Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/o3_AxbCsLwH5XcpZpzKXtfVKlhc.roa
File: o3_AxbCsLwH5XcpZpzKXtfVKlhc.roa (raw, json)
Hash identifier: wnpVOgqfsKeooJPkSzfLNMgxzob/C4RlP77XMcd6X6Q=
Subject key identifier: A3:7F:C0:C5:B0:AC:2F:01:F9:5D:CA:59:A7:32:97:B5:F5:4A:96:17
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018CFEADEEB94110450A0E4830DB9C4BEB63
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/o3_AxbCsLwH5XcpZpzKXtfVKlhc.roa
Signing time: Fri 12 Jan 2024 17:17:40 +0000
ROA not before: Fri 12 Jan 2024 17:17:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 5.178.101.0/24 maxlen: 24
5.178.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 20:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:ad:ee:b9:41:10:45:0a:0e:48:30:db:9c:4b:eb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 12 17:17:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a37fc0c5b0ac2f01f95dca59a73297b5f54a9617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:46:8a:44:be:fc:a2:96:2f:47:5d:1b:4f:6f:
6e:f3:d7:c9:e9:20:4b:95:dc:c2:e0:a0:00:dc:ed:
76:c3:9d:b8:3b:4f:4c:bd:8e:c2:7b:a0:f2:a6:49:
40:30:aa:6f:9f:f3:15:b0:56:3f:db:43:24:35:39:
2a:e4:22:56:bc:ec:eb:8e:cf:f9:bc:53:4c:5c:79:
5f:ff:b8:cd:e0:f9:bc:89:bf:91:01:74:da:d7:e0:
61:77:9e:da:6b:ea:63:dc:a8:b0:26:7e:ad:17:99:
da:56:e5:f1:a1:f3:1a:e9:c9:5f:06:6e:9d:26:a9:
a9:c7:ef:aa:b2:10:d6:c9:38:ea:83:da:9d:00:ec:
3b:c8:06:12:60:d3:cc:b1:7c:4f:3e:8a:86:7c:55:
65:ac:b6:57:8b:4d:99:b4:99:78:d4:bc:b8:cd:2f:
a2:08:ad:d1:6e:86:97:e9:13:36:1e:79:11:91:9a:
71:a9:1b:c1:2b:3d:f4:d1:4d:20:6c:f8:4a:ca:b3:
d4:f9:cb:9f:27:67:57:78:92:05:13:ff:f0:7f:53:
e3:6a:60:0c:55:87:35:e5:9f:68:2d:d8:0d:7a:07:
a1:af:c5:3d:9d:d4:89:74:26:36:26:90:56:9a:ce:
77:6e:52:63:8a:72:7e:40:30:53:e5:35:9d:b1:2a:
e5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7F:C0:C5:B0:AC:2F:01:F9:5D:CA:59:A7:32:97:B5:F5:4A:96:17
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/o3_AxbCsLwH5XcpZpzKXtfVKlhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.101.0/24
5.178.107.0/24
Signature Algorithm: sha256WithRSAEncryption
52:2c:34:26:9d:24:36:4b:c3:c3:6a:00:83:6a:63:37:01:f5:
5f:2d:fc:86:81:56:41:2b:ec:7e:13:23:64:d3:96:4e:24:81:
59:cf:c0:5b:14:cf:3d:c5:90:7f:b6:94:b2:2c:95:a0:2a:04:
95:ce:2a:6e:8e:71:86:75:b9:31:97:ba:0b:23:41:f9:23:e1:
28:e3:36:30:cd:5f:e2:3d:5c:4f:b4:40:17:f1:45:1d:ec:92:
79:a5:75:2b:e0:2c:9c:f7:c8:e7:6a:1d:f5:cb:1e:02:cf:4e:
ec:4f:99:94:a2:2e:24:13:13:9c:f2:d7:77:0d:0b:62:69:70:
b3:5d:46:5f:43:2a:51:31:38:2d:17:2b:8c:62:b4:c0:d9:11:
09:3e:37:68:45:1c:fd:57:64:26:6b:b3:9d:2e:76:ac:9c:54:
08:26:91:c8:62:97:7b:48:24:e3:52:22:a8:ee:92:50:7e:0a:
a7:87:15:61:5d:e1:87:3c:25:4a:f0:79:07:5b:42:e0:0c:a9:
b7:6e:37:be:2e:62:b5:e1:cf:fa:6e:89:78:d0:c3:fb:aa:67:
18:02:c6:dd:c6:01:9b:00:d4:a2:41:9c:8f:16:2f:64:3e:08:
0e:9f:2a:1d:4d:52:88:8a:6d:4c:da:e8:3f:8c:56:96:e6:91:
fd:0b:a1:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz+re65QRBFCg5IMNucS+tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTEyMTcxNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdmYzBjNWIwYWMyZjAxZjk1ZGNhNTlhNzMyOTdiNWY1NGE5NjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskaKRL78opYvR10bT29u89fJ6SBL
ldzC4KAA3O12w524O09MvY7Ce6DypklAMKpvn/MVsFY/20MkNTkq5CJWvOzrjs/5
vFNMXHlf/7jN4Pm8ib+RAXTa1+Bhd57aa+pj3KiwJn6tF5naVuXxofMa6clfBm6d
Jqmpx++qshDWyTjqg9qdAOw7yAYSYNPMsXxPPoqGfFVlrLZXi02ZtJl41Ly4zS+i
CK3RboaX6RM2HnkRkZpxqRvBKz300U0gbPhKyrPU+cufJ2dXeJIFE//wf1PjamAM
VYc15Z9oLdgNegehr8U9ndSJdCY2JpBWms53blJjinJ+QDBT5TWdsSrlfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKN/wMWwrC8B+V3KWacyl7X1SpYXMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbzNfQXhiQ3NMd0g1WGNwWnB6S1h0ZlZLbGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbJlAwQA
BbJrMA0GCSqGSIb3DQEBCwUAA4IBAQBSLDQmnSQ2S8PDagCDamM3AfVfLfyGgVZB
K+x+EyNk05ZOJIFZz8BbFM89xZB/tpSyLJWgKgSVzipujnGGdbkxl7oLI0H5I+Eo
4zYwzV/iPVxPtEAX8UUd7JJ5pXUr4Cyc98jnah31yx4Cz07sT5mUoi4kExOc8td3
DQtiaXCzXUZfQypRMTgtFyuMYrTA2REJPjdoRRz9V2Qma7OdLnasnFQIJpHIYpd7
SCTjUiKo7pJQfgqnhxVhXeGHPCVK8HkHW0LgDKm3bje+LmK14c/6bol40MP7qmcY
AsbdxgGbANSiQZyPFi9kPggOnyodTVKIim1M2ug/jFaW5pH9C6HR
-----END CERTIFICATE-----
Generated at Mon Feb 26 22:58:35 2024 by rpki-client on console-fra.rpki-client.org