Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/870123-719d-4506-bf86-e8de059278bd/1/bCr0j3C5G5mp4nZnID8HittdGSA.roa
File: bCr0j3C5G5mp4nZnID8HittdGSA.roa (raw, json)
Hash identifier: 9qbyOC+XWSYQHFpcV4KqMITC5C282tHC1W3vcV1Y2e0=
Subject key identifier: 6C:2A:F4:8F:70:B9:1B:99:A9:E2:76:67:20:3F:07:8A:DB:5D:19:20
Certificate issuer: /CN=18c1ac6882de0893060f80917d7b858c5c30f061
Certificate serial: 01856D81BF24EE01AC7D52D4D9FCAB6CB3C9
Authority key identifier: 18:C1:AC:68:82:DE:08:93:06:0F:80:91:7D:7B:85:8C:5C:30:F0:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GMGsaILeCJMGD4CRfXuFjFww8GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/870123-719d-4506-bf86-e8de059278bd/1/bCr0j3C5G5mp4nZnID8HittdGSA.roa
Signing time: Sun 01 Jan 2023 13:24:57 +0000
ROA not before: Sun 01 Jan 2023 13:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56987
IP address blocks: 5.180.57.0/24 maxlen: 24
5.180.58.0/23 maxlen: 23
2a0c:3d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:bf:24:ee:01:ac:7d:52:d4:d9:fc:ab:6c:b3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18c1ac6882de0893060f80917d7b858c5c30f061
Validity
Not Before: Jan 1 13:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c2af48f70b91b99a9e27667203f078adb5d1920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:a1:aa:2b:13:7e:14:e8:b2:e2:49:15:d8:
87:09:79:9a:04:de:69:58:a6:6a:b2:18:3e:85:c2:
1e:d6:72:87:f5:52:c3:70:5e:f7:8d:cd:c6:c3:b9:
a3:df:f4:d9:b6:57:9a:86:f2:d1:17:9f:53:e7:70:
d1:f8:3e:a0:61:fe:1f:c8:6b:61:d7:3b:17:79:45:
d5:09:f4:ca:c7:72:1f:b4:3c:38:7c:21:8c:ea:21:
0a:77:5a:74:ea:e0:29:4a:5e:3b:f7:93:9c:f7:99:
5d:45:13:62:ed:41:cb:99:47:b3:2c:4a:5f:08:73:
c4:4e:71:74:d5:2d:ff:7e:59:56:a3:67:a3:8b:b4:
b2:ca:92:a1:75:20:99:18:1c:ae:74:f7:61:6d:6e:
47:ae:5d:7d:2e:72:1c:e7:3a:6c:ed:90:d8:c3:ca:
bb:81:ce:b7:73:d0:4d:46:77:e5:33:c9:bf:1e:fd:
48:47:66:70:ad:4e:7d:02:72:2e:a1:ef:11:e6:15:
d7:53:3e:61:5e:e2:66:f7:67:aa:4d:79:90:ff:d9:
a9:5d:c1:02:aa:c1:fd:e8:d6:45:5f:95:5f:0f:92:
06:c8:37:21:45:6e:41:69:56:e4:f6:ee:92:94:51:
e0:d9:3a:e0:56:0f:f0:1e:3c:3f:82:d3:11:55:0d:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2A:F4:8F:70:B9:1B:99:A9:E2:76:67:20:3F:07:8A:DB:5D:19:20
X509v3 Authority Key Identifier:
keyid:18:C1:AC:68:82:DE:08:93:06:0F:80:91:7D:7B:85:8C:5C:30:F0:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GMGsaILeCJMGD4CRfXuFjFww8GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/870123-719d-4506-bf86-e8de059278bd/1/bCr0j3C5G5mp4nZnID8HittdGSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/870123-719d-4506-bf86-e8de059278bd/1/GMGsaILeCJMGD4CRfXuFjFww8GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.57.0-5.180.59.255
