Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1A-VtUG9h_3hql2EPoe2N7jD8EM.roa
File: 1A-VtUG9h_3hql2EPoe2N7jD8EM.roa (raw, json)
Hash identifier: MEGq2iimHb0HkNlqURbKfTE6DqOJhhf8+hUNnG5pzIA=
Subject key identifier: D4:0F:95:B5:41:BD:87:FD:E1:AA:5D:84:3E:87:B6:37:B8:C3:F0:43
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018BB5373A8B77102CE2DCA039A8AEFEAC48
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1A-VtUG9h_3hql2EPoe2N7jD8EM.roa
Signing time: Thu 09 Nov 2023 17:52:57 +0000
ROA not before: Thu 09 Nov 2023 17:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 5.144.176.0/24 maxlen: 24
5.144.178.0/24 maxlen: 24
5.144.177.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
5.144.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:37:3a:8b:77:10:2c:e2:dc:a0:39:a8:ae:fe:ac:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 9 17:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d40f95b541bd87fde1aa5d843e87b637b8c3f043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b1:1e:07:4b:32:9f:a3:e1:15:88:fd:ce:72:
27:b9:3f:d9:3f:26:ee:b9:8d:1e:e0:10:e8:5d:37:
91:6d:32:d7:e2:18:d4:bd:38:05:ed:da:94:7f:96:
0b:49:91:3c:9a:59:4f:a7:2e:db:76:21:3b:ba:47:
28:9c:bc:56:5c:96:38:93:18:69:83:c1:a9:cf:30:
a0:06:f9:e9:db:49:2f:f8:ab:46:f1:d8:cc:bf:68:
da:ec:35:d7:07:8e:11:97:13:cc:42:81:e4:6b:f8:
c1:2b:f8:14:66:52:b9:aa:f4:98:a3:87:99:fb:4c:
af:43:08:7f:f7:a9:e7:6f:37:78:ad:26:48:f4:42:
4d:28:c4:f4:8a:e0:a2:18:75:eb:2b:ef:6f:7a:79:
3f:3d:23:0c:63:2d:49:66:3d:77:f9:3f:d3:cd:8f:
e2:7e:4c:0d:e7:79:0f:77:b9:29:94:94:0c:be:9b:
98:bc:00:72:5e:aa:83:b3:70:74:49:24:f3:f0:d8:
93:36:b4:03:b2:bd:47:a5:14:74:46:57:27:b3:5d:
73:d7:3a:84:d9:62:2c:bb:6c:d0:09:00:56:63:1c:
36:5e:d1:92:5a:4c:1c:e7:31:91:13:f6:8b:2d:cd:
dc:86:cc:3d:8e:c8:f8:75:70:15:d0:2b:35:0e:6d:
f1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0F:95:B5:41:BD:87:FD:E1:AA:5D:84:3E:87:B6:37:B8:C3:F0:43
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1A-VtUG9h_3hql2EPoe2N7jD8EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.176.0-5.144.178.255
5.144.180.0/24
5.144.182.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d2:e5:f6:f4:30:2d:1f:e2:7c:3f:f8:da:8b:31:4b:92:37:
d9:8e:6a:c6:af:1b:a1:f0:21:9a:48:0a:3e:4a:85:57:09:72:
d8:fd:ac:fd:2f:e3:3d:67:a4:aa:fc:19:38:54:df:4c:f6:08:
a0:65:f5:50:c6:8b:26:c9:95:73:08:a0:d8:1f:d9:28:6c:52:
ca:60:e1:88:0e:67:1d:67:28:0a:b7:92:1a:05:d6:7f:ad:1c:
a0:24:dc:77:8c:a5:9e:2b:0f:b0:6c:bf:55:4d:8e:4a:a9:78:
32:b7:2f:55:d4:58:86:20:41:ad:8a:6a:eb:65:da:92:06:65:
74:2c:09:f0:11:f8:fb:bd:62:dd:fd:3d:87:a5:ef:1d:49:f0:
d1:7f:7f:a1:4a:43:b7:5c:f7:26:5f:82:ef:cd:cd:cd:d8:fc:
a7:73:67:bf:af:68:22:e6:b8:19:08:fd:00:13:67:03:e6:85:
1c:5c:bd:cf:14:b4:c2:c4:82:7a:b7:7f:52:39:75:ff:83:5b:
8b:78:19:e6:f9:d6:ca:45:e7:da:f2:06:b4:1b:a4:7a:13:9f:
92:14:97:87:ff:8b:a3:4d:50:2c:ac:9d:74:ed:75:4b:68:54:
2f:09:07:51:d9:4c:b5:3a:a9:9b:05:2e:6a:c0:ad:46:4d:43:
07:60:a1:62
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYu1NzqLdxAs4tygOaiu/qxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMTA5MTc1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDBmOTViNTQxYmQ4N2ZkZTFhYTVkODQzZTg3YjYzN2I4YzNmMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7EeB0syn6PhFYj9znInuT/ZPybu
uY0e4BDoXTeRbTLX4hjUvTgF7dqUf5YLSZE8mllPpy7bdiE7ukconLxWXJY4kxhp
g8GpzzCgBvnp20kv+KtG8djMv2ja7DXXB44RlxPMQoHka/jBK/gUZlK5qvSYo4eZ
+0yvQwh/96nnbzd4rSZI9EJNKMT0iuCiGHXrK+9venk/PSMMYy1JZj13+T/TzY/i
fkwN53kPd7kplJQMvpuYvAByXqqDs3B0SSTz8NiTNrQDsr1HpRR0Rlcns11z1zqE
2WIsu2zQCQBWYxw2XtGSWkwc5zGRE/aLLc3chsw9jsj4dXAV0Cs1Dm3xLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNQPlbVBvYf94apdhD6Htje4w/BDMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvMUEtVnRVRzloXzNocWwyRVBvZTJON2pEOEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQFkLAD
BAAFkLIDBAAFkLQDBAAFkLYwDQYJKoZIhvcNAQELBQADggEBAGrS5fb0MC0f4nw/
+NqLMUuSN9mOasavG6HwIZpICj5KhVcJctj9rP0v4z1npKr8GThU30z2CKBl9VDG
iybJlXMIoNgf2ShsUspg4YgOZx1nKAq3khoF1n+tHKAk3HeMpZ4rD7Bsv1VNjkqp
eDK3L1XUWIYgQa2Kautl2pIGZXQsCfAR+Pu9Yt39PYel7x1J8NF/f6FKQ7dc9yZf
gu/Nzc3Y/KdzZ7+vaCLmuBkI/QATZwPmhRxcvc8UtMLEgnq3f1I5df+DW4t4Geb5
1spF59ryBrQbpHoTn5IUl4f/i6NNUCysnXTtdUtoVC8JB1HZTLU6qZsFLmrArUZN
QwdgoWI=
-----END CERTIFICATE-----
Generated at Wed Dec 6 11:16:44 2023 by rpki-client on console-ams.rpki-client.org