Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7baa1c-8da1-4f80-babb-b4bfc29e71a3/1/wjeqH0m5_k-7nmm_RYymZ-85U8o.roa
File: wjeqH0m5_k-7nmm_RYymZ-85U8o.roa (raw, json)
Hash identifier: d+pz/nzT3aQtHJyR685LnF7dxjGU1BPh6pkmf+jNOJ8=
Subject key identifier: C2:37:AA:1F:49:B9:FE:4F:BB:9E:69:BF:45:8C:A6:67:EF:39:53:CA
Certificate issuer: /CN=96f6ea768ebc9ddc068f5697dfd75caedd7ae108
Certificate serial: 01856C0A5AF6D3EB340C090284538F19518B
Authority key identifier: 96:F6:EA:76:8E:BC:9D:DC:06:8F:56:97:DF:D7:5C:AE:DD:7A:E1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvbqdo68ndwGj1aX39dcrt164Qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7baa1c-8da1-4f80-babb-b4bfc29e71a3/1/wjeqH0m5_k-7nmm_RYymZ-85U8o.roa
Signing time: Sun 01 Jan 2023 06:34:55 +0000
ROA not before: Sun 01 Jan 2023 06:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 5.180.200.0/22 maxlen: 22
2a0b:3240::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:5a:f6:d3:eb:34:0c:09:02:84:53:8f:19:51:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f6ea768ebc9ddc068f5697dfd75caedd7ae108
Validity
Not Before: Jan 1 06:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c237aa1f49b9fe4fbb9e69bf458ca667ef3953ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b9:ec:5e:a0:ea:1e:23:b2:ed:24:94:7a:9c:
08:e8:61:9a:c3:62:5a:4a:0a:62:47:ca:45:17:62:
38:2e:53:22:d6:62:a5:7d:41:5b:2b:c9:09:9d:ed:
c9:94:d3:82:15:aa:af:5d:33:bd:ae:62:9b:db:bc:
7f:85:9f:0d:13:5d:da:42:d1:da:e7:47:9c:52:ee:
71:4e:4f:96:23:36:bd:9d:9d:47:fb:97:0d:1f:9d:
64:6d:aa:ea:53:4b:47:b2:2e:49:cd:6c:59:76:ae:
7f:44:a6:e6:2c:e5:82:1c:1f:d8:df:6d:b9:95:be:
0f:a8:1f:98:93:79:85:cc:4f:15:9b:15:87:1c:42:
53:29:e1:74:55:74:20:ab:2d:c6:49:18:0e:56:7d:
1c:23:24:d3:bf:b7:8a:94:20:fb:57:c7:52:0a:14:
c6:51:32:47:2e:bd:9d:12:3b:d3:30:10:75:7d:95:
25:25:29:6b:af:f3:19:a3:d7:f2:40:1e:44:c7:48:
01:7b:1b:a2:24:41:31:e3:81:29:b5:e3:c1:3c:64:
35:cd:a0:d1:bb:7e:c8:d7:89:48:2f:fa:0b:d0:1e:
df:ee:b3:e9:26:ce:c4:3e:ec:65:7e:b0:71:34:f7:
7b:8a:f4:40:b5:3c:fe:15:be:51:4d:5d:b9:97:6e:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:37:AA:1F:49:B9:FE:4F:BB:9E:69:BF:45:8C:A6:67:EF:39:53:CA
X509v3 Authority Key Identifier:
keyid:96:F6:EA:76:8E:BC:9D:DC:06:8F:56:97:DF:D7:5C:AE:DD:7A:E1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvbqdo68ndwGj1aX39dcrt164Qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7baa1c-8da1-4f80-babb-b4bfc29e71a3/1/wjeqH0m5_k-7nmm_RYymZ-85U8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7baa1c-8da1-4f80-babb-b4bfc29e71a3/1/lvbqdo68ndwGj1aX39dcrt164Qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.200.0/22
