Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/3e9d1c-4b08-45c7-a9e8-927526e6f2d9/1/5Un-rigXQ2HB2wSSQdfgoO7EgRE.roa
File: 5Un-rigXQ2HB2wSSQdfgoO7EgRE.roa (raw, json)
Hash identifier: yBh212/IarqOunvZW3MtqRSOUxB5KXDnjPnRYoWjTU4=
Subject key identifier: E5:49:FE:AE:28:17:43:61:C1:DB:04:92:41:D7:E0:A0:EE:C4:81:11
Certificate issuer: /CN=a0272902658e15cb34bd509c3950bade21a796d2
Certificate serial: 01856D2F4F52F4A9314C163941392769D3B9
Authority key identifier: A0:27:29:02:65:8E:15:CB:34:BD:50:9C:39:50:BA:DE:21:A7:96:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCcpAmWOFcs0vVCcOVC63iGnltI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/3e9d1c-4b08-45c7-a9e8-927526e6f2d9/1/5Un-rigXQ2HB2wSSQdfgoO7EgRE.roa
Signing time: Sun 01 Jan 2023 11:54:55 +0000
ROA not before: Sun 01 Jan 2023 11:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209382
IP address blocks: 45.67.236.0/22 maxlen: 24
2a09:7d40::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:4f:52:f4:a9:31:4c:16:39:41:39:27:69:d3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0272902658e15cb34bd509c3950bade21a796d2
Validity
Not Before: Jan 1 11:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e549feae28174361c1db049241d7e0a0eec48111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:09:34:f5:2c:1e:93:df:46:43:45:b2:6e:ac:
d0:82:4c:67:15:08:0f:cb:bc:8a:0a:5b:52:98:da:
5d:90:bd:1d:1a:c1:2c:37:f5:5d:02:b1:a1:21:f3:
3f:9e:8e:94:08:0f:38:6e:5c:16:25:3e:5b:d1:44:
cf:d5:a5:6b:1d:93:74:38:27:0b:4a:85:c8:07:d4:
50:d2:96:07:b1:85:05:b7:91:08:3f:04:94:26:b8:
18:dd:08:10:d2:28:a7:af:4e:bd:5e:24:2b:da:dd:
2f:23:c3:03:e7:d7:d6:0c:c5:8e:dd:87:a0:12:6f:
ea:01:d5:8a:10:44:25:57:10:ef:f0:2a:c4:e7:40:
33:81:a2:fa:e5:63:63:22:8d:9a:e8:bd:f1:7f:6e:
05:92:54:14:3b:c0:a6:58:d0:f2:8c:69:a0:1b:81:
31:6e:54:3b:db:a0:b8:ce:82:8f:f9:a0:da:ad:5a:
e4:a7:7c:d3:f6:9f:ed:44:fa:24:d4:d0:f9:5c:6d:
ce:c5:44:90:cb:62:c8:62:e4:23:a3:55:10:92:0c:
72:50:a8:d7:b5:4c:90:64:6a:e9:27:09:6d:22:f1:
d4:01:c4:39:e5:49:1b:76:ae:30:29:6e:5a:99:0e:
15:30:d5:dc:35:a4:4e:3b:d1:5a:26:66:dc:72:a9:
b1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:49:FE:AE:28:17:43:61:C1:DB:04:92:41:D7:E0:A0:EE:C4:81:11
X509v3 Authority Key Identifier:
keyid:A0:27:29:02:65:8E:15:CB:34:BD:50:9C:39:50:BA:DE:21:A7:96:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCcpAmWOFcs0vVCcOVC63iGnltI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3e9d1c-4b08-45c7-a9e8-927526e6f2d9/1/5Un-rigXQ2HB2wSSQdfgoO7EgRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3e9d1c-4b08-45c7-a9e8-927526e6f2d9/1/oCcpAmWOFcs0vVCcOVC63iGnltI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.236.0/22
