Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/m8nUCsQ7M7yro7VmUP7kAIsXgJQ.roa
File: m8nUCsQ7M7yro7VmUP7kAIsXgJQ.roa (raw, json)
Hash identifier: tKTkY7IHiW7vxB77qz3mRV53P/rH072Hh3pldaKKqNo=
Subject key identifier: 9B:C9:D4:0A:C4:3B:33:BC:AB:A3:B5:66:50:FE:E4:00:8B:17:80:94
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 018C6332DA7BD624293CF597C4CDA7C44A04
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/m8nUCsQ7M7yro7VmUP7kAIsXgJQ.roa
Signing time: Wed 13 Dec 2023 12:42:06 +0000
ROA not before: Wed 13 Dec 2023 12:42:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209092
IP address blocks: 5.182.157.0/24 maxlen: 24
5.182.158.0/23 maxlen: 23
5.182.158.0/24 maxlen: 24
5.182.159.0/24 maxlen: 24
5.182.156.0/24 maxlen: 24
5.182.156.0/23 maxlen: 23
5.182.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Dec 2023 15:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:32:da:7b:d6:24:29:3c:f5:97:c4:cd:a7:c4:4a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Dec 13 12:42:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bc9d40ac43b33bcaba3b56650fee4008b178094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:30:f1:05:2a:83:5c:69:b8:3c:4f:75:5d:6b:
b4:e8:a6:24:c1:e8:27:18:f7:bb:76:b6:f6:a3:79:
a3:ad:d7:cd:59:1c:65:4c:fd:6c:c8:97:50:c8:b4:
64:61:81:52:d3:f6:86:4b:f5:26:2a:90:a2:d9:f6:
37:3d:1a:36:35:2a:fd:11:60:de:6d:f4:d4:89:e4:
13:f2:c7:36:84:a8:bd:f1:41:e0:b6:82:ab:8f:ca:
0c:80:87:b0:8a:34:f1:41:6d:4b:b5:5a:a1:c6:8a:
3e:e9:ec:9d:0d:13:7f:a4:a3:af:3d:70:74:1b:e2:
3a:4a:54:92:31:99:28:38:41:ca:d1:41:1e:ea:98:
91:f4:77:46:5d:d1:c5:e0:63:2e:d4:c1:b4:3d:ce:
3a:63:81:74:64:db:fc:71:b6:07:e4:2e:da:9e:03:
a2:f0:48:95:02:21:d4:83:55:c5:b8:59:71:f8:c7:
db:00:ea:6d:97:48:a8:f4:b1:44:6f:dc:49:25:18:
35:b3:5e:b8:22:1b:93:c6:30:33:89:51:5e:79:27:
d3:be:dc:b5:6c:6b:b3:3f:8d:cf:74:e0:f9:51:42:
98:7c:d9:ec:bc:4b:04:93:bf:97:29:15:55:c1:f5:
90:ba:08:60:36:5a:0f:7e:1c:b6:5e:b5:ff:7b:5e:
5c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C9:D4:0A:C4:3B:33:BC:AB:A3:B5:66:50:FE:E4:00:8B:17:80:94
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/m8nUCsQ7M7yro7VmUP7kAIsXgJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.156.0/22
Signature Algorithm: sha256WithRSAEncryption
38:17:e1:7b:98:ce:27:ba:d7:fc:64:d6:af:c1:ae:03:24:47:
eb:90:f8:bd:ab:6c:63:2f:c9:ac:9f:3f:2e:2e:c0:50:90:e3:
ef:70:9c:d5:eb:e1:7a:69:ef:ed:c1:40:9d:a2:8b:02:86:79:
bb:c3:0f:b6:44:68:06:fc:79:a7:a8:a1:52:20:f6:26:7d:b9:
99:b1:41:f5:fd:1e:12:6c:00:78:cd:9e:86:59:72:38:6c:1a:
c8:3b:79:b5:1f:e1:a4:20:c0:65:eb:15:a5:b1:b6:b2:cc:db:
38:fb:09:49:3f:19:6e:b3:88:38:94:fe:f7:44:10:58:d2:1e:
fe:1f:38:fe:01:66:60:3b:0e:b5:c2:9b:59:6c:50:28:e0:a9:
cc:93:2b:7b:97:60:98:2d:a4:df:1f:65:71:b6:b0:8d:46:82:
78:75:9e:57:3a:21:45:b3:f8:85:c0:46:58:d2:37:1d:37:ea:
2c:92:e8:e8:77:3b:28:1e:33:21:3a:93:0d:d6:fd:f1:7c:da:
13:e8:e0:48:f5:00:c5:32:72:55:2d:eb:18:32:dc:cc:62:51:
4b:d6:c8:82:27:44:b4:42:ac:79:b0:bb:58:27:29:7a:a3:b5:
9c:fb:c9:09:37:51:8d:12:7d:36:72:89:6a:5a:4c:2e:db:02:
b7:c3:9a:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxjMtp71iQpPPWXxM2nxEoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjMxMjEzMTI0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmM5ZDQwYWM0M2IzM2JjYWJhM2I1NjY1MGZlZTQwMDhiMTc4MDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjDxBSqDXGm4PE91XWu06KYkwegn
GPe7drb2o3mjrdfNWRxlTP1syJdQyLRkYYFS0/aGS/UmKpCi2fY3PRo2NSr9EWDe
bfTUieQT8sc2hKi98UHgtoKrj8oMgIewijTxQW1LtVqhxoo+6eydDRN/pKOvPXB0
G+I6SlSSMZkoOEHK0UEe6piR9HdGXdHF4GMu1MG0Pc46Y4F0ZNv8cbYH5C7angOi
8EiVAiHUg1XFuFlx+MfbAOptl0io9LFEb9xJJRg1s164IhuTxjAziVFeeSfTvty1
bGuzP43PdOD5UUKYfNnsvEsEk7+XKRVVwfWQughgNloPfhy2XrX/e15c9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJvJ1ArEOzO8q6O1ZlD+5ACLF4CUMB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvbThuVUNzUTdNN3lybzdWbVVQN2tBSXNYZ0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbacMA0G
CSqGSIb3DQEBCwUAA4IBAQA4F+F7mM4nutf8ZNavwa4DJEfrkPi9q2xjL8msnz8u
LsBQkOPvcJzV6+F6ae/twUCdoosChnm7ww+2RGgG/HmnqKFSIPYmfbmZsUH1/R4S
bAB4zZ6GWXI4bBrIO3m1H+GkIMBl6xWlsbayzNs4+wlJPxlus4g4lP73RBBY0h7+
Hzj+AWZgOw61wptZbFAo4KnMkyt7l2CYLaTfH2VxtrCNRoJ4dZ5XOiFFs/iFwEZY
0jcdN+oskujodzsoHjMhOpMN1v3xfNoT6OBI9QDFMnJVLesYMtzMYlFL1siCJ0S0
Qqx5sLtYJyl6o7Wc+8kJN1GNEn02colqWkwu2wK3w5pn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:32 2024 by rpki-client on console-fra.rpki-client.org