Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/1-rGTRwIvAQpoA9EQkMIh2uxusgE.roa
File: 1-rGTRwIvAQpoA9EQkMIh2uxusgE.roa (raw, json)
Hash identifier: H2NEvzr1vxRu5WPfulgaSU7RTfFxPTN2wHOeedNBDms=
Subject key identifier: FA:B1:93:47:02:2F:01:0A:68:03:D1:10:90:C2:21:DA:EC:6E:B2:01
Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Certificate serial: 018570E7579554B37AB16C2C2DF4C54D50CF
Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/1-rGTRwIvAQpoA9EQkMIh2uxusgE.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58324
IP address blocks: 5.100.144.0/21 maxlen: 21
185.150.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:57:95:54:b3:7a:b1:6c:2c:2d:f4:c5:4d:50:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fab19347022f010a6803d11090c221daec6eb201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:b1:01:3e:d2:23:50:9c:25:1b:07:dc:c7:
c9:d5:da:ab:92:fa:28:53:b0:15:7f:86:1e:b3:c1:
e8:e4:79:8d:4d:33:d5:ae:76:4c:6b:35:7f:98:54:
ad:95:2b:ec:65:70:e8:80:24:ac:66:9a:28:09:15:
52:e8:6e:b9:60:ea:ed:4a:c8:77:54:27:d9:a9:7c:
4e:1b:1f:9a:46:ec:c0:7f:e8:2a:ed:3f:21:c1:32:
d3:2f:32:38:fc:71:a8:96:08:be:aa:0c:cd:e0:76:
9b:29:6f:19:45:5b:b1:53:23:b6:47:85:e4:ef:4a:
b1:8b:09:8e:d5:a1:15:0e:86:de:7b:45:15:61:ce:
43:55:14:b8:c0:7e:16:df:5a:75:1e:ed:73:d3:d5:
c1:02:05:a6:85:85:bf:6b:e2:9d:27:1c:ed:89:cd:
e3:62:3c:2d:ea:bc:11:b4:7e:ca:89:7a:fc:6b:d5:
4b:74:92:b4:1b:73:d2:5e:6d:6c:0a:0a:8f:35:71:
71:b9:7a:80:eb:97:8d:ea:af:8a:94:d9:6b:7c:0e:
fd:20:c7:df:03:f9:5d:c3:22:38:e3:b9:ea:5d:01:
b2:1f:63:b7:df:8d:dc:62:f7:b2:6d:61:54:30:1a:
35:98:d3:3f:04:a8:8a:b5:5d:78:ad:a2:9a:ed:ac:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B1:93:47:02:2F:01:0A:68:03:D1:10:90:C2:21:DA:EC:6E:B2:01
X509v3 Authority Key Identifier:
keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/1-rGTRwIvAQpoA9EQkMIh2uxusgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.144.0/21
185.150.172.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:30:1a:a0:fa:4c:ac:d6:7a:e3:cd:77:0b:35:a0:a3:2c:17:
a9:d2:90:df:d3:e9:81:d5:e2:fa:31:f2:5f:f4:5e:07:88:24:
80:75:c2:9a:a2:67:58:2e:22:bd:2f:19:25:5a:5a:cd:e2:c1:
26:54:58:f5:73:b0:96:9b:ae:77:47:da:82:47:f0:0b:14:62:
78:ad:18:42:b2:da:e3:68:03:7c:5c:59:7a:39:25:fe:53:7f:
5e:bc:ab:b3:e5:d2:3a:26:7c:87:68:dd:36:50:22:c1:a5:de:
8f:53:64:3b:e0:8b:44:0b:f9:9e:d0:43:58:9c:10:93:ee:e0:
60:14:51:57:e0:5c:44:b2:53:67:51:6f:23:42:bd:a0:20:dc:
ff:73:21:56:3d:a9:39:8a:05:d7:68:33:f5:98:a1:4a:f5:95:
48:30:1b:2e:58:48:18:45:71:14:7a:62:df:c2:7f:ce:7a:81:
95:de:60:93:d4:da:f0:48:8c:66:68:9d:a1:c6:9d:6d:99:ea:
89:7e:fd:19:2f:26:85:bc:4b:8b:28:3c:ef:61:89:c8:27:ba:
35:1f:30:49:06:30:12:8b:2d:27:2c:70:4d:8a:93:cd:b1:9b:
9c:f4:1d:db:6b:09:43:86:93:2b:c4:7c:1e:aa:46:26:8e:b1:
28:6e:fd:99
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVw51eVVLN6sWwsLfTFTVDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTY4YzU5ZDdhODMxOTljM2E3OWVhMGU4Mzc1Yjk0NmVk
ODg0ZTIwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWIxOTM0NzAyMmYwMTBhNjgwM2QxMTA5MGMyMjFkYWVjNmViMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx42xAT7SI1CcJRsH3MfJ1dqrkvoo
U7AVf4Yes8Ho5HmNTTPVrnZMazV/mFStlSvsZXDogCSsZpooCRVS6G65YOrtSsh3
VCfZqXxOGx+aRuzAf+gq7T8hwTLTLzI4/HGolgi+qgzN4HabKW8ZRVuxUyO2R4Xk
70qxiwmO1aEVDobee0UVYc5DVRS4wH4W31p1Hu1z09XBAgWmhYW/a+KdJxztic3j
Yjwt6rwRtH7KiXr8a9VLdJK0G3PSXm1sCgqPNXFxuXqA65eN6q+KlNlrfA79IMff
A/ldwyI447nqXQGyH2O3343cYveybWFUMBo1mNM/BKiKtV14raKa7axmuwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqxk0cCLwEKaAPREJDCIdrsbrIBMB8GA1UdIwQY
MBaAFDxWjFnXqDGZw6eeoOg3W5Ru2ITiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQt
NWUzN2U3ZjNmMTVkLzEvMS1yR1RSd0l2QVFwb0E5RVFrTUloMnV4dXNnRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvNmYzNmMyLWQwNWMtNDQyNS1hOWU0LTVlMzdlN2YzZjE1
ZC8xL1BGYU1XZGVvTVpuRHA1Nmc2RGRibEc3WWhPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAwVkkAME
ArmWrDANBgkqhkiG9w0BAQsFAAOCAQEADDAaoPpMrNZ64813CzWgoywXqdKQ39Pp
gdXi+jHyX/ReB4gkgHXCmqJnWC4ivS8ZJVpazeLBJlRY9XOwlpuud0fagkfwCxRi
eK0YQrLa42gDfFxZejkl/lN/Xryrs+XSOiZ8h2jdNlAiwaXej1NkO+CLRAv5ntBD
WJwQk+7gYBRRV+BcRLJTZ1FvI0K9oCDc/3MhVj2pOYoF12gz9ZihSvWVSDAbLlhI
GEVxFHpi38J/znqBld5gk9Ta8EiMZmidocadbZnqiX79GS8mhbxLiyg872GJyCe6
NR8wSQYwEostJyxwTYqTzbGbnPQd22sJQ4aTK8R8HqpGJo6xKG79mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:23 2024 by rpki-client on console-fra.rpki-client.org