IPv6:
2a0c:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ff:a0:43:9d:fe:1b:61:71:cf:a6:5a:aa:89:8c:fc:3f:7c:
c8:84:7f:f8:11:b7:bd:5a:13:e0:ce:61:0c:fc:e7:22:ea:f7:
a8:fc:2c:3f:3d:2a:56:e1:67:e9:39:16:03:fd:39:4c:6f:8b:
da:11:2f:ec:6e:7d:3d:f0:46:3d:70:bf:c9:a8:d5:ed:fd:9b:
e9:91:3a:cc:01:56:2c:6b:b5:0a:e7:e8:dc:6b:5b:55:a4:0b:
cd:c6:d8:ae:d0:d4:ab:87:cc:90:f0:5f:45:07:ab:9c:7e:ba:
0e:08:cc:08:b0:98:5b:1c:1c:3b:66:1f:f2:ee:0c:d0:49:24:
bf:d8:ed:85:6b:f3:ce:2f:fd:b7:9c:3f:fb:bd:41:0a:e8:a5:
32:4c:5b:4d:59:2c:51:17:10:2f:a4:87:a4:f0:00:b3:11:d4:
96:73:fb:08:df:fa:e4:6a:40:82:f4:e7:e8:ca:7c:ee:0c:56:
0b:f3:9b:d6:e5:8e:de:bf:da:7b:78:ca:cb:6c:ed:a0:5a:10:
62:37:94:9f:33:3c:5a:83:ca:a4:22:05:a3:24:32:ad:06:b7:
65:fd:b9:62:cf:33:ea:2a:65:23:9d:1d:03:7a:b7:26:0a:97:
93:16:70:52:96:26:35:c0:97:ae:c4:f5:84:86:d5:e8:64:33:
86:79:ed:d1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtgb8k7gGsfVLU2fyrbLPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YzFhYzY4ODJkZTA4OTMwNjBmODA5MTdkN2I4NThjNWMz
MGYwNjEwHhcNMjMwMTAxMTMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJhZjQ4ZjcwYjkxYjk5YTllMjc2NjcyMDNmMDc4YWRiNWQxOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6ShqisTfhTosuJJFdiHCXmaBN5p
WKZqshg+hcIe1nKH9VLDcF73jc3Gw7mj3/TZtleahvLRF59T53DR+D6gYf4fyGth
1zsXeUXVCfTKx3IftDw4fCGM6iEKd1p06uApSl4795Oc95ldRRNi7UHLmUezLEpf
CHPETnF01S3/fllWo2eji7SyypKhdSCZGByudPdhbW5Hrl19LnIc5zps7ZDYw8q7
gc63c9BNRnflM8m/Hv1IR2ZwrU59AnIuoe8R5hXXUz5hXuJm92eqTXmQ/9mpXcEC
qsH96NZFX5VfD5IGyDchRW5BaVbk9u6SlFHg2TrgVg/wHjw/gtMRVQ2tCwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGwq9I9wuRuZqeJ2ZyA/B4rbXRkgMB8GA1UdIwQY
MBaAFBjBrGiC3giTBg+AkX17hYxcMPBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR01Hc2FJTGVDSk1HRDRDUmZYdUZqRnd3OEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84NzAxMjMtNzE5ZC00NTA2LWJmODYt
ZThkZTA1OTI3OGJkLzEvYkNyMGozQzVHNW1wNG5abklEOEhpdHRkR1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84NzAxMjMtNzE5ZC00NTA2LWJmODYtZThkZTA1OTI3OGJk
LzEvR01Hc2FJTGVDSk1HRDRDUmZYdUZqRnd3OEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAFtDkD
BAIFtDgwDQQCAAIwBwMFAyoMPQAwDQYJKoZIhvcNAQELBQADggEBABz/oEOd/hth
cc+mWqqJjPw/fMiEf/gRt71aE+DOYQz85yLq96j8LD89KlbhZ+k5FgP9OUxvi9oR
L+xufT3wRj1wv8mo1e39m+mROswBVixrtQrn6NxrW1WkC83G2K7Q1KuHzJDwX0UH
q5x+ug4IzAiwmFscHDtmH/LuDNBJJL/Y7YVr884v/becP/u9QQropTJMW01ZLFEX
EC+kh6TwALMR1JZz+wjf+uRqQIL05+jKfO4MVgvzm9bljt6/2nt4ysts7aBaEGI3
lJ8zPFqDyqQiBaMkMq0Gt2X9uWLPM+oqZSOdHQN6tyYKl5MWcFKWJjXAl67E9YSG
1ehkM4Z57dE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:03 2024 by rpki-client on console-ams.rpki-client.org