Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Xbs9bjABuGY3OTFFyOkeCqnNCKQ.roa
File: Xbs9bjABuGY3OTFFyOkeCqnNCKQ.roa (raw, json)
Hash identifier: KRR5YQsr4pLMJwNfjVqz+Rz+ZTKvRI4wjnisK8c/KtE=
Subject key identifier: 5D:BB:3D:6E:30:01:B8:66:37:39:31:45:C8:E9:1E:0A:A9:CD:08:A4
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018DFC4D6A72EBE8DD4658B69328132259C4
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Xbs9bjABuGY3OTFFyOkeCqnNCKQ.roa
Signing time: Fri 01 Mar 2024 23:15:48 +0000
ROA not before: Fri 01 Mar 2024 23:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 5.178.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 21:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fc:4d:6a:72:eb:e8:dd:46:58:b6:93:28:13:22:59:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 1 23:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dbb3d6e3001b86637393145c8e91e0aa9cd08a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:70:69:48:34:bf:1a:bc:20:89:95:e8:a8:30:
af:f7:fe:28:d3:a1:9c:96:4a:d6:a5:43:3e:06:44:
9c:a6:a3:ea:de:59:78:d4:4b:fd:cc:32:1f:1a:13:
3b:f6:10:e6:f2:ae:88:65:f7:46:8e:6d:2f:73:e4:
cd:04:71:44:e1:b1:04:b3:5e:e6:82:05:56:99:f5:
dd:b9:9a:bb:fe:97:04:d0:47:c5:b3:70:53:40:84:
a9:2d:ec:0a:9f:c6:40:6c:dd:8b:d0:d1:6c:04:0f:
b4:e6:fc:3f:e2:07:86:0b:47:eb:98:29:99:7f:e8:
ad:c2:60:c7:ce:b6:dc:da:30:18:50:cb:33:60:ff:
06:ca:1b:f6:d6:d7:6a:f6:84:02:49:67:fc:3b:85:
7b:f9:e8:56:93:e1:43:f9:1c:c0:6c:a8:11:5d:83:
e9:56:41:19:da:b2:fb:ef:f2:0a:0d:8e:0e:39:d2:
20:27:5a:fd:e5:9b:43:f2:ea:95:60:89:4a:9c:01:
26:e5:59:84:0a:eb:81:85:ea:32:c8:c8:e9:bc:87:
a8:ae:b9:17:01:7b:67:45:eb:33:5d:eb:94:43:53:
ca:72:fa:c3:d8:a7:d0:06:2b:53:30:95:0f:a0:c3:
a0:ae:7b:e4:4f:2a:b3:78:2b:79:31:f6:c6:4a:90:
01:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BB:3D:6E:30:01:B8:66:37:39:31:45:C8:E9:1E:0A:A9:CD:08:A4
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Xbs9bjABuGY3OTFFyOkeCqnNCKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.108.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c7:5b:43:b3:7e:88:d1:99:58:fd:49:fc:80:e6:14:a0:f9:
5a:91:af:0b:f8:bb:2a:3f:69:9d:4c:52:bb:59:f9:1e:90:52:
2c:8e:37:6d:d5:10:f5:64:cf:26:12:92:1c:82:a4:9d:58:4e:
cc:9a:c9:ed:5b:4d:c8:65:c6:cf:27:88:35:8e:8b:7a:ef:b9:
04:ae:b3:f8:7d:17:73:e7:49:7b:e8:68:a8:c7:f4:d4:b5:21:
47:51:6b:54:67:83:22:37:22:26:3b:2a:65:e1:8d:f4:4d:cb:
15:b3:97:94:c0:3e:c3:93:f6:8c:59:ce:f9:7b:c1:46:ca:33:
9d:c5:6f:52:b7:b6:62:80:42:a8:db:a0:a1:77:9f:79:14:5a:
f4:e0:8f:53:ca:92:57:ea:1f:7b:bf:37:c2:a8:6e:f6:6a:e3:
3f:fa:2f:1b:f5:d2:bc:63:72:7c:a1:15:17:8c:eb:e5:44:83:
d1:35:19:83:57:a5:dd:3e:95:59:22:c4:15:bc:dd:f5:35:67:
96:82:aa:4b:c2:a3:ae:75:93:52:39:9d:52:7b:a8:a9:27:7c:
69:b7:96:3b:16:60:28:17:16:fa:69:25:5b:42:b5:fd:4b:41:
13:d4:fd:05:0e:55:54:c3:5d:0a:4f:de:b2:c2:ad:ab:c4:d0:
ae:a4:9f:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY38TWpy6+jdRli2kygTIlnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzAxMjMxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJiM2Q2ZTMwMDFiODY2MzczOTMxNDVjOGU5MWUwYWE5Y2QwOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXBpSDS/GrwgiZXoqDCv9/4o06Gc
lkrWpUM+BkScpqPq3ll41Ev9zDIfGhM79hDm8q6IZfdGjm0vc+TNBHFE4bEEs17m
ggVWmfXduZq7/pcE0EfFs3BTQISpLewKn8ZAbN2L0NFsBA+05vw/4geGC0frmCmZ
f+itwmDHzrbc2jAYUMszYP8Gyhv21tdq9oQCSWf8O4V7+ehWk+FD+RzAbKgRXYPp
VkEZ2rL77/IKDY4OOdIgJ1r95ZtD8uqVYIlKnAEm5VmECuuBheoyyMjpvIeorrkX
AXtnReszXeuUQ1PKcvrD2KfQBitTMJUPoMOgrnvkTyqzeCt5MfbGSpABqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF27PW4wAbhmNzkxRcjpHgqpzQikMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvWGJzOWJqQUJ1R1kzT1RGRnlPa2VDcW5OQ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJsMA0G
CSqGSIb3DQEBCwUAA4IBAQBFx1tDs36I0ZlY/Un8gOYUoPlaka8L+LsqP2mdTFK7
WfkekFIsjjdt1RD1ZM8mEpIcgqSdWE7MmsntW03IZcbPJ4g1jot677kErrP4fRdz
50l76Giox/TUtSFHUWtUZ4MiNyImOypl4Y30TcsVs5eUwD7Dk/aMWc75e8FGyjOd
xW9St7ZigEKo26Chd595FFr04I9TypJX6h97vzfCqG72auM/+i8b9dK8Y3J8oRUX
jOvlRIPRNRmDV6XdPpVZIsQVvN31NWeWgqpLwqOudZNSOZ1Se6ipJ3xpt5Y7FmAo
Fxb6aSVbQrX9S0ET1P0FDlVUw10KT96ywq2rxNCupJ8T
-----END CERTIFICATE-----
Generated at Tue Mar 5 01:43:33 2024 by rpki-client on console-fra.rpki-client.org