Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jeD5_CZ6i-_gwpaPfubaNfruS8M.roa
File: jeD5_CZ6i-_gwpaPfubaNfruS8M.roa (raw, json)
Hash identifier: 6KVRNrif8AG1e6m/9BgD2UYEtMEOYk0cD1nifNxUZms=
Subject key identifier: 8D:E0:F9:FC:26:7A:8B:EF:E0:C2:96:8F:7E:E6:DA:35:FA:EE:4B:C3
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190587851DAC0627318BB1851A6B5113228
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jeD5_CZ6i-_gwpaPfubaNfruS8M.roa
Signing time: Thu 27 Jun 2024 06:53:18 +0000
ROA not before: Thu 27 Jun 2024 06:53:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40940
IP address blocks: 5.226.52.0/23 maxlen: 24
43.225.88.0/23 maxlen: 24
188.214.236.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 04:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:78:51:da:c0:62:73:18:bb:18:51:a6:b5:11:32:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 27 06:53:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8de0f9fc267a8befe0c2968f7ee6da35faee4bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:99:5d:83:4b:ce:60:1e:d1:83:8a:27:ec:9e:
fa:22:46:dd:e3:bf:4b:61:8a:c5:2c:4c:f8:7e:98:
74:68:97:82:08:04:68:d9:8a:02:6f:57:f9:a1:22:
f6:35:43:c1:51:e6:f8:80:67:36:e8:a5:a2:7e:60:
ce:67:1d:19:94:c7:17:07:56:fd:3f:bc:53:91:52:
1e:a1:12:ce:95:c7:76:e0:d8:ce:62:d8:dd:35:dd:
cc:32:07:18:59:25:a8:49:57:f9:9f:e1:9d:93:f3:
9d:7a:4b:e1:27:f0:e7:04:48:5a:c6:01:a5:f7:51:
ac:86:bc:a5:39:38:5f:0d:58:af:28:15:5a:21:3a:
3e:82:ae:5f:fc:08:04:5a:b9:55:f1:fd:ea:6d:80:
bf:4b:cd:15:2c:49:80:3d:9d:b3:87:5a:98:fb:29:
c7:33:25:21:f6:e6:23:0f:83:68:bc:19:64:0f:f8:
59:de:5c:de:01:e0:5c:17:ee:cc:bd:5e:41:fd:dc:
8e:af:88:34:33:0d:c7:76:d5:56:db:94:80:7e:5a:
70:04:bd:12:81:87:73:45:d0:60:7b:a6:85:4f:7d:
91:4b:f6:2e:37:9a:6c:11:fd:c7:97:ef:fc:9b:bb:
3b:e8:b0:9a:f8:be:12:53:da:d7:98:58:57:92:08:
a0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E0:F9:FC:26:7A:8B:EF:E0:C2:96:8F:7E:E6:DA:35:FA:EE:4B:C3
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jeD5_CZ6i-_gwpaPfubaNfruS8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.52.0/23
43.225.88.0/23
188.214.236.0/23
Signature Algorithm: sha256WithRSAEncryption
d1:67:4b:f9:fe:76:2e:04:74:50:5b:98:f7:3a:6d:f2:39:40:
1d:b7:60:41:ea:6a:0c:cb:d6:ee:79:77:1c:5b:20:f3:85:74:
65:93:9f:5b:9c:af:65:c0:d2:34:27:81:09:19:4c:f4:e3:32:
44:16:9e:96:a0:04:a6:46:7e:c3:b7:29:be:14:4e:91:25:d6:
22:93:1e:64:87:c5:a6:67:d0:63:53:57:39:77:24:cc:b6:6b:
2b:47:9e:3a:f2:2b:0c:7e:96:6b:22:9c:97:83:ad:d7:dd:55:
8b:44:7f:74:e4:c8:c1:54:de:27:a3:ac:07:41:63:87:f0:0b:
cf:c1:db:20:d8:e3:ce:18:29:2d:6d:be:6e:1e:eb:a6:05:18:
3f:5e:86:d8:11:2f:95:98:88:79:1e:02:fc:d3:f9:40:0b:f0:
e4:bd:3e:89:11:d9:c2:7b:f5:0a:21:96:5f:ca:42:34:0f:07:
17:4e:12:1b:bf:3b:d3:ae:51:07:f4:71:5b:9c:28:64:3c:3f:
32:97:86:27:7a:a3:54:6a:6e:aa:15:e0:04:32:56:90:73:c2:
5f:36:ac:a3:6c:b1:ca:1f:27:6f:dd:06:f9:b7:62:1b:e3:36:
c2:56:6b:9d:f0:e4:ae:e5:f5:d8:89:44:a4:8f:d9:c4:d0:35:
e2:36:4a:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBYeFHawGJzGLsYUaa1ETIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI3MDY1MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGUwZjlmYzI2N2E4YmVmZTBjMjk2OGY3ZWU2ZGEzNWZhZWU0YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75ldg0vOYB7Rg4on7J76Ikbd479L
YYrFLEz4fph0aJeCCARo2YoCb1f5oSL2NUPBUeb4gGc26KWifmDOZx0ZlMcXB1b9
P7xTkVIeoRLOlcd24NjOYtjdNd3MMgcYWSWoSVf5n+Gdk/OdekvhJ/DnBEhaxgGl
91GshrylOThfDVivKBVaITo+gq5f/AgEWrlV8f3qbYC/S80VLEmAPZ2zh1qY+ynH
MyUh9uYjD4NovBlkD/hZ3lzeAeBcF+7MvV5B/dyOr4g0Mw3HdtVW25SAflpwBL0S
gYdzRdBge6aFT32RS/YuN5psEf3Hl+/8m7s76LCa+L4SU9rXmFhXkgigTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI3g+fwmeovv4MKWj37m2jX67kvDMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvamVENV9DWjZpLV9nd3BhUGZ1YmFOZnJ1UzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBeI0AwQB
K+FYAwQBvNbsMA0GCSqGSIb3DQEBCwUAA4IBAQDRZ0v5/nYuBHRQW5j3Om3yOUAd
t2BB6moMy9bueXccWyDzhXRlk59bnK9lwNI0J4EJGUz04zJEFp6WoASmRn7Dtym+
FE6RJdYikx5kh8WmZ9BjU1c5dyTMtmsrR5468isMfpZrIpyXg63X3VWLRH905MjB
VN4no6wHQWOH8AvPwdsg2OPOGCktbb5uHuumBRg/XobYES+VmIh5HgL80/lAC/Dk
vT6JEdnCe/UKIZZfykI0DwcXThIbvzvTrlEH9HFbnChkPD8yl4YneqNUam6qFeAE
MlaQc8JfNqyjbLHKHydv3Qb5t2Ib4zbCVmud8OSu5fXYiUSkj9nE0DXiNkpa
-----END CERTIFICATE-----
Generated at Wed Oct 9 08:19:39 2024 by rpki-client on console-fra.rpki-client.org