Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/CqHiwXPHJUlonC_MH3sStaCb3wg.roa
File: CqHiwXPHJUlonC_MH3sStaCb3wg.roa (raw, json)
Hash identifier: DdfNCpVeGASg3d2z0Gv+W57FvlD7SDdBvfU9dieZCV4=
Subject key identifier: 0A:A1:E2:C1:73:C7:25:49:68:9C:2F:CC:1F:7B:12:B5:A0:9B:DF:08
Certificate issuer: /CN=9ba90d66d2ddeb646a61406912ffddfa14e39910
Certificate serial: 018CC86F75F3215CEE31752E3468FAC96D98
Authority key identifier: 9B:A9:0D:66:D2:DD:EB:64:6A:61:40:69:12:FF:DD:FA:14:E3:99:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6kNZtLd62RqYUBpEv_d-hTjmRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/CqHiwXPHJUlonC_MH3sStaCb3wg.roa
Signing time: Tue 02 Jan 2024 04:29:57 +0000
ROA not before: Tue 02 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 5.182.200.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 11 Apr 2024 14:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:75:f3:21:5c:ee:31:75:2e:34:68:fa:c9:6d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba90d66d2ddeb646a61406912ffddfa14e39910
Validity
Not Before: Jan 2 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aa1e2c173c72549689c2fcc1f7b12b5a09bdf08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:42:8c:0a:9a:ef:93:94:d6:f3:0e:43:c5:2f:
c4:89:f2:b0:49:ec:a7:4e:e7:3e:98:ff:45:62:7e:
cf:9b:05:99:db:94:59:c7:98:31:e5:3c:0c:21:f5:
1d:95:fb:60:68:62:af:b3:b1:85:5a:bd:f3:54:de:
0f:b9:85:0d:9a:42:95:f2:da:a9:73:e9:58:4f:b8:
3b:cb:47:8e:cc:cb:85:73:3c:73:f2:3c:bf:c3:ee:
1a:e0:7f:9e:e7:c9:9e:23:3e:28:48:8b:7a:fb:94:
87:e4:50:db:b2:23:9d:a8:52:8c:ff:e2:c6:5e:dc:
39:fb:61:67:0d:db:2c:de:1b:69:e4:2f:f5:16:70:
6b:6b:d8:66:81:a8:cb:e8:bb:ed:ff:14:d6:87:5f:
e0:a4:82:aa:0b:b5:c8:c7:bc:db:0d:c2:c5:72:40:
5f:90:29:34:99:2d:dd:b3:3f:3b:de:ea:e2:26:41:
ee:86:1b:3f:79:b3:f0:57:2a:cd:87:25:29:75:2c:
22:ff:90:8e:7b:1c:11:11:ce:8a:45:11:cc:13:f3:
1b:03:50:e0:57:6c:26:42:9d:68:da:08:38:0b:c4:
dd:7b:00:0f:5a:ad:30:d4:ec:c3:de:95:66:12:16:
96:3a:da:9d:6a:a7:f2:4c:26:de:b2:37:ed:cd:0a:
5c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A1:E2:C1:73:C7:25:49:68:9C:2F:CC:1F:7B:12:B5:A0:9B:DF:08
X509v3 Authority Key Identifier:
keyid:9B:A9:0D:66:D2:DD:EB:64:6A:61:40:69:12:FF:DD:FA:14:E3:99:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6kNZtLd62RqYUBpEv_d-hTjmRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/CqHiwXPHJUlonC_MH3sStaCb3wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/m6kNZtLd62RqYUBpEv_d-hTjmRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.200.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:df:2c:78:f4:cc:e5:cb:ba:f8:5b:91:b2:09:9d:95:62:02:
