Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/X-IaqRcB9LKhOzvh0MXCCR7Np1U.roa
File: X-IaqRcB9LKhOzvh0MXCCR7Np1U.roa (raw, json)
Hash identifier: gk8emll5wxp/xaqmk5Ydrl2e+sdzakgLPFVmQasMfFE=
Subject key identifier: 5F:E2:1A:A9:17:01:F4:B2:A1:3B:3B:E1:D0:C5:C2:09:1E:CD:A7:55
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018BA8BF1277BBE19228840D4BB7A7691CE0
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/X-IaqRcB9LKhOzvh0MXCCR7Np1U.roa
Signing time: Tue 07 Nov 2023 07:46:16 +0000
ROA not before: Tue 07 Nov 2023 07:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 5.144.176.0/24 maxlen: 24
5.144.178.0/24 maxlen: 24
5.144.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:bf:12:77:bb:e1:92:28:84:0d:4b:b7:a7:69:1c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 7 07:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe21aa91701f4b2a13b3be1d0c5c2091ecda755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6a:7a:ee:6b:7f:e1:ba:46:df:d5:3b:9b:4d:
c3:44:fe:d3:02:ff:63:12:f8:ec:ac:da:bb:94:8d:
19:0d:44:5e:0e:b4:5f:00:10:cb:cf:d6:61:80:f3:
03:87:a1:ec:d6:65:bb:db:4a:16:c4:d7:9e:e0:dd:
a6:ae:04:30:f1:38:00:61:db:fb:b4:14:b5:76:39:
29:62:1f:33:e9:cc:81:c4:f8:5c:c9:cb:50:bd:28:
3f:55:5a:7c:1b:70:a6:0d:9f:f8:59:8a:d3:51:a2:
85:99:42:34:52:0c:83:68:ab:7a:2e:c3:a9:22:38:
a2:f5:b7:96:31:01:b7:8b:8f:80:8e:89:5f:3e:11:
73:d1:25:24:df:22:49:c6:de:0c:71:17:d4:da:6b:
cc:a9:8c:9b:c9:7b:91:74:44:89:54:95:4e:9e:f3:
bc:9e:d3:94:5b:40:a6:35:4c:1d:a8:41:e0:d2:b6:
0f:af:c1:a1:c6:d7:84:ef:0a:2a:1e:1f:40:cc:c7:
7a:85:0e:a7:a1:94:77:a0:92:6b:bd:72:b7:ff:b0:
80:d2:c3:42:dd:ea:38:7b:ca:12:84:08:45:bd:1a:
4a:7a:40:ea:51:63:b3:76:e5:8d:dd:1f:cd:72:11:
9f:55:2e:a6:2d:26:51:3f:57:55:3b:f1:12:59:6f:
43:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E2:1A:A9:17:01:F4:B2:A1:3B:3B:E1:D0:C5:C2:09:1E:CD:A7:55
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/X-IaqRcB9LKhOzvh0MXCCR7Np1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.176.0/24
5.144.178.0/24
5.144.180.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:98:15:04:8c:4a:ea:a5:c6:aa:54:e5:07:45:c3:4b:a3:7e:
0d:97:cb:ef:69:f9:4f:1d:d0:5a:b2:4a:32:a2:9b:bf:93:3f:
b3:6d:09:01:d7:f6:1a:67:6e:22:2b:7e:1a:c1:2b:61:90:0d:
4d:36:8c:e0:c1:b2:24:9b:9a:9f:c4:7f:07:ed:0e:95:95:72:
ec:c8:48:1e:b0:83:c4:c7:a8:23:f1:93:ca:7e:5f:d0:78:3a:
23:5c:a6:1f:e4:f5:60:fd:bc:71:b2:9e:80:64:15:2b:ae:74:
96:71:ad:cd:8a:dd:c7:35:06:30:7c:8b:57:31:0e:98:a7:19:
b9:fa:5e:8b:78:99:b8:c1:83:23:13:f0:a5:b7:e7:a6:4a:28:
43:b8:f8:c0:9f:77:1f:5d:af:5d:c0:73:05:c7:ce:32:5a:6b:
bf:a2:98:e9:27:b1:4c:90:99:c1:b4:03:ef:41:8d:08:e7:ac:
e2:ca:b1:a7:fc:57:fe:2b:a1:aa:85:0a:48:64:13:48:66:de:
4b:f7:85:f3:36:3f:29:bf:47:6d:36:c0:5f:45:54:fa:88:b9:
f7:19:6a:46:f3:04:c4:ac:5a:ce:6b:e1:4a:6c:14:ea:52:04:
ad:16:82:1a:f3:f3:b2:d5:91:2c:4d:ff:47:fd:bf:bc:67:53:
6c:b3:52:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuovxJ3u+GSKIQNS7enaRzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMTA3MDc0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmUyMWFhOTE3MDFmNGIyYTEzYjNiZTFkMGM1YzIwOTFlY2RhNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWp67mt/4bpG39U7m03DRP7TAv9j
EvjsrNq7lI0ZDUReDrRfABDLz9ZhgPMDh6Hs1mW720oWxNee4N2mrgQw8TgAYdv7
tBS1djkpYh8z6cyBxPhcyctQvSg/VVp8G3CmDZ/4WYrTUaKFmUI0UgyDaKt6LsOp
Ijii9beWMQG3i4+AjolfPhFz0SUk3yJJxt4McRfU2mvMqYybyXuRdESJVJVOnvO8
ntOUW0CmNUwdqEHg0rYPr8GhxteE7woqHh9AzMd6hQ6noZR3oJJrvXK3/7CA0sNC
3eo4e8oShAhFvRpKekDqUWOzduWN3R/NchGfVS6mLSZRP1dVO/ESWW9DoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF/iGqkXAfSyoTs74dDFwgkezadVMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvWC1JYXFSY0I5TEtoT3p2aDBNWENDUjdOcDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCwAwQA
BZCyAwQABZC0MA0GCSqGSIb3DQEBCwUAA4IBAQCymBUEjErqpcaqVOUHRcNLo34N
l8vvaflPHdBaskoyopu/kz+zbQkB1/YaZ24iK34awSthkA1NNozgwbIkm5qfxH8H
7Q6VlXLsyEgesIPEx6gj8ZPKfl/QeDojXKYf5PVg/bxxsp6AZBUrrnSWca3Nit3H
NQYwfItXMQ6Ypxm5+l6LeJm4wYMjE/Clt+emSihDuPjAn3cfXa9dwHMFx84yWmu/
opjpJ7FMkJnBtAPvQY0I56ziyrGn/Ff+K6GqhQpIZBNIZt5L94XzNj8pv0dtNsBf
RVT6iLn3GWpG8wTErFrOa+FKbBTqUgStFoIa8/Oy1ZEsTf9H/b+8Z1Nss1KU
-----END CERTIFICATE-----
Generated at Thu Nov 9 17:24:29 2023 by rpki-client on console-fra.rpki-client.org