Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/ru5NNdi0MDCOJ5rUBNRwvptFhBk.roa
File: ru5NNdi0MDCOJ5rUBNRwvptFhBk.roa (raw, json)
Hash identifier: DAqDNH+NXsUWdePzZGcbr4nJwPVoW4SZIy9m4Qzk6Sc=
Subject key identifier: AE:EE:4D:35:D8:B4:30:30:8E:27:9A:D4:04:D4:70:BE:9B:45:84:19
Certificate issuer: /CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Certificate serial: 018BF28590C225EABDD133DFB8F66A5980A7
Authority key identifier: 25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/ru5NNdi0MDCOJ5rUBNRwvptFhBk.roa
Signing time: Tue 21 Nov 2023 15:35:21 +0000
ROA not before: Tue 21 Nov 2023 15:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 5.158.80.0/21 maxlen: 24
185.178.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:85:90:c2:25:ea:bd:d1:33:df:b8:f6:6a:59:80:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Validity
Not Before: Nov 21 15:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aeee4d35d8b430308e279ad404d470be9b458419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:98:82:c0:2e:02:cf:43:fc:ba:a2:47:26:34:
cf:29:83:8b:4d:f1:39:00:f2:0b:33:43:8b:07:a8:
00:92:7b:42:de:13:6d:60:ee:81:8f:c0:7e:1a:e9:
d9:78:9c:d5:aa:17:23:32:31:05:df:a8:60:7a:10:
d3:90:68:57:72:a7:be:57:1a:a5:24:cf:9a:81:46:
c5:93:a0:cb:c0:9e:11:39:f3:cb:60:f6:fe:c4:35:
17:2a:ce:d7:71:2a:0a:fc:45:bf:46:e1:30:9b:e7:
bd:8b:99:ce:1d:4d:74:ac:5e:45:05:b5:fd:49:1c:
e8:fe:04:ad:cc:9a:88:85:5f:91:8e:ac:e4:4e:e6:
dd:89:8f:3f:0e:32:cd:18:f1:0c:81:e7:11:54:6a:
6e:0d:e7:b7:fe:12:cc:fc:ac:8f:4d:ec:31:4e:68:
c8:44:1a:22:63:35:5c:cb:db:5d:f5:9e:40:70:9c:
72:7d:27:c7:83:2c:e3:79:ff:23:93:c9:34:96:d6:
2d:44:4a:1a:8c:e9:b3:b9:6d:01:3d:7e:70:ff:d9:
f7:2b:40:33:d3:8c:80:78:f8:01:f2:16:32:db:f9:
f8:b6:9a:01:bf:f4:91:89:45:43:ed:a4:4c:6c:10:
88:19:0f:a5:7e:b6:e1:03:b6:fd:d1:a9:5b:33:78:
02:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EE:4D:35:D8:B4:30:30:8E:27:9A:D4:04:D4:70:BE:9B:45:84:19
X509v3 Authority Key Identifier:
keyid:25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/ru5NNdi0MDCOJ5rUBNRwvptFhBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.80.0/21
185.178.170.0/24
Signature Algorithm: sha256WithRSAEncryption
38:07:22:e2:e6:99:01:77:cc:ef:9c:87:a0:67:83:ee:36:22:
86:9e:24:8b:db:d8:c9:76:af:f5:bb:71:44:3c:9d:30:97:e7:
c4:c3:e1:79:16:f1:bd:73:99:52:5a:da:62:27:7d:3d:11:df:
3c:ec:c5:ec:b5:29:23:8a:3b:03:d6:fc:85:d1:70:62:89:23:
7e:64:5d:2e:12:c1:c7:91:dc:de:a4:84:d9:fd:45:ca:eb:bd:
52:ca:05:5f:9e:49:3e:90:84:44:53:7f:43:95:cd:9f:d0:91:
71:70:ac:22:03:b5:ce:30:c1:2c:61:28:62:81:2a:db:ab:b6:
e1:c3:27:0b:9c:ee:e5:dd:b8:e4:c0:a8:9b:b9:b2:bc:09:6d:
f6:d8:66:28:74:a4:a2:7c:35:f8:3f:32:d1:ec:cc:d1:5a:1a:
ac:fd:5b:2e:79:cf:de:5b:5b:f9:95:71:ae:e5:76:b9:6f:5b:
8f:b5:dd:55:64:8d:21:83:2d:c4:de:07:29:d6:b1:02:82:74:
d8:cd:43:5a:a3:9d:07:46:38:e8:58:ef:69:7a:2e:9e:91:cf:
f1:4b:75:35:96:f6:e4:af:47:a1:18:40:b6:8e:aa:3d:7f:1a:
0b:47:36:b2:88:85:d8:1b:64:42:16:ee:8e:cd:5e:29:22:56:
ea:03:5e:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvyhZDCJeq90TPfuPZqWYCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YWU1NTFhZjBiYjVkNzk3N2VhNzNmNjg5NmYyNWYxZWNh
MjhmOWQwHhcNMjMxMTIxMTUzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWVlNGQzNWQ4YjQzMDMwOGUyNzlhZDQwNGQ0NzBiZTliNDU4NDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85iCwC4Cz0P8uqJHJjTPKYOLTfE5
APILM0OLB6gAkntC3hNtYO6Bj8B+GunZeJzVqhcjMjEF36hgehDTkGhXcqe+Vxql
JM+agUbFk6DLwJ4ROfPLYPb+xDUXKs7XcSoK/EW/RuEwm+e9i5nOHU10rF5FBbX9
SRzo/gStzJqIhV+RjqzkTubdiY8/DjLNGPEMgecRVGpuDee3/hLM/KyPTewxTmjI
RBoiYzVcy9td9Z5AcJxyfSfHgyzjef8jk8k0ltYtREoajOmzuW0BPX5w/9n3K0Az
04yAePgB8hYy2/n4tpoBv/SRiUVD7aRMbBCIGQ+lfrbhA7b90albM3gCnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK7uTTXYtDAwjiea1ATUcL6bRYQZMB8GA1UdIwQY
MBaAFCWuVRrwu115d+pz9olvJfHsoo+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjkt
MjE0MmY4ZmI2NzZlLzEvcnU1Tk5kaTBNRENPSjVyVUJOUnd2cHRGaEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjktMjE0MmY4ZmI2NzZl
LzEvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBZ5QAwQA
ubKqMA0GCSqGSIb3DQEBCwUAA4IBAQA4ByLi5pkBd8zvnIegZ4PuNiKGniSL29jJ
dq/1u3FEPJ0wl+fEw+F5FvG9c5lSWtpiJ309Ed887MXstSkjijsD1vyF0XBiiSN+
ZF0uEsHHkdzepITZ/UXK671SygVfnkk+kIREU39Dlc2f0JFxcKwiA7XOMMEsYShi
gSrbq7bhwycLnO7l3bjkwKibubK8CW322GYodKSifDX4PzLR7MzRWhqs/Vsuec/e
W1v5lXGu5Xa5b1uPtd1VZI0hgy3E3gcp1rECgnTYzUNao50HRjjoWO9pei6ekc/x
S3U1lvbkr0ehGEC2jqo9fxoLRzayiIXYG2RCFu6OzV4pIlbqA15l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:39 2024 by rpki-client on console-ams.rpki-client.org