Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/5T77LG3KNMzFzZuVRVnyszryL2k.roa
File: 5T77LG3KNMzFzZuVRVnyszryL2k.roa (raw, json)
Hash identifier: IHS2b3bzkl4TRubGBRiIIylI2rCH2JMmy1L31RwAxbo=
Subject key identifier: E5:3E:FB:2C:6D:CA:34:CC:C5:CD:9B:95:45:59:F2:B3:3A:F2:2F:69
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 01894AB6599CCBFC36F8D87FCD2062EAE47A
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/5T77LG3KNMzFzZuVRVnyszryL2k.roa
Signing time: Wed 12 Jul 2023 15:26:51 +0000
ROA not before: Wed 12 Jul 2023 15:26:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8866
IP address blocks: 94.26.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:b6:59:9c:cb:fc:36:f8:d8:7f:cd:20:62:ea:e4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jul 12 15:26:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e53efb2c6dca34ccc5cd9b954559f2b33af22f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:75:71:bf:38:c5:f1:8c:a8:c7:61:fe:17:4c:
38:de:fe:d1:45:bd:5a:01:31:0b:a7:74:83:31:20:
3d:94:98:0d:39:67:e2:cf:e3:80:45:df:91:44:08:
17:71:d5:46:97:e9:fa:6a:66:16:ae:2d:18:53:1f:
26:97:bd:b9:07:26:de:0a:ca:87:03:33:61:1b:0d:
68:68:8f:2e:4e:f7:2e:6c:8c:81:92:b5:db:38:ff:
53:16:07:5f:86:15:ec:77:67:df:44:0c:01:65:8a:
c1:0b:c5:74:c8:49:d9:e3:d4:89:c4:0a:1d:f0:7c:
f2:b6:40:d6:e1:fa:77:e0:6e:bd:00:b5:79:ed:a4:
08:a4:d4:08:fe:fc:d6:45:45:78:9e:c8:14:89:d7:
dc:e7:97:bf:af:1d:4f:26:ae:6a:89:39:83:cf:af:
9c:6c:b9:97:6e:df:c4:85:9b:35:97:f0:ce:09:0a:
f1:d4:8e:8d:10:59:ad:10:9b:a6:7d:6f:a0:69:1b:
0b:6a:11:98:71:51:29:cf:d7:b7:d6:39:a6:21:89:
cf:c7:15:ba:7d:02:50:06:81:4a:4b:c9:45:f3:f1:
b4:58:0c:e0:4d:61:16:68:7a:ad:e2:57:29:ea:9a:
79:31:12:df:ad:2f:e2:d0:b6:95:1a:67:8f:34:88:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3E:FB:2C:6D:CA:34:CC:C5:CD:9B:95:45:59:F2:B3:3A:F2:2F:69
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/5T77LG3KNMzFzZuVRVnyszryL2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.40.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1c:33:83:5d:d6:2e:88:b2:e1:e1:32:c5:eb:af:de:68:7f:
35:b1:24:44:cc:1d:bf:7d:64:d4:31:31:fe:1b:7b:43:8b:cb:
6d:88:3f:84:dd:0d:05:db:e2:d4:77:d1:cb:f7:e1:a2:1c:72:
37:93:79:49:b7:23:99:2c:7c:ce:cb:32:a9:81:c4:02:0a:d3:
aa:44:f0:0d:ca:a7:ec:35:65:63:3d:e5:bb:8f:86:ae:42:35:
72:f5:31:fd:1a:de:d0:87:20:56:c9:d6:f3:c8:74:a1:db:7d:
79:1b:94:9e:81:36:2c:34:9b:eb:05:e6:43:ec:9b:90:28:66:
98:4a:19:8d:b8:ed:99:0a:4d:f4:6b:5c:e4:84:ec:33:da:d6:
8b:3f:aa:41:f2:0e:05:33:44:b5:7d:cc:ab:bf:e9:b8:b3:3c:
72:eb:54:5e:e5:de:4c:c9:70:85:e7:82:07:46:85:5d:f9:ff:
85:a3:50:08:23:98:b0:3c:cd:65:13:c7:c9:2d:5b:29:1d:e4:
44:18:70:79:2b:2d:dc:f4:22:f6:ae:3c:df:b7:ef:2f:ad:08:
0d:9c:46:1d:fd:fd:34:40:96:3d:4a:cf:35:6d:e3:f2:89:60:
39:c2:d3:92:45:78:33:43:c2:c9:39:5f:c6:96:df:a9:99:2b:
ab:8c:3d:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlKtlmcy/w2+Nh/zSBi6uR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwNzEyMTUyNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTNlZmIyYzZkY2EzNGNjYzVjZDliOTU0NTU5ZjJiMzNhZjIyZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnVxvzjF8Yyox2H+F0w43v7RRb1a
ATELp3SDMSA9lJgNOWfiz+OARd+RRAgXcdVGl+n6amYWri0YUx8ml725BybeCsqH
AzNhGw1oaI8uTvcubIyBkrXbOP9TFgdfhhXsd2ffRAwBZYrBC8V0yEnZ49SJxAod
8HzytkDW4fp34G69ALV57aQIpNQI/vzWRUV4nsgUidfc55e/rx1PJq5qiTmDz6+c
bLmXbt/EhZs1l/DOCQrx1I6NEFmtEJumfW+gaRsLahGYcVEpz9e31jmmIYnPxxW6
fQJQBoFKS8lF8/G0WAzgTWEWaHqt4lcp6pp5MRLfrS/i0LaVGmePNIjqWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOU++yxtyjTMxc2blUVZ8rM68i9pMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvNVQ3N0xHM0tOTXpGelp1VlJWbnlzenJ5TDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXhooMA0G
CSqGSIb3DQEBCwUAA4IBAQBIHDODXdYuiLLh4TLF66/eaH81sSREzB2/fWTUMTH+
G3tDi8ttiD+E3Q0F2+LUd9HL9+GiHHI3k3lJtyOZLHzOyzKpgcQCCtOqRPANyqfs
NWVjPeW7j4auQjVy9TH9Gt7QhyBWydbzyHSh2315G5SegTYsNJvrBeZD7JuQKGaY
ShmNuO2ZCk30a1zkhOwz2taLP6pB8g4FM0S1fcyrv+m4szxy61Re5d5MyXCF54IH
RoVd+f+Fo1AII5iwPM1lE8fJLVspHeREGHB5Ky3c9CL2rjzft+8vrQgNnEYd/f00
QJY9Ss81bePyiWA5wtOSRXgzQ8LJOV/Glt+pmSurjD30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org