e3:bf:b9:1b:65:d3:e1:49:11:52:7a:cc:01:db:2c:0b:65:de:
13:df:fd:eb:bd:6f:ca:33:58:c3:da:ca:9b:00:1f:9d:b8:df:
df:95:91:c9:5f:f3:c0:5f:1b:ac:84:e7:78:c8:85:f3:5b:ed:
18:64:7c:9c:69:92:40:70:d2:89:e0:14:4e:73:94:49:a9:cf:
11:89:42:38:68:51:4d:11:eb:eb:cd:b9:4a:e1:bb:10:02:f5:
46:26:db:5d:7a:fe:7b:43:cc:a7:78:ee:89:06:77:96:e9:2b:
27:c5:e0:68:df:4e:6e:c8:01:59:3d:c0:56:30:7a:88:12:91:
95:19:bc:ef:fb:63:96:7c:0d:c2:b4:aa:e5:ec:28:45:81:3a:
0f:7d:6e:2c:ec:d5:64:5e:0e:b8:0f:20:73:16:fd:85:f7:81:
f0:7e:b3:ce:c8:62:13:b0:7e:ae:0c:bc:1c:e6:78:df:48:e6:
56:e5:83:19:ee:b0:05:e4:9e:16:ce:c0:27:79:6f:b9:0c:83:
9d:d8:71:c3:6a:ea:df:72:5f:ed:8c:2e:68:62:87:65:90:74:
3a:af:69:ea:9a:81:f4:9e:64:25:c1:ad:5d:29:02:95:92:6e:
29:9b:63:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb3XzIVzuMXUuNGj6yW2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTkwZDY2ZDJkZGViNjQ2YTYxNDA2OTEyZmZkZGZhMTRl
Mzk5MTAwHhcNMjQwMTAyMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWExZTJjMTczYzcyNTQ5Njg5YzJmY2MxZjdiMTJiNWEwOWJkZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEKMCprvk5TW8w5DxS/EifKwSeyn
Tuc+mP9FYn7PmwWZ25RZx5gx5TwMIfUdlftgaGKvs7GFWr3zVN4PuYUNmkKV8tqp
c+lYT7g7y0eOzMuFczxz8jy/w+4a4H+e58meIz4oSIt6+5SH5FDbsiOdqFKM/+LG
Xtw5+2FnDdss3htp5C/1FnBra9hmgajL6Lvt/xTWh1/gpIKqC7XIx7zbDcLFckBf
kCk0mS3dsz873uriJkHuhhs/ebPwVyrNhyUpdSwi/5COexwREc6KRRHME/MbA1Dg
V2wmQp1o2gg4C8TdewAPWq0w1OzD3pVmEhaWOtqdaqfyTCbesjftzQpcpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqh4sFzxyVJaJwvzB97ErWgm98IMB8GA1UdIwQY
MBaAFJupDWbS3etkamFAaRL/3foU45kQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZrTlp0TGQ2MlJxWVVCcEV2X2QtaFRqbVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xYjc2MzUtZTZmZi00OTY5LWIyYzAt
ODlmYjhmZTY5NjMzLzEvQ3FIaXdYUEhKVWxvbkNfTUgzc1N0YUNiM3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xYjc2MzUtZTZmZi00OTY5LWIyYzAtODlmYjhmZTY5NjMz
LzEvbTZrTlp0TGQ2MlJxWVVCcEV2X2QtaFRqbVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbbIMA0G
CSqGSIb3DQEBCwUAA4IBAQB63yx49Mzly7r4W5GyCZ2VYgLjv7kbZdPhSRFSeswB
2ywLZd4T3/3rvW/KM1jD2sqbAB+duN/flZHJX/PAXxushOd4yIXzW+0YZHycaZJA
cNKJ4BROc5RJqc8RiUI4aFFNEevrzblK4bsQAvVGJttdev57Q8yneO6JBneW6Ssn
xeBo305uyAFZPcBWMHqIEpGVGbzv+2OWfA3CtKrl7ChFgToPfW4s7NVkXg64DyBz
Fv2F94HwfrPOyGITsH6uDLwc5njfSOZW5YMZ7rAF5J4WzsAneW+5DIOd2HHDaurf
cl/tjC5oYodlkHQ6r2nqmoH0nmQlwa1dKQKVkm4pm2Pi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:28 2025 by rpki-client