Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e1b422-162a-498a-92d8-b102fe3283a3/1/PiWCCwpJm843CVMMY_7sg4sOY0E.roa
File: PiWCCwpJm843CVMMY_7sg4sOY0E.roa (raw, json)
Hash identifier: 1Z25AJ0Qx/d2NNdiWVKGk7s9gYQPGsSV8ZCpprABtsk=
Subject key identifier: 3E:25:82:0B:0A:49:9B:CE:37:09:53:0C:63:FE:EC:83:8B:0E:63:41
Certificate issuer: /CN=b536466d036852e2f7376ade138046143b994cc3
Certificate serial: 018CC56E218E8E4FD40D79BA4C0FA4E5C849
Authority key identifier: B5:36:46:6D:03:68:52:E2:F7:37:6A:DE:13:80:46:14:3B:99:4C:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTZGbQNoUuL3N2reE4BGFDuZTMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e1b422-162a-498a-92d8-b102fe3283a3/1/PiWCCwpJm843CVMMY_7sg4sOY0E.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199205
IP address blocks: 5.254.184.0/21 maxlen: 21
185.119.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:21:8e:8e:4f:d4:0d:79:ba:4c:0f:a4:e5:c8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b536466d036852e2f7376ade138046143b994cc3
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e25820b0a499bce3709530c63feec838b0e6341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d8:7d:02:e8:a4:a5:da:5b:fe:93:43:9d:bf:
d6:04:c3:e2:dc:86:2f:d1:40:cf:7e:af:2b:4d:5d:
25:1b:06:b2:f2:47:ac:d7:3c:d0:43:15:53:a2:86:
c9:b8:3b:41:d8:64:b6:ef:46:11:39:75:de:c5:c9:
2f:c6:95:8f:9c:d2:30:b0:bc:f8:2b:5e:22:ee:d3:
4d:7d:89:f2:35:b1:33:d8:3d:04:7b:2b:de:61:18:
d3:a5:f3:78:91:fb:21:05:40:9d:76:b7:3b:94:58:
cc:4a:61:c9:72:3d:15:32:75:30:9b:93:57:d4:7b:
61:48:e0:a8:27:23:ba:71:54:d3:2e:72:a5:f4:68:
a2:2b:63:a2:95:e5:80:af:65:25:fb:8e:a4:90:f8:
f3:60:83:ec:bf:7e:b4:05:f7:55:45:52:48:33:d2:
ea:7b:19:6a:b9:98:38:cd:49:f8:1e:83:8b:cc:ab:
4e:4d:fb:68:ee:c2:b1:a4:8b:65:a3:4e:34:bd:d7:
33:ad:6a:2e:33:01:f5:11:f1:52:02:44:39:02:39:
5a:57:25:5a:7d:77:68:8a:66:e3:f9:f4:5e:49:67:
7a:e9:1c:4d:0e:c4:7f:e4:3b:f3:f1:e9:7a:c5:af:
5b:44:01:35:12:b6:9d:45:be:14:f0:d8:40:77:c1:
b0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:25:82:0B:0A:49:9B:CE:37:09:53:0C:63:FE:EC:83:8B:0E:63:41
X509v3 Authority Key Identifier:
keyid:B5:36:46:6D:03:68:52:E2:F7:37:6A:DE:13:80:46:14:3B:99:4C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTZGbQNoUuL3N2reE4BGFDuZTMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e1b422-162a-498a-92d8-b102fe3283a3/1/PiWCCwpJm843CVMMY_7sg4sOY0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e1b422-162a-498a-92d8-b102fe3283a3/1/tTZGbQNoUuL3N2reE4BGFDuZTMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.254.184.0/21
