Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/sy9eh5I9tum0jiJ4v0OZjk1nwG0.roa
File: sy9eh5I9tum0jiJ4v0OZjk1nwG0.roa (raw, json)
Hash identifier: 4w5eI+Y4f6uD2pefJO5cCD4lB03JQ+48Tw7mnX9Uzn4=
Subject key identifier: B3:2F:5E:87:92:3D:B6:E9:B4:8E:22:78:BF:43:99:8E:4D:67:C0:6D
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082B11D8C2D3956796F8665845D0323
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/sy9eh5I9tum0jiJ4v0OZjk1nwG0.roa
Signing time: Mon 02 Jan 2023 03:24:51 +0000
ROA not before: Mon 02 Jan 2023 03:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202676
IP address blocks: 82.159.143.0/24 maxlen: 24
82.159.163.0/24 maxlen: 24
5.40.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b1:1d:8c:2d:39:56:79:6f:86:65:84:5d:03:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b32f5e87923db6e9b48e2278bf43998e4d67c06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:25:f5:3c:cf:85:50:ce:f7:45:bd:64:da:
7f:98:4b:f0:31:71:79:7a:af:f9:d9:18:58:fa:a5:
88:dd:dd:5d:0f:d4:e5:a8:47:67:d5:6b:94:6c:2b:
03:8f:89:da:17:7b:1d:c3:04:3e:bb:46:b4:bf:45:
bd:7b:fc:3d:35:f7:f0:40:b5:f4:b3:69:bc:a6:10:
43:21:7c:7a:ac:a0:cc:b8:be:87:2c:46:cf:dc:35:
a7:5b:12:65:81:dd:c6:01:ec:02:9c:ee:0b:c5:1b:
a6:74:f7:95:55:f0:b0:0b:54:52:84:01:13:b2:05:
c4:25:98:84:b7:8b:c1:3b:98:67:00:a1:eb:a3:8e:
f9:8e:8c:77:3d:80:54:e0:f5:67:44:61:c5:c2:3d:
28:c6:bd:17:7f:5b:ca:e5:0a:ce:08:d3:74:e0:ac:
3d:60:64:34:de:b0:9d:21:9c:94:b6:47:37:76:6b:
b3:6b:7d:0b:e6:c0:da:f8:2a:ab:78:e4:a1:87:74:
da:cd:5e:6c:77:e5:c8:9b:d3:61:f6:f6:02:a2:f9:
3d:f0:87:0a:aa:69:5c:aa:71:b5:d6:6f:2b:87:05:
9a:1a:ff:26:ea:73:4b:9b:87:bc:57:94:6e:ca:6b:
02:db:1e:5e:41:76:2a:da:f4:bd:d2:0e:7d:38:9c:
4f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:5E:87:92:3D:B6:E9:B4:8E:22:78:BF:43:99:8E:4D:67:C0:6D
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/sy9eh5I9tum0jiJ4v0OZjk1nwG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.150.0/24
82.159.143.0/24
82.159.163.0/24
Signature Algorithm: sha256WithRSAEncryption
67:46:08:46:64:9f:6a:a9:65:f8:be:e0:5d:25:ef:77:4e:bd:
91:81:54:32:f2:47:83:7d:04:e1:1c:43:64:c8:bc:56:7a:71:
85:44:ae:21:46:74:97:cb:cc:11:8c:2f:f9:9b:0c:f8:13:b7:
ea:3c:17:02:c3:0e:79:37:63:23:34:e7:14:8a:a5:b3:78:07:
90:49:9b:3b:71:30:e3:cd:e6:d8:22:c5:50:16:f8:fe:bd:58:
88:40:ad:72:5c:c4:50:51:46:d3:89:6f:99:42:fa:68:0a:19:
1a:f1:2c:c1:a6:8f:27:2e:9e:f2:58:eb:77:e7:8d:2f:65:da:
d3:15:af:74:4f:2f:65:43:dc:2c:8d:1a:ef:58:2c:8b:92:1b:
4a:96:34:f2:49:47:32:64:39:fd:cd:32:e3:a3:07:66:e2:b6:
43:d4:49:b0:e1:21:43:6e:d3:a2:de:ac:20:1a:f0:bc:dc:38:
57:c5:50:9e:ae:f8:d2:2f:a3:d2:64:71:dd:bb:12:db:36:3e:
69:08:06:af:64:65:b6:04:9b:de:4d:fa:16:c0:55:58:72:c7:
ed:bf:00:bd:c6:6f:b0:7a:6a:5c:c9:75:5d:c7:06:9f:98:f6:
42:f1:89:2d:c0:db:45:ad:e5:c5:67:ef:0b:e9:c9:9c:d9:b4:
98:26:fa:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwgrEdjC05VnlvhmWEXQMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJmNWU4NzkyM2RiNmU5YjQ4ZTIyNzhiZjQzOTk4ZTRkNjdjMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdIl9TzPhVDO90W9ZNp/mEvwMXF5
eq/52RhY+qWI3d1dD9TlqEdn1WuUbCsDj4naF3sdwwQ+u0a0v0W9e/w9NffwQLX0
s2m8phBDIXx6rKDMuL6HLEbP3DWnWxJlgd3GAewCnO4LxRumdPeVVfCwC1RShAET
sgXEJZiEt4vBO5hnAKHro475jox3PYBU4PVnRGHFwj0oxr0Xf1vK5QrOCNN04Kw9
YGQ03rCdIZyUtkc3dmuza30L5sDa+CqreOShh3TazV5sd+XIm9Nh9vYCovk98IcK
qmlcqnG11m8rhwWaGv8m6nNLm4e8V5RuymsC2x5eQXYq2vS90g59OJxPUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMvXoeSPbbptI4ieL9DmY5NZ8BtMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvc3k5ZWg1STl0dW0wamlKNHYwT1pqazFud0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSiWAwQA
Up+PAwQAUp+jMA0GCSqGSIb3DQEBCwUAA4IBAQBnRghGZJ9qqWX4vuBdJe93Tr2R
gVQy8keDfQThHENkyLxWenGFRK4hRnSXy8wRjC/5mwz4E7fqPBcCww55N2MjNOcU
iqWzeAeQSZs7cTDjzebYIsVQFvj+vViIQK1yXMRQUUbTiW+ZQvpoChka8SzBpo8n
Lp7yWOt3540vZdrTFa90Ty9lQ9wsjRrvWCyLkhtKljTySUcyZDn9zTLjowdm4rZD
1Emw4SFDbtOi3qwgGvC83DhXxVCervjSL6PSZHHduxLbNj5pCAavZGW2BJveTfoW
wFVYcsftvwC9xm+wempcyXVdxwafmPZC8YktwNtFreXFZ+8L6cmc2bSYJvrs
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org