Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/aO7XSHLNxRiA8CUjAXJjdksXxzE.roa
File: aO7XSHLNxRiA8CUjAXJjdksXxzE.roa (raw, json)
Hash identifier: VOA68Js6b/xX0LgkkG2cehPS5c2a1LP7o4D41aiouKk=
Subject key identifier: 68:EE:D7:48:72:CD:C5:18:80:F0:25:23:01:72:63:76:4B:17:C7:31
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018F35B5C8591B63A75AE0E2CB0E8E8AFEE2
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/aO7XSHLNxRiA8CUjAXJjdksXxzE.roa
Signing time: Wed 01 May 2024 19:50:56 +0000
ROA not before: Wed 01 May 2024 19:50:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215567
IP address blocks: 5.178.107.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 08:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:b5:c8:59:1b:63:a7:5a:e0:e2:cb:0e:8e:8a:fe:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: May 1 19:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68eed74872cdc51880f02523017263764b17c731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:cb:76:6e:f1:82:d1:b5:d3:bc:41:f3:04:
29:a4:cc:d7:ca:e4:76:c9:a7:9e:b2:b5:ed:8e:eb:
56:38:86:ca:18:39:c4:4d:bb:0a:f9:a1:84:ae:21:
0e:c6:d9:76:4e:bc:c4:7d:f4:b0:c6:9b:83:79:e2:
ac:57:dc:b8:a8:57:7a:ce:e9:37:d6:aa:bc:5a:e5:
b1:1b:ca:4a:ff:dd:28:63:2a:7e:e5:cb:18:ef:0f:
aa:8d:e8:06:23:b1:19:9b:a1:cb:0f:2f:95:67:c4:
ff:70:ef:d7:22:7a:d6:96:58:0f:d6:30:cb:ed:77:
4e:c2:1e:b1:20:f1:ea:6c:93:20:80:21:8d:e3:f3:
63:35:7b:bd:ed:76:31:c1:19:de:97:79:26:38:eb:
99:73:31:3e:5c:68:63:0f:fd:0d:bf:3a:e6:aa:c8:
6a:a1:b1:30:13:02:e3:a5:89:c3:89:ea:a2:76:a7:
ac:fa:49:8f:91:71:a2:02:50:be:a3:53:58:92:8f:
3d:03:16:fc:93:c3:c5:00:24:d3:61:59:86:c0:41:
06:bb:fc:1b:2c:77:43:92:83:07:74:39:ed:ab:a6:
52:7c:c6:17:50:4f:2d:d4:3f:44:cc:9c:ec:2e:eb:
f9:1c:ff:78:b1:fd:74:7b:54:ee:6c:80:4b:19:3e:
cb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EE:D7:48:72:CD:C5:18:80:F0:25:23:01:72:63:76:4B:17:C7:31
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/aO7XSHLNxRiA8CUjAXJjdksXxzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.107.0/24
5.178.109.0/24
Signature Algorithm: sha256WithRSAEncryption
67:66:41:07:74:2a:55:e2:40:71:a2:8f:6b:fb:b7:08:16:fa:
e0:7a:a2:6b:26:8e:c1:79:56:bf:6a:08:c6:0b:98:8c:d6:3f:
f5:a6:a9:56:ef:b4:35:de:ae:2c:1b:75:3f:e4:32:01:0f:e5:
64:75:40:4f:69:e6:42:d8:a4:0a:98:56:64:57:6f:71:d9:b7:
bb:98:36:7c:6a:4a:4e:4d:1d:05:73:42:5e:28:d3:92:23:af:
4d:46:ad:1b:ce:64:7d:9f:39:36:a6:b0:ee:8b:8b:b1:ae:c1:
86:01:e5:3e:3f:8d:03:14:41:b9:27:a2:6d:ca:b1:be:ee:64:
f7:c6:7f:98:0f:94:62:42:5a:67:2b:86:c2:81:81:0b:1a:36:
fd:26:36:06:3e:5c:3f:62:4f:6c:16:30:39:26:06:f8:ea:f2:
f2:fc:b6:cb:0b:e8:00:e4:c4:f6:e1:b5:d5:73:2f:dd:96:e8:
e6:3c:4e:76:23:96:18:84:a7:e7:fc:49:3e:52:7f:28:99:42:
da:0d:8d:a8:ce:0b:7b:4e:6a:25:23:d1:c9:77:40:ee:a4:c1:
81:6a:c1:67:88:e7:f6:c4:0a:2d:44:8f:13:44:f7:2d:8a:10:
14:ee:64:b6:32:83:a1:25:14:e9:25:af:4d:91:9a:fe:a5:d2:
69:45:d7:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY81tchZG2OnWuDiyw6Oiv7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwNTAxMTk1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVlZDc0ODcyY2RjNTE4ODBmMDI1MjMwMTcyNjM3NjRiMTdjNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3fLdm7xgtG107xB8wQppMzXyuR2
yaeesrXtjutWOIbKGDnETbsK+aGEriEOxtl2TrzEffSwxpuDeeKsV9y4qFd6zuk3
1qq8WuWxG8pK/90oYyp+5csY7w+qjegGI7EZm6HLDy+VZ8T/cO/XInrWllgP1jDL
7XdOwh6xIPHqbJMggCGN4/NjNXu97XYxwRnel3kmOOuZczE+XGhjD/0Nvzrmqshq
obEwEwLjpYnDieqidqes+kmPkXGiAlC+o1NYko89Axb8k8PFACTTYVmGwEEGu/wb
LHdDkoMHdDntq6ZSfMYXUE8t1D9EzJzsLuv5HP94sf10e1TubIBLGT7LaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGju10hyzcUYgPAlIwFyY3ZLF8cxMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvYU83WFNITE54UmlBOENVakFYSmpka3NYeHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbJrAwQA
BbJtMA0GCSqGSIb3DQEBCwUAA4IBAQBnZkEHdCpV4kBxoo9r+7cIFvrgeqJrJo7B
eVa/agjGC5iM1j/1pqlW77Q13q4sG3U/5DIBD+VkdUBPaeZC2KQKmFZkV29x2be7
mDZ8akpOTR0Fc0JeKNOSI69NRq0bzmR9nzk2prDui4uxrsGGAeU+P40DFEG5J6Jt
yrG+7mT3xn+YD5RiQlpnK4bCgYELGjb9JjYGPlw/Yk9sFjA5Jgb46vLy/LbLC+gA
5MT24bXVcy/dlujmPE52I5YYhKfn/Ek+Un8omULaDY2ozgt7TmolI9HJd0DupMGB
asFniOf2xAotRI8TRPctihAU7mS2MoOhJRTpJa9NkZr+pdJpRdfP
-----END CERTIFICATE-----
Generated at Thu May 2 10:53:10 2024 by rpki-client on console-fra.rpki-client.org