db:8d:2e:bf:0a:0b:
e1:31:a9:43:dd:23:2a:36:a7:37:5b:54:a4:97:0f:1a:73:1c:
16:65:4d:eb:53:cb:0a:3c:7d:d1:bc:11:ac:b6:67:89:4d:5f:
15:1b:1b:30:30:36:94:69:13:24:7d:1a:92:c2:7f:ff:7e:01:
ee:aa:ea:e5:90:76:f0:1a:34:64:ce:0e:01:96:e8:9f:59:f5:
23:f4:5d:99:63:76:05:70:38:15:5e:f7:ff:21:2b:8b:b1:50:
70:55:e1:56:98:b0:03:66:b1:b1:d3:b6:93:14:77:27:e6:3f:
fe:75:fd:fb:88:ee:99:b6:a3:c6:a6:d5:ee:10:44:d8:04:94:
ed:d5:bd:0f:6a:8a:59:80:fe:2e:01:71:6d:d6:33:ba:a3:5a:
d5:79:9a:38:76:2e:6b:a3:42:fe:fe:25:4a:00:d6:66:3b:f1:
45:16:e3:97:21:66:7a:0b:25:e9:5a:a4:22:60:e2:e7:d1:a6:
91:e4:4d:78:43:49:ae:d6:98:c6:17:eb:f4:56:c1:bd:6d:80:
b8:00:c7:8e:3b:03:ab:45:5e:fd:f5:f0:9c:9e:d2:63:4e:8d:
ca:ab:c1:61:25:c7:2c:84:45:58:d6:d5:ec:30:0a:40:75:08:
9b:cd:71:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsBT9JCFmPYVBNpkUwEHbI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZTkzY2MzZTYxY2YzMzRiMTYxMTFjYWUzNGFlOTkyOGM0
ZmMzZmEwHhcNMjMxMDA1MTkyODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThjYmYyMzA5ODAwYmU0MzdiZmU2MzIxY2Q2OTM1ZGFhZmVkZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCL+JW5ThCvkkVaeYoOVCyQIEb8N
yzKPdoWExKC8Zjanz9/E3e0kGHV/gNJYzZuOalEWf5J+YdJW1sM9sGLcMTgwaEgv
BHidGIlNPkRIAO9NrBPYbtRq6x8Qpj/g9FIuvIRmebZicPe7GLuzuoqQnahemSqM
AzCb1LQFIU5nmdYEwhCtW8hMCzPDDvwSx+Yvf/OBS19WcGyYVSalQrPeV6SCfuip
fl+scpynbuAnT68n0K8q5BXHTq81ihPu37TyUjFwYxCPVseKSblmWmrG03K7QLAq
d3y/BrW3EMenVxuE5kwn6M9Ww0bRweE7mlY5/FdyHPNgFG77gDb7uknuOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmMvyMJgAvkN7/mMhzWk12q/t0mMB8GA1UdIwQY
MBaAFFXpPMPmHPM0sWERyuNK6ZKMT8P6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmVrOHctWWM4elN4WVJISzQwcnBrb3hQd19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zYzQzODYtNDIzOC00ZGU2LWI1MGIt
ZTgwOTJkZDY1YzdmLzEvYVl5X0l3bUFDLVEzdi1ZeUhOYVRYYXItM1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zYzQzODYtNDIzOC00ZGU2LWI1MGItZTgwOTJkZDY1Yzdm
LzEvVmVrOHctWWM4elN4WVJISzQwcnBrb3hQd19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBZ8IAwQC
uY0QMA0GCSqGSIb3DQEBCwUAA4IBAQBqqomFe6hbTl745i/bjS6/CgvhMalD3SMq
Nqc3W1Sklw8acxwWZU3rU8sKPH3RvBGstmeJTV8VGxswMDaUaRMkfRqSwn//fgHu
qurlkHbwGjRkzg4BluifWfUj9F2ZY3YFcDgVXvf/ISuLsVBwVeFWmLADZrGx07aT
FHcn5j/+df37iO6ZtqPGptXuEETYBJTt1b0PaopZgP4uAXFt1jO6o1rVeZo4di5r
o0L+/iVKANZmO/FFFuOXIWZ6CyXpWqQiYOLn0aaR5E14Q0mu1pjGF+v0VsG9bYC4
AMeOOwOrRV799fCcntJjTo3Kq8FhJccshEVY1tXsMApAdQibzXFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org