Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oqccuivQLxEiHt89l0GJXyRPcVQ.roa
File: oqccuivQLxEiHt89l0GJXyRPcVQ.roa (raw, json)
Hash identifier: EHs098vGexS00D77tNwH+5l8//vK7rjriEYwuycWPqE=
Subject key identifier: A2:A7:1C:BA:2B:D0:2F:11:22:1E:DF:3D:97:41:89:5F:24:4F:71:54
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7AA7BAD6B27122981F61FCBD3FDA3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oqccuivQLxEiHt89l0GJXyRPcVQ.roa
Signing time: Mon 02 Jan 2023 08:44:51 +0000
ROA not before: Mon 02 Jan 2023 08:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202469
IP address blocks: 5.180.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:aa:7b:ad:6b:27:12:29:81:f6:1f:cb:d3:fd:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a71cba2bd02f11221edf3d9741895f244f7154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9b:ac:9f:7f:b7:16:32:6f:ff:6a:cc:86:be:
2d:3a:96:e2:e1:53:4e:71:94:68:17:e6:09:2d:ff:
8d:0a:7f:59:6c:11:57:49:a8:57:86:6e:74:34:d2:
bc:2a:59:e0:eb:ea:e7:87:fd:e1:c3:18:56:73:36:
93:67:98:be:2f:f0:ce:cf:48:de:99:68:3f:9c:6e:
43:21:ec:ef:99:fc:12:16:cf:9c:ba:4f:e2:7d:6d:
ec:4b:f9:32:c6:b0:76:9c:ea:7b:c9:bc:44:96:5c:
26:be:cf:c5:12:f2:ea:ff:56:e2:2f:64:72:ec:a5:
53:dc:f2:62:eb:e6:cc:1e:f4:e8:9f:30:ad:57:bd:
22:a9:eb:0e:0c:c3:a1:4c:c8:96:61:2f:c8:0d:9c:
db:da:6c:fe:e7:2f:2d:d5:80:ce:f4:0d:6f:63:06:
3e:a5:4c:b8:7d:e8:72:71:fa:24:87:42:03:87:5f:
99:19:6e:a5:f9:0d:a9:1b:ce:25:eb:76:1a:36:29:
c8:9f:df:c9:13:12:f4:f0:50:88:1f:c1:8d:6b:89:
81:15:be:2a:89:ba:82:fd:cd:8b:a8:39:74:ab:c9:
13:18:3a:f1:6a:86:9d:ab:56:5a:00:e3:d1:7c:85:
bd:24:2c:02:c7:17:79:36:52:9c:ed:6f:be:65:17:
a4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A7:1C:BA:2B:D0:2F:11:22:1E:DF:3D:97:41:89:5F:24:4F:71:54
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/oqccuivQLxEiHt89l0GJXyRPcVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ff:fb:0e:58:d7:79:1b:75:3a:34:c2:8b:f2:30:2a:b3:49:
72:2a:86:97:7f:e7:8e:4f:77:e6:06:43:4b:f0:1d:57:4a:50:
ef:34:b4:75:a7:92:48:e2:98:ff:5c:63:4e:42:bb:9e:a1:5f:
23:7f:e3:29:04:cd:1a:b7:75:86:ab:56:32:e1:9c:dc:1e:97:
e2:5d:05:cf:09:19:bf:58:dc:e9:92:dd:aa:22:20:a7:29:b2:
21:3e:82:7d:5a:bf:ac:90:95:e0:4e:e7:88:c5:23:bf:54:cd:
0b:fe:b7:43:3b:2f:0a:cd:58:b3:10:f2:a1:8d:f6:85:a7:70:
00:12:fd:09:2c:50:51:22:23:95:55:98:d2:85:ec:16:e5:fc:
09:22:98:48:2e:1a:5e:c9:d2:a9:25:32:b9:b8:21:bd:04:4e:
05:d6:71:ca:e2:fc:14:c7:24:62:37:98:87:cd:0e:bc:f2:5e:
0c:af:99:0f:bb:ca:3c:47:f8:36:f4:0a:91:17:c8:8c:64:0f:
ad:85:9f:9d:41:14:33:cf:85:7d:83:de:3f:19:f5:ba:da:17:
60:85:a5:32:66:c8:63:f7:4a:f8:0a:58:bd:2c:92:83:db:90:
5a:a1:c2:80:69:36:2c:4c:f2:9d:91:0d:82:5d:e2:39:5a:93:
10:27:f8:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp6p7rWsnEimB9h/L0/2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE3MWNiYTJiZDAyZjExMjIxZWRmM2Q5NzQxODk1ZjI0NGY3MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5usn3+3FjJv/2rMhr4tOpbi4VNO
cZRoF+YJLf+NCn9ZbBFXSahXhm50NNK8Klng6+rnh/3hwxhWczaTZ5i+L/DOz0je
mWg/nG5DIezvmfwSFs+cuk/ifW3sS/kyxrB2nOp7ybxEllwmvs/FEvLq/1biL2Ry
7KVT3PJi6+bMHvTonzCtV70iqesODMOhTMiWYS/IDZzb2mz+5y8t1YDO9A1vYwY+
pUy4fehycfokh0IDh1+ZGW6l+Q2pG84l63YaNinIn9/JExL08FCIH8GNa4mBFb4q
ibqC/c2LqDl0q8kTGDrxaoadq1ZaAOPRfIW9JCwCxxd5NlKc7W++ZRekOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKnHLor0C8RIh7fPZdBiV8kT3FUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvb3FjY3VpdlFMeEVpSHQ4OWwwR0pYeVJQY1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbQEMA0G
CSqGSIb3DQEBCwUAA4IBAQAl//sOWNd5G3U6NMKL8jAqs0lyKoaXf+eOT3fmBkNL
8B1XSlDvNLR1p5JI4pj/XGNOQrueoV8jf+MpBM0at3WGq1Yy4ZzcHpfiXQXPCRm/
WNzpkt2qIiCnKbIhPoJ9Wr+skJXgTueIxSO/VM0L/rdDOy8KzVizEPKhjfaFp3AA
Ev0JLFBRIiOVVZjShewW5fwJIphILhpeydKpJTK5uCG9BE4F1nHK4vwUxyRiN5iH
zQ688l4Mr5kPu8o8R/g29AqRF8iMZA+thZ+dQRQzz4V9g94/GfW62hdghaUyZshj
90r4Cli9LJKD25BaocKAaTYsTPKdkQ2CXeI5WpMQJ/hj
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org