Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/XpOxc-ZTMt3lAzpM1HGDXZGtOSg.roa
File: XpOxc-ZTMt3lAzpM1HGDXZGtOSg.roa (raw, json)
Hash identifier: npTSWGj+emiiSmfhdSPcihFPfUd1rMhaojcHzCtfC0w=
Subject key identifier: 5E:93:B1:73:E6:53:32:DD:E5:03:3A:4C:D4:71:83:5D:91:AD:39:28
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 018E754A92AD6D37CCD21EB5DAC04C9688E3
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/XpOxc-ZTMt3lAzpM1HGDXZGtOSg.roa
Signing time: Mon 25 Mar 2024 11:06:45 +0000
ROA not before: Mon 25 Mar 2024 11:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29386
IP address blocks: 5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 25 Mar 2024 11:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:4a:92:ad:6d:37:cc:d2:1e:b5:da:c0:4c:96:88:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Mar 25 11:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e93b173e65332dde5033a4cd471835d91ad3928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:a9:e5:ae:b7:3d:b3:45:b6:af:6c:93:4d:
d9:6b:bf:73:ad:d4:f6:53:32:62:7e:ec:43:10:8f:
a3:39:2e:b6:cd:c3:e0:2c:c7:b0:92:4b:ea:0b:bd:
2f:8c:65:8b:4c:8e:46:3e:16:16:f3:f1:8b:09:54:
85:ce:e1:76:66:98:7b:f2:d9:c4:91:f8:1f:bc:37:
70:27:58:ef:23:57:49:54:df:a8:b9:46:c8:ad:97:
55:c4:6a:f7:92:10:9c:c2:d8:02:76:96:21:8b:ee:
9f:45:f7:69:05:02:0a:22:60:44:7f:38:37:03:15:
b7:e4:bf:7d:ed:d6:81:cd:b0:14:d2:8e:72:a8:35:
21:9a:9b:f3:f7:8f:19:d6:6f:95:3a:54:a0:6f:73:
c1:91:2d:62:08:60:66:9a:e4:32:02:53:df:38:96:
b6:2d:0e:bd:c6:fb:73:88:07:95:f1:28:41:0e:5c:
a7:12:38:84:86:9d:3c:23:64:55:52:cc:84:74:c0:
23:53:be:d1:46:c5:82:90:fe:99:a9:63:c2:14:ff:
b9:4b:7b:36:94:76:7d:9b:68:0d:eb:ff:ac:75:47:
24:e1:b5:9a:a5:1b:2f:2b:f0:89:87:81:7b:ab:84:
7e:7f:6a:f3:9d:cf:02:80:74:e2:9f:81:cc:27:85:
d5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:93:B1:73:E6:53:32:DD:E5:03:3A:4C:D4:71:83:5D:91:AD:39:28
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/XpOxc-ZTMt3lAzpM1HGDXZGtOSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.160.0-5.0.183.255
Signature Algorithm: sha256WithRSAEncryption
4a:84:56:02:62:2b:95:bf:a7:c0:8d:41:10:b3:72:7e:f0:2a:
15:30:6f:da:e3:9d:40:43:50:2c:0d:53:51:62:26:ca:ca:c4:
9b:7e:b3:b1:e8:11:25:bc:5e:b1:3b:60:a5:f0:d0:a5:29:29:
69:cf:f4:51:56:16:c6:c7:10:4d:3b:98:4d:e4:18:5f:ca:14:
76:2f:31:9c:d9:2f:95:16:8e:41:5c:f5:47:74:57:53:04:df:
a7:09:31:c0:46:7b:c5:04:82:6c:2f:7c:29:01:76:a8:97:c9:
58:cb:cf:75:4e:19:d7:75:c4:1b:f8:99:f2:ca:62:bf:87:7f:
2a:3d:67:47:b1:73:88:b9:a5:8d:b4:00:c2:94:36:82:42:0f:
ff:45:42:35:21:90:5d:de:d3:ea:03:54:d0:68:93:cc:c6:c0:
79:5f:ba:1e:7b:a9:33:04:79:cc:c2:c0:f6:d3:11:7e:f9:61:
70:99:a3:08:99:90:14:2c:cc:30:19:00:08:88:87:7c:e9:40:
0d:75:6e:af:cf:93:67:51:5e:82:3b:a7:f9:2e:9f:ae:b7:cc:
23:5b:9a:3a:9b:32:3c:fa:9d:4b:a6:74:c8:b4:47:3e:f5:74:
d3:87:59:99:09:d3:69:d9:e8:77:6c:8e:af:18:6e:d2:de:f1:
c6:50:1b:b2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY51SpKtbTfM0h612sBMlojjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwMzI1MTEwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTkzYjE3M2U2NTMzMmRkZTUwMzNhNGNkNDcxODM1ZDkxYWQzOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDmp5a63PbNFtq9sk03Za79zrdT2
UzJifuxDEI+jOS62zcPgLMewkkvqC70vjGWLTI5GPhYW8/GLCVSFzuF2Zph78tnE
kfgfvDdwJ1jvI1dJVN+ouUbIrZdVxGr3khCcwtgCdpYhi+6fRfdpBQIKImBEfzg3
AxW35L997daBzbAU0o5yqDUhmpvz948Z1m+VOlSgb3PBkS1iCGBmmuQyAlPfOJa2
LQ69xvtziAeV8ShBDlynEjiEhp08I2RVUsyEdMAjU77RRsWCkP6ZqWPCFP+5S3s2
lHZ9m2gN6/+sdUck4bWapRsvK/CJh4F7q4R+f2rznc8CgHTin4HMJ4XVNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF6TsXPmUzLd5QM6TNRxg12RrTkoMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvWHBPeGMtWlRNdDNsQXpwTTFIR0RYWkd0T1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAUFAKAD
BAMFALAwDQYJKoZIhvcNAQELBQADggEBAEqEVgJiK5W/p8CNQRCzcn7wKhUwb9rj
nUBDUCwNU1FiJsrKxJt+s7HoESW8XrE7YKXw0KUpKWnP9FFWFsbHEE07mE3kGF/K
FHYvMZzZL5UWjkFc9Ud0V1ME36cJMcBGe8UEgmwvfCkBdqiXyVjLz3VOGdd1xBv4
mfLKYr+Hfyo9Z0exc4i5pY20AMKUNoJCD/9FQjUhkF3e0+oDVNBok8zGwHlfuh57
qTMEeczCwPbTEX75YXCZowiZkBQszDAZAAiIh3zpQA11bq/Pk2dRXoI7p/kun663
zCNbmjqbMjz6nUumdMi0Rz71dNOHWZkJ02nZ6Hdsjq8YbtLe8cZQG7I=
-----END CERTIFICATE-----
Generated at Mon Mar 25 17:36:31 2024 by rpki-client on console.sobornost.net