Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/o5VplEuMHkudHPgEiw5Ljgc-8mQ.roa
File: o5VplEuMHkudHPgEiw5Ljgc-8mQ.roa (raw, json)
Hash identifier: Eo7q6snpmpbq/5/OIb3hYBTwhXhTlqNhvs1zI1HSXlA=
Subject key identifier: A3:95:69:94:4B:8C:1E:4B:9D:1C:F8:04:8B:0E:4B:8E:07:3E:F2:64
Certificate issuer: /CN=acb54bcc49291a1f32b7cead4f296882d0531492
Certificate serial: 01856FD5029F54DA1B4345A3F25D131FE5FA
Authority key identifier: AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/o5VplEuMHkudHPgEiw5Ljgc-8mQ.roa
Signing time: Mon 02 Jan 2023 00:15:08 +0000
ROA not before: Mon 02 Jan 2023 00:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43366
IP address blocks: 5.178.112.0/21 maxlen: 24
185.105.76.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:02:9f:54:da:1b:43:45:a3:f2:5d:13:1f:e5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb54bcc49291a1f32b7cead4f296882d0531492
Validity
Not Before: Jan 2 00:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a39569944b8c1e4b9d1cf8048b0e4b8e073ef264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:98:e4:0e:b4:cb:c1:dd:57:13:bc:3f:4a:1f:
e8:db:6a:16:6e:a6:a8:44:f4:9e:ae:51:2c:1c:28:
84:08:30:a4:79:7e:d9:8f:da:41:ee:bc:d6:9b:2f:
0e:46:10:42:5a:fb:d0:0a:27:05:bc:56:3d:7c:7a:
70:6b:8d:03:b9:0c:49:06:ee:0e:bc:03:65:29:ca:
f0:8f:d1:36:19:d5:10:9d:45:af:9c:95:0e:80:31:
81:9d:35:17:a6:09:d3:32:8a:45:f1:02:28:c0:9d:
2c:eb:26:26:a8:35:b5:23:82:48:8f:cd:f9:86:b5:
3e:c8:4e:04:2b:4c:79:20:39:1c:1a:74:8d:20:05:
06:93:e3:de:85:52:87:ff:83:7d:ef:f4:70:d4:ab:
21:3b:35:7c:88:ac:3c:30:8e:3d:f2:d7:36:48:09:
84:37:c8:2c:da:de:2d:3f:72:b3:dd:e7:5a:7b:7c:
e7:43:0e:3c:9e:5a:c4:18:9e:a8:fa:2e:c6:3b:82:
5f:33:29:3a:ed:60:4d:f0:64:45:7c:9e:80:7d:2d:
26:17:05:40:de:b0:85:c0:46:6b:cc:b1:57:11:48:
ab:c5:43:66:49:06:33:d8:17:b9:0f:19:8c:df:7b:
fa:0b:4a:1e:e2:a8:3e:df:c9:cd:dc:30:06:06:e5:
d5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:95:69:94:4B:8C:1E:4B:9D:1C:F8:04:8B:0E:4B:8E:07:3E:F2:64
X509v3 Authority Key Identifier:
keyid:AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/o5VplEuMHkudHPgEiw5Ljgc-8mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/rLVLzEkpGh8yt86tTylogtBTFJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.112.0/21
185.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
69:92:57:97:79:8c:fc:75:a5:3e:b4:f4:85:25:f6:36:3b:18:
80:c0:a1:83:e8:5b:bd:c1:ce:f1:b1:ef:84:b3:4e:03:18:91:
ad:4f:fc:7b:68:ff:0b:24:41:0e:60:bf:2e:73:e0:62:4c:75:
cb:82:38:43:93:cd:04:8c:47:65:17:99:4f:71:22:50:7c:5d:
31:23:50:0e:dd:fa:70:8f:05:55:d9:bf:a2:8f:e3:71:aa:63:
cf:f3:1a:a8:7c:3b:ef:52:26:06:ac:e2:03:fc:e7:9d:ce:16:
a1:e1:b0:75:0b:60:6f:9c:1b:fe:0a:9c:ef:51:fb:88:45:d8:
23:78:2d:77:8a:8f:04:d8:cc:23:37:85:ae:64:83:40:7a:7a:
bb:29:b9:0c:e7:08:4c:bf:3f:48:dd:5b:78:0f:ce:8e:7b:65:
37:4b:b5:c5:8b:06:8a:e1:62:63:a6:38:21:31:60:ee:7a:63:
b2:d8:60:2f:fa:6e:5e:50:eb:2f:7e:3b:b5:a0:a8:33:ff:62:
c9:c1:69:8b:3f:b8:b6:f7:6e:1c:1e:f9:b4:6a:e1:a4:5c:1d:
90:a8:e8:f8:f9:cc:a9:f5:dc:82:97:4c:69:2b:cc:b0:53:5e:
ac:48:25:7d:b4:e9:32:0b:3c:c8:a2:05:d0:4f:0d:2a:d4:6e:
44:dc:d8:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1QKfVNobQ0Wj8l0TH+X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjU0YmNjNDkyOTFhMWYzMmI3Y2VhZDRmMjk2ODgyZDA1
MzE0OTIwHhcNMjMwMTAyMDAxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk1Njk5NDRiOGMxZTRiOWQxY2Y4MDQ4YjBlNGI4ZTA3M2VmMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpjkDrTLwd1XE7w/Sh/o22oWbqao
RPSerlEsHCiECDCkeX7Zj9pB7rzWmy8ORhBCWvvQCicFvFY9fHpwa40DuQxJBu4O
vANlKcrwj9E2GdUQnUWvnJUOgDGBnTUXpgnTMopF8QIowJ0s6yYmqDW1I4JIj835
hrU+yE4EK0x5IDkcGnSNIAUGk+PehVKH/4N97/Rw1KshOzV8iKw8MI498tc2SAmE
N8gs2t4tP3Kz3edae3znQw48nlrEGJ6o+i7GO4JfMyk67WBN8GRFfJ6AfS0mFwVA
3rCFwEZrzLFXEUirxUNmSQYz2Be5DxmM33v6C0oe4qg+38nN3DAGBuXVtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKOVaZRLjB5LnRz4BIsOS44HPvJkMB8GA1UdIwQY
MBaAFKy1S8xJKRofMrfOrU8paILQUxSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYt
YWYzYTY4NWQ1NzlmLzEvbzVWcGxFdU1Ia3VkSFBnRWl3NUxqZ2MtOG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYtYWYzYTY4NWQ1Nzlm
LzEvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBbJwAwQC
uWlMMA0GCSqGSIb3DQEBCwUAA4IBAQBpkleXeYz8daU+tPSFJfY2OxiAwKGD6Fu9
wc7xse+Es04DGJGtT/x7aP8LJEEOYL8uc+BiTHXLgjhDk80EjEdlF5lPcSJQfF0x
I1AO3fpwjwVV2b+ij+NxqmPP8xqofDvvUiYGrOID/Oedzhah4bB1C2BvnBv+Cpzv
UfuIRdgjeC13io8E2MwjN4WuZINAenq7KbkM5whMvz9I3Vt4D86Oe2U3S7XFiwaK
4WJjpjghMWDuemOy2GAv+m5eUOsvfju1oKgz/2LJwWmLP7i2924cHvm0auGkXB2Q
qOj4+cyp9dyCl0xpK8ywU16sSCV9tOkyCzzIogXQTw0q1G5E3NiD
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:50 2024 by rpki-client on console-fra.rpki-client.org