IPv6:
2a0b:3240::/32
Signature Algorithm: sha256WithRSAEncryption
c1:03:d5:e2:0c:ec:b6:97:63:e4:a2:92:87:21:a8:7f:8f:72:
9f:ed:8c:70:4c:12:83:08:55:bf:6e:b4:18:8d:ad:09:24:78:
44:8b:b1:f2:e9:7d:79:ae:50:82:ce:67:b6:5c:65:cc:d3:88:
72:39:5d:c6:ef:af:b0:2b:64:80:e2:8f:d9:12:d5:a5:71:55:
92:8d:3e:eb:b6:7f:d5:f8:bf:b9:09:85:fe:ea:ea:56:47:f4:
78:9c:29:71:5d:93:08:fd:07:2e:4a:d1:99:f2:f5:7e:87:87:
28:bf:0b:1a:5f:8c:3a:36:de:6c:1a:67:db:11:df:00:ef:e8:
e5:56:ef:5e:75:85:14:8d:cb:dc:76:47:15:8b:51:48:e7:31:
8b:82:2c:1c:a4:ae:db:b4:e3:97:3c:5a:1a:3f:c4:14:c4:89:
f3:8c:26:a6:84:05:ff:86:89:f4:08:7d:89:1c:49:73:cb:ac:
a8:48:a2:6d:80:33:1a:71:1e:84:4f:78:9f:e5:4e:cd:a4:46:
58:00:b6:cf:bc:f7:f1:11:85:11:31:e9:39:36:b9:ac:b8:dc:
c7:59:2c:cd:cf:19:7a:59:99:99:21:ae:bd:13:d9:ee:89:2d:
29:61:9e:ce:b1:b3:3d:e9:e2:aa:dc:7c:c2:cd:bd:a7:3b:c8:
5f:d7:ea:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsClr20+s0DAkChFOPGVGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjZlYTc2OGViYzlkZGMwNjhmNTY5N2RmZDc1Y2FlZGQ3
YWUxMDgwHhcNMjMwMTAxMDYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM3YWExZjQ5YjlmZTRmYmI5ZTY5YmY0NThjYTY2N2VmMzk1M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bnsXqDqHiOy7SSUepwI6GGaw2Ja
SgpiR8pFF2I4LlMi1mKlfUFbK8kJne3JlNOCFaqvXTO9rmKb27x/hZ8NE13aQtHa
50ecUu5xTk+WIza9nZ1H+5cNH51kbarqU0tHsi5JzWxZdq5/RKbmLOWCHB/Y3225
lb4PqB+Yk3mFzE8VmxWHHEJTKeF0VXQgqy3GSRgOVn0cIyTTv7eKlCD7V8dSChTG
UTJHLr2dEjvTMBB1fZUlJSlrr/MZo9fyQB5Ex0gBexuiJEEx44EptePBPGQ1zaDR
u37I14lIL/oL0B7f7rPpJs7EPuxlfrBxNPd7ivRAtTz+Fb5RTV25l27MvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMI3qh9Juf5Pu55pv0WMpmfvOVPKMB8GA1UdIwQY
MBaAFJb26naOvJ3cBo9Wl9/XXK7deuEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZicWRvNjhuZHdHajFhWDM5ZGNydDE2NFFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83YmFhMWMtOGRhMS00ZjgwLWJhYmIt
YjRiZmMyOWU3MWEzLzEvd2plcUgwbTVfay03bm1tX1JZeW1aLTg1VThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83YmFhMWMtOGRhMS00ZjgwLWJhYmItYjRiZmMyOWU3MWEz
LzEvbHZicWRvNjhuZHdHajFhWDM5ZGNydDE2NFFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbTIMA0E
AgACMAcDBQAqCzJAMA0GCSqGSIb3DQEBCwUAA4IBAQDBA9XiDOy2l2PkopKHIah/
j3Kf7YxwTBKDCFW/brQYja0JJHhEi7Hy6X15rlCCzme2XGXM04hyOV3G76+wK2SA
4o/ZEtWlcVWSjT7rtn/V+L+5CYX+6upWR/R4nClxXZMI/QcuStGZ8vV+h4covwsa
X4w6Nt5sGmfbEd8A7+jlVu9edYUUjcvcdkcVi1FI5zGLgiwcpK7btOOXPFoaP8QU
xInzjCamhAX/hon0CH2JHElzy6yoSKJtgDMacR6ET3if5U7NpEZYALbPvPfxEYUR
Mek5NrmsuNzHWSzNzxl6WZmZIa69E9nuiS0pYZ7OsbM96eKq3HzCzb2nO8hf1+pU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:22 2024 by rpki-client on console-fra.rpki-client.org