Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/IQnQVLJop8nvJpoBrEGXpadkwWs.roa
File: IQnQVLJop8nvJpoBrEGXpadkwWs.roa (raw, json)
Hash identifier: wwhhXv8KFWPwrFWjbOalN0eooWCIxD0j5h5jDRpl5Nk=
Subject key identifier: 21:09:D0:54:B2:68:A7:C9:EF:26:9A:01:AC:41:97:A5:A7:64:C1:6B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 01893610FC67CB002169FF4865BFFEE973F0
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/IQnQVLJop8nvJpoBrEGXpadkwWs.roa
Signing time: Sat 08 Jul 2023 15:13:50 +0000
ROA not before: Sat 08 Jul 2023 15:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 5.144.177.0/24 maxlen: 24
5.144.176.0/24 maxlen: 24
5.144.181.0/24 maxlen: 24
5.144.180.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:36:10:fc:67:cb:00:21:69:ff:48:65:bf:fe:e9:73:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jul 8 15:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2109d054b268a7c9ef269a01ac4197a5a764c16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9b:b9:82:2a:15:eb:51:34:79:e7:1c:58:da:
f4:b1:6f:a7:9e:de:0b:90:de:da:3f:fe:eb:01:b3:
8e:5c:1b:64:b1:63:fb:8a:28:93:50:99:a9:cb:44:
61:15:15:df:92:56:56:65:82:5a:40:81:1c:58:24:
08:4b:b0:5b:5c:d8:b9:dd:ff:5b:1f:60:f3:45:9b:
c3:eb:fe:a9:6a:89:9a:24:6a:d6:73:39:04:2a:8f:
cc:b9:e1:98:a2:b7:d6:30:fd:43:5d:8d:eb:32:1d:
77:82:e9:a9:be:23:ea:5b:d0:cf:f6:20:3a:f8:46:
35:6e:3f:91:cc:9c:89:ef:a4:7a:87:e6:d3:cc:d5:
08:d8:e4:15:80:bd:52:75:95:50:52:27:cf:7a:a4:
a3:c2:6d:05:47:90:07:ae:84:1a:60:39:f7:ac:a8:
8e:80:cd:58:d0:17:3a:98:32:c1:91:f3:91:e4:07:
f1:0e:87:3a:e6:5f:71:4d:c5:0e:9a:65:4c:25:14:
c4:42:1c:27:e5:d8:cc:3e:58:ea:24:be:ca:3d:e6:
6a:ef:c1:e1:c6:31:b0:44:9b:d1:cd:ed:9c:16:14:
8d:63:6e:c9:f3:ed:25:6b:39:88:23:03:6e:09:0f:
4e:18:33:e1:f5:06:01:0f:96:e5:c7:4a:35:0f:23:
23:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:09:D0:54:B2:68:A7:C9:EF:26:9A:01:AC:41:97:A5:A7:64:C1:6B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/IQnQVLJop8nvJpoBrEGXpadkwWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.176.0/23
5.144.180.0-5.144.182.255
Signature Algorithm: sha256WithRSAEncryption
69:a3:65:9a:8a:f4:7a:50:7c:c9:bb:92:ab:29:12:cf:20:fa:
da:5c:a6:bf:6b:f5:60:2d:8d:e7:d3:12:8c:e3:d7:59:9c:21:
ab:f6:68:19:9a:4e:f2:dc:f6:45:e5:70:a5:93:59:8e:d6:ed:
e5:bc:d9:bc:97:5c:cb:63:d0:df:e5:85:dd:20:dd:69:7a:4d:
91:fa:dc:59:88:0e:aa:77:79:25:88:9c:d0:a2:df:97:45:19:
39:f4:04:e2:05:09:20:48:31:57:e1:94:fe:57:e2:5f:94:74:
7f:58:5f:42:9c:e1:2e:0b:e7:80:89:91:19:a3:a7:d0:28:14:
95:c8:20:81:be:b6:23:c6:01:18:78:c1:ff:18:6f:89:b8:94:
a0:87:1c:cd:49:d6:03:e6:55:bc:1b:cf:bc:11:b7:74:52:90:
1d:bf:40:6e:5b:e3:ae:e6:6f:13:e5:00:65:c1:9b:fb:0d:34:
51:00:20:68:2a:76:52:e9:02:95:4b:8e:26:3f:da:17:d7:b6:
ef:d2:30:69:3b:e7:8b:38:d4:d1:b0:1f:5e:b3:aa:4f:d3:9a:
16:0c:c0:1d:ae:44:79:60:64:19:bb:a1:5b:59:dc:5b:cd:45:
5e:ee:a6:f0:e7:dc:c1:26:b4:1a:03:46:f1:d9:67:f9:eb:5d:
06:ee:71:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYk2EPxnywAhaf9IZb/+6XPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwNzA4MTUxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA5ZDA1NGIyNjhhN2M5ZWYyNjlhMDFhYzQxOTdhNWE3NjRjMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJu5gioV61E0eeccWNr0sW+nnt4L
kN7aP/7rAbOOXBtksWP7iiiTUJmpy0RhFRXfklZWZYJaQIEcWCQIS7BbXNi53f9b
H2DzRZvD6/6paomaJGrWczkEKo/MueGYorfWMP1DXY3rMh13gumpviPqW9DP9iA6
+EY1bj+RzJyJ76R6h+bTzNUI2OQVgL1SdZVQUifPeqSjwm0FR5AHroQaYDn3rKiO
gM1Y0Bc6mDLBkfOR5AfxDoc65l9xTcUOmmVMJRTEQhwn5djMPljqJL7KPeZq78Hh
xjGwRJvRze2cFhSNY27J8+0lazmIIwNuCQ9OGDPh9QYBD5blx0o1DyMjdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCEJ0FSyaKfJ7yaaAaxBl6WnZMFrMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvSVFuUVZMSm9wOG52SnBvQnJFR1hwYWRrd1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBBZCwMAwD
BAIFkLQDBAAFkLYwDQYJKoZIhvcNAQELBQADggEBAGmjZZqK9HpQfMm7kqspEs8g
+tpcpr9r9WAtjefTEozj11mcIav2aBmaTvLc9kXlcKWTWY7W7eW82byXXMtj0N/l
hd0g3Wl6TZH63FmIDqp3eSWInNCi35dFGTn0BOIFCSBIMVfhlP5X4l+UdH9YX0Kc
4S4L54CJkRmjp9AoFJXIIIG+tiPGARh4wf8Yb4m4lKCHHM1J1gPmVbwbz7wRt3RS
kB2/QG5b467mbxPlAGXBm/sNNFEAIGgqdlLpApVLjiY/2hfXtu/SMGk754s41NGw
H16zqk/TmhYMwB2uRHlgZBm7oVtZ3FvNRV7upvDn3MEmtBoDRvHZZ/nrXQbucTI=
-----END CERTIFICATE-----
Generated at Fri Oct 6 23:30:52 2023 by rpki-client on console-fra.rpki-client.org