Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/5YS-L9QjypqAmz3zyjVvt8g9pvo.roa
File: 5YS-L9QjypqAmz3zyjVvt8g9pvo.roa (raw, json)
Hash identifier: GjTjb5or3ZdbRVa4FuST/31AnORNEWPJJj1T7AhlKKU=
Subject key identifier: E5:84:BE:2F:D4:23:CA:9A:80:9B:3D:F3:CA:35:6F:B7:C8:3D:A6:FA
Certificate issuer: /CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Certificate serial: 0189DA9C8692E54B6E67A81C98D294919BB8
Authority key identifier: DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/5YS-L9QjypqAmz3zyjVvt8g9pvo.roa
Signing time: Wed 09 Aug 2023 14:03:58 +0000
ROA not before: Wed 09 Aug 2023 14:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2777
IP address blocks: 31.172.96.0/21 maxlen: 21
2a01:a707::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 Nov 2023 16:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:9c:86:92:e5:4b:6e:67:a8:1c:98:d2:94:91:9b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Validity
Not Before: Aug 9 14:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e584be2fd423ca9a809b3df3ca356fb7c83da6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:54:d4:00:41:d0:36:5e:7d:2d:37:2d:75:31:
08:9e:96:82:f6:d8:28:07:5e:a3:79:0a:81:b6:af:
2c:07:d0:13:14:27:11:45:eb:47:f3:a4:50:82:47:
ce:11:f8:43:1a:a3:7c:00:50:4e:ab:36:d4:0f:07:
83:c7:e6:be:a3:05:ba:70:07:1b:2c:ca:54:df:1c:
ab:21:b1:63:25:7f:fe:31:6d:ed:3a:15:19:15:87:
bd:1e:72:76:6d:eb:29:02:1d:67:34:97:02:b8:f6:
9f:95:8b:02:34:d1:70:c7:1f:d9:7b:38:24:14:7c:
91:ab:c3:0d:cf:91:0c:b3:5d:4f:e7:a8:74:b1:a1:
41:d7:eb:ba:d6:23:a8:ea:e0:37:c1:a0:b1:41:12:
11:b4:16:ee:a8:fa:fb:46:64:0f:ad:13:c8:89:87:
34:35:10:e6:c3:a4:93:26:82:3f:c9:77:cf:90:6a:
89:91:12:e1:8e:13:fa:e6:1d:e2:f8:32:85:b8:ab:
56:c0:1a:29:e8:1d:30:91:53:e7:32:9f:70:3f:f6:
d6:08:41:15:fd:3a:10:78:21:d5:b6:34:ec:63:be:
a4:c8:7a:77:e6:2b:ee:7f:59:4d:08:fd:95:96:2a:
b9:a2:bf:dd:75:c6:02:bb:b1:27:73:4f:d2:f8:9c:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:84:BE:2F:D4:23:CA:9A:80:9B:3D:F3:CA:35:6F:B7:C8:3D:A6:FA
X509v3 Authority Key Identifier:
keyid:DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/5YS-L9QjypqAmz3zyjVvt8g9pvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.96.0/21
IPv6:
2a01:a707::/32
Signature Algorithm: sha256WithRSAEncryption
b3:40:df:3f:47:39:f3:ce:0c:48:23:5d:72:03:60:68:66:e0:
5e:af:cd:0e:e0:12:24:dc:d0:ae:a5:b9:09:6f:3f:e6:a5:87:
1b:65:ca:3a:a4:b0:bb:ad:6e:ef:62:fc:5f:97:9a:58:22:91:
68:0f:e7:66:64:53:f5:f0:b4:ea:e5:8b:cd:71:92:33:b1:8e:
d1:01:20:8e:5e:75:17:d4:87:0f:7c:53:f9:7f:1e:c3:d5:46:
27:fd:cc:6c:17:4c:cc:1e:df:00:0b:52:55:80:dc:fc:a0:88:
32:25:4d:0c:19:fc:ff:fd:e5:aa:f3:db:76:84:11:97:c3:41:
ca:70:62:b7:97:30:5e:12:e9:40:81:95:00:d9:72:41:e0:15:
be:64:87:30:1e:97:b9:66:9b:b7:61:57:6f:4c:44:4c:4d:32:
3b:1b:d6:09:a9:ff:66:6b:40:ad:41:eb:86:99:5b:44:cb:ef:
07:ec:59:da:99:ab:b6:3f:2d:79:91:e7:18:63:ea:2d:db:f9:
3e:b3:e0:f2:3b:f8:26:4c:44:f8:55:6e:3d:ac:23:f5:26:d7:
27:c8:de:23:62:e7:45:bc:26:b1:ab:0f:0d:77:80:0f:27:ac:
a5:bf:a9:3c:df:85:d1:63:ed:05:55:6f:39:04:4f:06:0e:5d:
d7:e6:bd:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnanIaS5UtuZ6gcmNKUkZu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMGJhNGY1NmU2ZjAzNzcyNTI4NjAzN2FmYzNjMTRjMjkz
YjliODIwHhcNMjMwODA5MTQwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg0YmUyZmQ0MjNjYTlhODA5YjNkZjNjYTM1NmZiN2M4M2RhNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FTUAEHQNl59LTctdTEInpaC9tgo
B16jeQqBtq8sB9ATFCcRRetH86RQgkfOEfhDGqN8AFBOqzbUDweDx+a+owW6cAcb
LMpU3xyrIbFjJX/+MW3tOhUZFYe9HnJ2bespAh1nNJcCuPaflYsCNNFwxx/Zezgk
FHyRq8MNz5EMs11P56h0saFB1+u61iOo6uA3waCxQRIRtBbuqPr7RmQPrRPIiYc0
NRDmw6STJoI/yXfPkGqJkRLhjhP65h3i+DKFuKtWwBop6B0wkVPnMp9wP/bWCEEV
/ToQeCHVtjTsY76kyHp35ivuf1lNCP2Vliq5or/ddcYCu7Enc0/S+JxEmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOWEvi/UI8qagJs988o1b7fIPab6MB8GA1UdIwQY
MBaAFN8LpPVubwN3JShgN6/DwUwpO5uCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTIt
MzZjNjc4OTAwZjc5LzEvNVlTLUw5UWp5cHFBbXozenlqVnZ0OGc5cHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTItMzZjNjc4OTAwZjc5
LzEvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDH6xgMA0E
AgACMAcDBQAqAacHMA0GCSqGSIb3DQEBCwUAA4IBAQCzQN8/RznzzgxII11yA2Bo
ZuBer80O4BIk3NCupbkJbz/mpYcbZco6pLC7rW7vYvxfl5pYIpFoD+dmZFP18LTq
5YvNcZIzsY7RASCOXnUX1IcPfFP5fx7D1UYn/cxsF0zMHt8AC1JVgNz8oIgyJU0M
Gfz//eWq89t2hBGXw0HKcGK3lzBeEulAgZUA2XJB4BW+ZIcwHpe5Zpu3YVdvTERM
TTI7G9YJqf9ma0CtQeuGmVtEy+8H7Fnamau2Py15kecYY+ot2/k+s+DyO/gmTET4
VW49rCP1JtcnyN4jYudFvCaxqw8Nd4APJ6ylv6k834XRY+0FVW85BE8GDl3X5r0r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:13 2024 by rpki-client on console-ams.rpki-client.org