185.119.160.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:0f:cb:2e:e1:c2:cf:b3:45:63:fe:9f:1e:7b:c3:59:fb:ed:
0f:6a:fa:51:ec:5f:3c:2e:c8:30:25:3a:3b:2b:16:4a:10:b1:
9c:c0:af:a9:11:2a:67:f0:a9:3c:54:ea:66:60:33:39:e7:35:
ae:e8:44:a9:e8:f1:22:53:0f:54:ab:c4:7c:81:4a:2f:85:36:
9b:a5:d2:55:4d:b2:f5:04:75:84:20:e2:d6:20:b3:bc:7f:d0:
bf:85:1d:1f:6b:a8:9c:ae:e4:dc:61:92:aa:d7:b4:c1:e6:bf:
6e:6c:bc:5d:b6:94:a2:96:51:f2:0e:4f:a6:91:2f:bb:fd:d8:
fc:ec:cb:4c:c7:a9:a2:d1:e3:58:27:0d:c3:fe:91:cb:f1:2b:
b6:45:aa:9c:93:65:a5:f7:4b:55:f6:43:90:df:4b:72:dd:85:
fe:59:87:25:19:da:48:72:4d:2b:63:a8:2e:06:da:67:b1:93:
dd:1c:21:bf:46:0d:60:79:36:d6:4f:6a:37:b7:02:7c:49:2d:
2a:8b:c1:82:68:b2:1a:94:0d:1e:a8:04:9d:0a:34:3f:4c:38:
16:3b:d1:dd:8a:94:19:e9:3c:6d:e1:9b:ef:e6:55:9e:d5:cd:
d5:ef:e2:da:16:f2:ef:80:da:80:aa:df:24:95:61:bf:87:96:
ab:22:60:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbiGOjk/UDXm6TA+k5chJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzY0NjZkMDM2ODUyZTJmNzM3NmFkZTEzODA0NjE0M2I5
OTRjYzMwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI1ODIwYjBhNDk5YmNlMzcwOTUzMGM2M2ZlZWM4MzhiMGU2MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzth9Auikpdpb/pNDnb/WBMPi3IYv
0UDPfq8rTV0lGway8kes1zzQQxVToobJuDtB2GS270YROXXexckvxpWPnNIwsLz4
K14i7tNNfYnyNbEz2D0EeyveYRjTpfN4kfshBUCddrc7lFjMSmHJcj0VMnUwm5NX
1HthSOCoJyO6cVTTLnKl9GiiK2OileWAr2Ul+46kkPjzYIPsv360BfdVRVJIM9Lq
exlquZg4zUn4HoOLzKtOTfto7sKxpItlo040vdczrWouMwH1EfFSAkQ5AjlaVyVa
fXdoimbj+fReSWd66RxNDsR/5Dvz8el6xa9bRAE1EradRb4U8NhAd8GwXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4lggsKSZvONwlTDGP+7IOLDmNBMB8GA1UdIwQY
MBaAFLU2Rm0DaFLi9zdq3hOARhQ7mUzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRaR2JRTm9VdUwzTjJyZUU0QkdGRHVaVE1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lMWI0MjItMTYyYS00OThhLTkyZDgt
YjEwMmZlMzI4M2EzLzEvUGlXQ0N3cEptODQzQ1ZNTVlfN3NnNHNPWTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lMWI0MjItMTYyYS00OThhLTkyZDgtYjEwMmZlMzI4M2Ez
LzEvdFRaR2JRTm9VdUwzTjJyZUU0QkdGRHVaVE1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBf64AwQC
uXegMA0GCSqGSIb3DQEBCwUAA4IBAQCqD8su4cLPs0Vj/p8ee8NZ++0PavpR7F88
LsgwJTo7KxZKELGcwK+pESpn8Kk8VOpmYDM55zWu6ESp6PEiUw9Uq8R8gUovhTab
pdJVTbL1BHWEIOLWILO8f9C/hR0fa6icruTcYZKq17TB5r9ubLxdtpSillHyDk+m
kS+7/dj87MtMx6mi0eNYJw3D/pHL8Su2Raqck2Wl90tV9kOQ30ty3YX+WYclGdpI
ck0rY6guBtpnsZPdHCG/Rg1geTbWT2o3twJ8SS0qi8GCaLIalA0eqASdCjQ/TDgW
O9HdipQZ6Txt4Zvv5lWe1c3V7+LaFvLvgNqAqt8klWG/h5arImAu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:26 2025 by rpki-client