Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gmJwIo5Q80_dufbPT3j23TVoOPg.roa
File: gmJwIo5Q80_dufbPT3j23TVoOPg.roa (raw, json)
Hash identifier: aKM8B8PYTdX243RmgFP3l2ds7T4yfFY5tw6YV1pJiHM=
Subject key identifier: 82:62:70:22:8E:50:F3:4F:DD:B9:F6:CF:4F:78:F6:DD:35:68:38:F8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8893184ECFF2042F2C373EDB5138CD45
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gmJwIo5Q80_dufbPT3j23TVoOPg.roa
Signing time: Fri 29 Mar 2024 04:58:45 +0000
ROA not before: Fri 29 Mar 2024 04:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 20
5.143.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 29 Mar 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:88:93:18:4e:cf:f2:04:2f:2c:37:3e:db:51:38:cd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 04:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=826270228e50f34fddb9f6cf4f78f6dd356838f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:82:a0:dc:d6:32:3a:c0:40:42:5b:25:aa:
3d:6d:43:ba:da:fe:30:c5:f2:38:ff:20:73:f9:ce:
97:b3:62:1e:2c:74:b5:dd:dd:98:71:87:4f:35:96:
79:1f:1a:07:bc:f5:3b:d0:3f:6f:cb:32:63:6c:4a:
95:06:92:ef:e2:df:a6:85:b9:04:81:8d:f1:21:44:
ab:fb:d8:3b:53:76:b8:a6:11:ca:e5:18:de:6a:9c:
c7:49:7c:9b:a4:66:f0:7e:27:cc:6d:3d:15:59:1e:
97:06:1d:0f:9f:9e:d7:18:b6:02:57:20:d2:06:89:
dd:3b:ee:36:5d:6b:dd:35:ac:49:b7:bc:96:cc:0b:
24:8a:91:27:62:0e:07:4c:6a:f9:ca:d7:0b:13:61:
68:45:c2:ce:0a:dd:89:ea:6e:bc:a0:2c:d5:09:05:
7e:06:d2:0a:74:07:db:4a:28:f5:c6:46:41:51:53:
5f:e1:4c:89:d5:96:5a:46:94:75:62:b3:5d:14:f9:
bf:e5:66:8b:f7:41:b6:a2:bc:1a:35:4c:42:b9:48:
53:83:d0:24:ae:81:31:28:61:90:78:45:cf:74:a1:
5e:cc:4f:71:f2:ae:6e:98:58:9e:0e:27:e0:29:b2:
c1:2b:2a:6f:c3:d5:8e:5d:2d:f1:b5:2b:f7:7f:9b:
af:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:62:70:22:8E:50:F3:4F:DD:B9:F6:CF:4F:78:F6:DD:35:68:38:F8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gmJwIo5Q80_dufbPT3j23TVoOPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
Signature Algorithm: sha256WithRSAEncryption
57:8e:b2:fd:12:c5:b0:38:40:8f:9f:4c:a7:b6:f6:ba:36:14:
6c:2b:26:e1:de:50:ee:bb:eb:7e:57:bd:42:28:53:50:68:34:
2b:d3:08:21:a7:72:e9:c1:6c:86:a8:ab:f3:24:7f:ae:d6:fc:
89:c1:c0:85:06:3c:ec:16:89:d3:d3:70:4d:92:9e:5e:fc:07:
b0:0f:30:83:3c:be:eb:df:4b:bc:c7:2a:86:98:69:d3:ca:1b:
f9:a2:e8:7b:58:31:11:90:8d:55:80:ad:92:c9:14:b1:3e:49:
a1:76:06:62:58:9c:13:28:e0:8d:89:ca:c4:7a:8f:3a:44:94:
29:4f:08:80:b3:b7:f4:8d:77:c3:b7:cd:66:6a:2b:80:fe:ad:
21:38:13:95:32:c7:e2:03:96:7d:87:33:87:86:7f:fc:7e:2f:
b1:df:15:70:01:f7:bb:eb:70:13:f7:08:5e:e9:48:dd:b3:a0:
e1:21:c7:02:5e:19:5c:09:06:48:e8:04:f6:f3:61:77:57:fa:
de:9c:9b:49:a4:a3:8e:a1:8d:17:e3:58:10:e4:2f:99:7c:d8:
74:ee:56:3d:96:65:71:88:94:fc:75:4e:83:b4:3a:52:a6:08:
e4:b5:88:ac:52:a5:29:a8:58:79:4e:ac:70:33:89:3e:d8:0e:
aa:41:b3:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6IkxhOz/IELyw3PttROM1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MDQ1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjYyNzAyMjhlNTBmMzRmZGRiOWY2Y2Y0Zjc4ZjZkZDM1NjgzOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbKCoNzWMjrAQEJbJao9bUO62v4w
xfI4/yBz+c6Xs2IeLHS13d2YcYdPNZZ5HxoHvPU70D9vyzJjbEqVBpLv4t+mhbkE
gY3xIUSr+9g7U3a4phHK5RjeapzHSXybpGbwfifMbT0VWR6XBh0Pn57XGLYCVyDS
BondO+42XWvdNaxJt7yWzAskipEnYg4HTGr5ytcLE2FoRcLOCt2J6m68oCzVCQV+
BtIKdAfbSij1xkZBUVNf4UyJ1ZZaRpR1YrNdFPm/5WaL90G2orwaNUxCuUhTg9Ak
roExKGGQeEXPdKFezE9x8q5umFieDifgKbLBKypvw9WOXS3xtSv3f5uvXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJicCKOUPNP3bn2z0949t01aDj4MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZ21Kd0lvNVE4MF9kdWZiUFQzajIzVFZvT1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBY+wMA0G
CSqGSIb3DQEBCwUAA4IBAQBXjrL9EsWwOECPn0yntva6NhRsKybh3lDuu+t+V71C
KFNQaDQr0wghp3LpwWyGqKvzJH+u1vyJwcCFBjzsFonT03BNkp5e/AewDzCDPL7r
30u8xyqGmGnTyhv5ouh7WDERkI1VgK2SyRSxPkmhdgZiWJwTKOCNicrEeo86RJQp
TwiAs7f0jXfDt81maiuA/q0hOBOVMsfiA5Z9hzOHhn/8fi+x3xVwAfe763AT9whe
6Ujds6DhIccCXhlcCQZI6AT282F3V/renJtJpKOOoY0X41gQ5C+ZfNh07lY9lmVx
iJT8dU6DtDpSpgjktYisUqUpqFh5TqxwM4k+2A6qQbNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org