Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F3HAO-krPX8-WBzW-3HAs-1DE8I.roa
File: F3HAO-krPX8-WBzW-3HAs-1DE8I.roa (raw, json)
Hash identifier: KzsTNmO+jrdJ6DUqcokUDHh58xaKnG+qmNorRwHDmsE=
Subject key identifier: 17:71:C0:3B:E9:2B:3D:7F:3E:58:1C:D6:FB:71:C0:B3:ED:43:13:C2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018DAEAE67BBF27017546325211FE9988314
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F3HAO-krPX8-WBzW-3HAs-1DE8I.roa
Signing time: Thu 15 Feb 2024 21:31:21 +0000
ROA not before: Thu 15 Feb 2024 21:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216394
IP address blocks: 5.144.177.0/24 maxlen: 24
5.144.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 20:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:ae:67:bb:f2:70:17:54:63:25:21:1f:e9:98:83:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Feb 15 21:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1771c03be92b3d7f3e581cd6fb71c0b3ed4313c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:70:a0:cf:c3:53:dc:d4:3e:2f:3c:f5:40:df:
ca:62:a0:37:d1:c1:e3:7c:2b:3b:4f:58:b7:73:8a:
c4:04:1b:71:7f:e8:ec:fb:1f:20:d3:70:58:94:d6:
e8:af:1d:25:54:04:52:3f:a5:ce:59:48:03:94:00:
07:e3:4f:50:8c:5b:7d:26:84:71:48:ba:da:5f:4e:
e8:78:22:89:73:d1:81:85:70:24:bc:17:e2:3f:35:
4b:b7:89:67:b1:51:25:d3:c5:10:35:80:1c:fa:e7:
0a:44:14:88:d2:c4:21:10:b2:4f:4a:3e:67:8a:08:
99:f8:1f:c9:06:c6:4d:bb:a5:1a:fe:bc:8d:ea:22:
5a:18:d3:b1:f0:be:4b:d8:e1:8a:30:cc:b6:79:f3:
9d:fd:4e:52:a3:82:dd:c0:bc:18:33:93:fe:86:c7:
2b:8b:d2:2b:00:88:cb:35:9d:5d:79:4f:f8:3a:3e:
fe:0d:b8:4d:d4:23:ae:b4:3d:d2:45:39:30:74:fc:
55:2f:fa:e6:18:ce:69:60:4f:7e:e2:5b:48:f6:d0:
ff:40:fb:84:22:91:49:61:47:d5:ad:5a:2e:a3:f0:
cd:ab:00:20:be:02:62:91:9c:66:82:76:bb:87:43:
92:6d:35:76:e0:d1:63:8b:29:b8:3a:6e:1d:ab:51:
2d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:71:C0:3B:E9:2B:3D:7F:3E:58:1C:D6:FB:71:C0:B3:ED:43:13:C2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F3HAO-krPX8-WBzW-3HAs-1DE8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.177.0/24
5.144.180.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:48:d4:58:73:cc:78:1f:64:b9:7d:21:cb:00:f9:99:59:c8:
61:3f:2f:fe:8c:9b:44:dd:8d:cc:49:5d:96:51:c3:bb:4f:8e:
b0:80:82:e6:b0:b3:77:48:37:a7:ba:e5:e7:ef:10:7b:7b:de:
00:fe:b7:88:3a:26:55:a5:c8:cb:44:37:5f:2f:52:9b:aa:37:
ee:1e:4b:e9:5f:27:53:7d:ec:b6:05:2e:36:3a:16:69:3f:47:
09:75:d9:5e:c4:e7:4d:86:dd:8a:a4:d9:fa:b8:56:92:57:6e:
09:07:69:c8:f8:f2:3f:85:e1:7f:1d:23:75:92:8e:8e:c3:8b:
9b:de:95:8d:ef:0e:39:c2:59:46:63:39:1b:53:ab:51:63:7d:
22:b1:bd:28:e9:33:21:e0:45:54:ed:ca:82:c7:f2:07:7f:1b:
50:2b:d8:bb:06:66:0f:c4:c5:ba:f7:18:e6:a2:52:ea:b3:16:
b7:5e:1e:16:d1:b1:8b:8e:b7:48:d8:f4:51:af:cc:4f:9b:99:
8b:45:9f:c1:b8:ee:43:0a:d4:f9:f1:c1:a2:d9:2f:d6:c2:d0:
15:b2:9c:92:b7:27:a1:8b:d4:1b:2b:db:97:9a:81:a5:8f:d6:
07:3b:f9:80:72:cf:52:a6:70:da:96:9f:0f:ea:f7:1a:6d:58:
6e:88:75:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2urme78nAXVGMlIR/pmIMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMjE1MjEzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzcxYzAzYmU5MmIzZDdmM2U1ODFjZDZmYjcxYzBiM2VkNDMxM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHCgz8NT3NQ+Lzz1QN/KYqA30cHj
fCs7T1i3c4rEBBtxf+js+x8g03BYlNborx0lVARSP6XOWUgDlAAH409QjFt9JoRx
SLraX07oeCKJc9GBhXAkvBfiPzVLt4lnsVEl08UQNYAc+ucKRBSI0sQhELJPSj5n
igiZ+B/JBsZNu6Ua/ryN6iJaGNOx8L5L2OGKMMy2efOd/U5So4LdwLwYM5P+hscr
i9IrAIjLNZ1deU/4Oj7+DbhN1COutD3SRTkwdPxVL/rmGM5pYE9+4ltI9tD/QPuE
IpFJYUfVrVouo/DNqwAgvgJikZxmgna7h0OSbTV24NFjiym4Om4dq1EtEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBdxwDvpKz1/Plgc1vtxwLPtQxPCMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvRjNIQU8ta3JQWDgtV0J6Vy0zSEFzLTFERThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZCxAwQA
BZC0MA0GCSqGSIb3DQEBCwUAA4IBAQC1SNRYc8x4H2S5fSHLAPmZWchhPy/+jJtE
3Y3MSV2WUcO7T46wgILmsLN3SDenuuXn7xB7e94A/reIOiZVpcjLRDdfL1Kbqjfu
HkvpXydTfey2BS42OhZpP0cJddlexOdNht2KpNn6uFaSV24JB2nI+PI/heF/HSN1
ko6Ow4ub3pWN7w45wllGYzkbU6tRY30isb0o6TMh4EVU7cqCx/IHfxtQK9i7BmYP
xMW69xjmolLqsxa3Xh4W0bGLjrdI2PRRr8xPm5mLRZ/BuO5DCtT58cGi2S/WwtAV
spyStyehi9QbK9uXmoGlj9YHO/mAcs9SpnDalp8P6vcabVhuiHVh
-----END CERTIFICATE-----
Generated at Wed Mar 20 01:05:16 2024 by rpki-client on console-fra.rpki-client.org