Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ydqGz_AggX2cAcxmUfFYOgmGgcc.roa
File: ydqGz_AggX2cAcxmUfFYOgmGgcc.roa (raw, json)
Hash identifier: PAdVMMZntx4KJjSU+fOVGT9Ozs+GfJt/bo0kRwc7l34=
Subject key identifier: C9:DA:86:CF:F0:20:81:7D:9C:01:CC:66:51:F1:58:3A:09:86:81:C7
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018F594EF14B4F5E1D4A17C2B10EAB9445C5
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ydqGz_AggX2cAcxmUfFYOgmGgcc.roa
Signing time: Wed 08 May 2024 17:44:56 +0000
ROA not before: Wed 08 May 2024 17:44:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203363
IP address blocks: 5.144.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 06:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:4e:f1:4b:4f:5e:1d:4a:17:c2:b1:0e:ab:94:45:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: May 8 17:44:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9da86cff020817d9c01cc6651f1583a098681c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7f:6a:d1:da:cd:25:7a:c2:89:9a:f1:47:23:
27:60:d0:6c:fe:83:11:7c:03:b0:97:52:f8:7c:a5:
fc:e0:30:df:65:6f:d7:28:fd:aa:4d:aa:89:76:be:
d8:dd:c8:09:64:14:18:35:27:6e:ac:9d:b3:ad:63:
f1:58:1a:4c:2d:87:1f:70:44:7c:44:e4:0c:3b:ad:
80:2d:d2:7b:53:10:e8:11:32:92:53:11:a4:22:69:
80:70:cc:70:2d:68:fe:63:97:41:ba:15:30:95:25:
d1:1c:7e:53:85:c2:a1:3f:10:e6:c6:5c:ac:71:2b:
71:73:77:86:54:af:a0:36:28:81:83:bc:27:b7:d2:
95:c4:d4:95:aa:79:23:b5:b9:3f:55:a6:d9:41:8a:
80:9a:02:1d:03:31:0d:d8:a8:f8:43:b0:80:23:1a:
12:f7:7d:cb:25:c0:18:fc:c9:97:5e:1c:b3:2b:b1:
dd:c6:00:59:ec:c2:73:d6:c8:05:4c:ff:a0:b3:65:
87:28:1d:a9:e3:1b:13:b8:03:40:f2:d4:62:91:09:
8d:f0:14:ad:13:b0:0f:79:3a:c5:17:be:d5:50:22:
e3:1b:b6:a4:c6:80:9a:c1:58:dc:6c:06:b1:84:e1:
bb:75:f6:97:84:db:fe:0b:7d:87:c2:ba:b1:31:e1:
91:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DA:86:CF:F0:20:81:7D:9C:01:CC:66:51:F1:58:3A:09:86:81:C7
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ydqGz_AggX2cAcxmUfFYOgmGgcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:82:f6:8a:95:a2:16:56:6a:7c:06:41:86:4b:90:df:f4:51:
bf:8e:68:22:fb:fb:1f:71:bc:09:c4:7f:be:3d:50:19:08:45:
57:26:05:1c:31:97:8c:2c:50:dd:3b:5f:5c:02:eb:d0:62:5b:
21:c0:1b:24:8d:3f:40:7c:4c:bc:dc:7d:3a:81:d8:9a:96:d9:
7b:49:9f:29:2c:5b:29:92:aa:d0:e6:55:57:c1:4c:5f:b5:31:
38:24:06:f3:f6:81:27:43:7e:69:36:88:7e:81:41:eb:42:bb:
df:24:6a:92:f5:b2:48:7e:6d:bd:2b:70:41:14:76:4c:37:af:
6a:84:f1:85:3f:f9:65:51:fb:6b:ab:94:0b:92:9b:7c:db:d6:
13:22:f2:33:b1:33:61:c5:e8:6b:57:8f:02:71:74:69:46:d9:
07:c5:f3:fb:58:ed:7b:70:cb:fa:b9:a1:1a:6e:3e:38:6b:28:
12:0f:75:bf:f1:54:2d:48:5f:b9:0c:d0:93:7b:2a:bc:f0:ed:
cb:31:17:e3:72:13:46:99:bd:b3:ab:94:42:bd:73:f8:14:7c:
16:ca:95:0e:d9:2d:d8:08:de:31:27:a8:6a:e4:26:51:45:b8:
97:f8:18:99:10:06:27:24:44:af:72:1b:49:67:d1:de:9d:63:
64:f3:76:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9ZTvFLT14dShfCsQ6rlEXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwNTA4MTc0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRhODZjZmYwMjA4MTdkOWMwMWNjNjY1MWYxNTgzYTA5ODY4MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn9q0drNJXrCiZrxRyMnYNBs/oMR
fAOwl1L4fKX84DDfZW/XKP2qTaqJdr7Y3cgJZBQYNSdurJ2zrWPxWBpMLYcfcER8
ROQMO62ALdJ7UxDoETKSUxGkImmAcMxwLWj+Y5dBuhUwlSXRHH5ThcKhPxDmxlys
cStxc3eGVK+gNiiBg7wnt9KVxNSVqnkjtbk/VabZQYqAmgIdAzEN2Kj4Q7CAIxoS
933LJcAY/MmXXhyzK7HdxgBZ7MJz1sgFTP+gs2WHKB2p4xsTuANA8tRikQmN8BSt
E7APeTrFF77VUCLjG7akxoCawVjcbAaxhOG7dfaXhNv+C32HwrqxMeGR6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnahs/wIIF9nAHMZlHxWDoJhoHHMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEveWRxR3pfQWdnWDJjQWN4bVVmRllPZ21HZ2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCbMA0G
CSqGSIb3DQEBCwUAA4IBAQBugvaKlaIWVmp8BkGGS5Df9FG/jmgi+/sfcbwJxH++
PVAZCEVXJgUcMZeMLFDdO19cAuvQYlshwBskjT9AfEy83H06gdialtl7SZ8pLFsp
kqrQ5lVXwUxftTE4JAbz9oEnQ35pNoh+gUHrQrvfJGqS9bJIfm29K3BBFHZMN69q
hPGFP/llUftrq5QLkpt829YTIvIzsTNhxehrV48CcXRpRtkHxfP7WO17cMv6uaEa
bj44aygSD3W/8VQtSF+5DNCTeyq88O3LMRfjchNGmb2zq5RCvXP4FHwWypUO2S3Y
CN4xJ6hq5CZRRbiX+BiZEAYnJESvchtJZ9HenWNk83aW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:19 2024 by rpki-client on console-fra.rpki-client.org