IPv6:
2a09:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
38:d3:88:8c:5b:4d:a4:d8:76:8d:8a:be:fc:97:0e:c8:ca:cf:
50:78:fc:6c:27:ed:fa:fd:77:6e:f6:84:d8:ab:28:00:a4:9b:
d2:94:d3:aa:51:63:dd:25:b4:5c:aa:64:7e:32:4d:ee:c0:b4:
f6:db:ee:99:e7:19:22:c8:11:f2:23:95:85:f5:d0:23:50:ea:
3e:0b:6d:f2:c7:ce:68:d1:77:05:ee:d2:f6:48:5d:1d:ed:ae:
40:94:54:68:df:01:bd:b5:ea:e9:61:a2:9f:94:b5:92:fe:9f:
6f:5e:b6:74:c2:34:75:f1:2a:20:90:35:63:b9:c4:30:b6:95:
0a:b6:f5:dc:26:0d:d2:0d:e9:7b:b3:27:39:a2:56:8e:28:91:
00:4e:68:aa:99:e5:2d:fb:b6:aa:b1:f0:70:88:fa:59:9b:38:
a6:db:98:c6:37:25:fb:9a:75:27:1f:40:00:dc:a0:3c:26:fc:
8d:4b:ed:8c:cf:a9:28:d1:98:6c:52:0e:2d:9e:09:7b:d9:a0:
14:8e:c7:35:9b:64:0e:50:03:9c:37:a5:4d:3d:89:f4:b7:b9:
29:18:8c:0b:24:b5:db:70:7b:ee:0f:1f:bf:02:00:61:7b:6a:
9e:7a:b9:ba:41:37:3f:41:39:06:dd:8c:85:1b:0b:73:01:e8:
34:33:aa:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtL09S9KkxTBY5QTknadO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjcyOTAyNjU4ZTE1Y2IzNGJkNTA5YzM5NTBiYWRlMjFh
Nzk2ZDIwHhcNMjMwMTAxMTE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ5ZmVhZTI4MTc0MzYxYzFkYjA0OTI0MWQ3ZTBhMGVlYzQ4MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAk09Swek99GQ0WybqzQgkxnFQgP
y7yKCltSmNpdkL0dGsEsN/VdArGhIfM/no6UCA84blwWJT5b0UTP1aVrHZN0OCcL
SoXIB9RQ0pYHsYUFt5EIPwSUJrgY3QgQ0iinr069XiQr2t0vI8MD59fWDMWO3Yeg
Em/qAdWKEEQlVxDv8CrE50AzgaL65WNjIo2a6L3xf24FklQUO8CmWNDyjGmgG4Ex
blQ726C4zoKP+aDarVrkp3zT9p/tRPok1ND5XG3OxUSQy2LIYuQjo1UQkgxyUKjX
tUyQZGrpJwltIvHUAcQ55Ukbdq4wKW5amQ4VMNXcNaROO9FaJmbccqmxgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOVJ/q4oF0NhwdsEkkHX4KDuxIERMB8GA1UdIwQY
MBaAFKAnKQJljhXLNL1QnDlQut4hp5bSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NjcEFtV09GY3MwdlZDY09WQzYzaUdubHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zZTlkMWMtNGIwOC00NWM3LWE5ZTgt
OTI3NTI2ZTZmMmQ5LzEvNVVuLXJpZ1hRMkhCMndTU1FkZmdvTzdFZ1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zZTlkMWMtNGIwOC00NWM3LWE5ZTgtOTI3NTI2ZTZmMmQ5
LzEvb0NjcEFtV09GY3MwdlZDY09WQzYzaUdubHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUPsMA0E
AgACMAcDBQAqCX1AMA0GCSqGSIb3DQEBCwUAA4IBAQA404iMW02k2HaNir78lw7I
ys9QePxsJ+36/Xdu9oTYqygApJvSlNOqUWPdJbRcqmR+Mk3uwLT22+6Z5xkiyBHy
I5WF9dAjUOo+C23yx85o0XcF7tL2SF0d7a5AlFRo3wG9terpYaKflLWS/p9vXrZ0
wjR18SogkDVjucQwtpUKtvXcJg3SDel7syc5olaOKJEATmiqmeUt+7aqsfBwiPpZ
mzim25jGNyX7mnUnH0AA3KA8JvyNS+2Mz6ko0ZhsUg4tngl72aAUjsc1m2QOUAOc
N6VNPYn0t7kpGIwLJLXbcHvuDx+/AgBhe2qeerm6QTc/QTkG3YyFGwtzAeg0M6rN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:53 2024 by rpki-client on console-fra.rpki-client.org