Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Y0MFMnWlDgNdFsmSovywjHbzvVs.roa
File: Y0MFMnWlDgNdFsmSovywjHbzvVs.roa (raw, json)
Hash identifier: hrw8p6DD5N3zCG4LfwG8fGy/peblFKzdhqS205fUgRY=
Subject key identifier: 63:43:05:32:75:A5:0E:03:5D:16:C9:92:A2:FC:B0:8C:76:F3:BD:5B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4E02E8E7DC6A879F9B09C86DA2702
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Y0MFMnWlDgNdFsmSovywjHbzvVs.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 271812
IP address blocks: 181.41.152.0/24 maxlen: 24
181.41.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 09:51:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:e0:2e:8e:7d:c6:a8:79:f9:b0:9c:86:da:27:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6343053275a50e035d16c992a2fcb08c76f3bd5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4a:76:ed:8c:72:c8:65:a2:f2:27:3b:76:fa:
ad:95:1a:ed:fc:06:b0:dd:70:63:3d:36:31:8a:56:
6a:92:aa:60:fe:e5:c8:6c:78:ef:9a:4a:5a:4a:4c:
b4:aa:12:03:45:a6:56:86:ec:88:6b:ac:c3:10:de:
a3:e9:cf:7c:84:b9:c1:67:d8:94:de:cd:6c:85:6d:
d0:e7:9e:48:ea:89:62:5b:a2:52:d9:41:7f:25:17:
b5:e7:10:87:4c:34:23:c4:80:ac:03:76:47:42:97:
0c:48:99:bc:64:ab:0f:05:f5:e1:bb:f0:80:3b:9e:
9e:04:43:76:0d:f0:b2:3b:aa:0c:33:44:8b:b1:c7:
2e:8f:53:cd:30:ad:d7:cb:e7:93:c2:8f:3e:a5:bf:
56:8a:61:5e:51:ec:3d:27:21:ae:37:27:f5:f0:f2:
61:72:f1:64:98:7d:bd:9b:d5:01:83:03:a0:45:ac:
fb:73:19:5d:b2:c1:b0:04:64:3d:5b:28:c3:39:ce:
ac:9f:5c:be:09:67:b7:c6:30:a6:e9:3e:b7:06:31:
ee:d8:eb:76:68:83:92:89:59:ba:dd:78:40:9b:4a:
d5:36:d8:79:c6:2b:6a:12:26:a1:8d:7c:ca:14:ce:
6d:a9:d3:f7:1b:0b:5b:f6:17:c7:51:a8:3f:f3:e0:
72:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:43:05:32:75:A5:0E:03:5D:16:C9:92:A2:FC:B0:8C:76:F3:BD:5B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Y0MFMnWlDgNdFsmSovywjHbzvVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.152.0/23
Signature Algorithm: sha256WithRSAEncryption
55:4a:27:62:8b:a7:34:96:7d:ac:6c:2a:69:3c:18:a2:ef:3d:
45:25:2e:49:ba:c3:55:c5:57:18:f9:88:83:1b:b5:b4:82:7e:
c2:a7:91:18:c5:77:8f:f8:8e:20:b8:39:2c:5e:14:5c:f3:78:
31:36:98:74:48:b8:13:61:42:61:2b:8f:2a:6d:c8:2e:be:42:
c3:1f:b0:fd:0a:e6:d5:69:27:c1:be:a1:19:2f:81:fb:51:4a:
8a:bb:45:7f:6e:c8:8d:5b:52:db:54:d4:38:64:1a:b0:bc:a1:
81:57:36:dc:f2:4f:cd:08:7b:20:13:89:1f:bc:6e:03:fe:dc:
1a:7b:cd:d8:eb:a3:d4:e4:85:02:ba:25:6e:cb:85:1a:51:b2:
67:67:e8:02:a8:eb:f9:a4:8e:a1:37:9e:3e:f9:f9:c9:95:d4:
61:03:49:1a:80:01:69:ed:52:aa:c4:af:6f:65:62:17:aa:35:
b3:59:f2:2a:28:0c:61:03:aa:ac:9d:8c:56:3e:6d:24:af:ae:
b3:81:d8:5d:99:fd:58:b7:53:28:d1:5e:cc:46:d3:c1:76:49:
15:82:47:91:88:7b:4f:5f:1e:7c:a5:f8:79:fa:5a:30:e2:11:
91:f9:f6:d4:aa:df:55:18:4e:a4:80:d9:2a:81:2c:4d:8d:6c:
bb:4b:2b:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1OAujn3GqHn5sJyG2icCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQzMDUzMjc1YTUwZTAzNWQxNmM5OTJhMmZjYjA4Yzc2ZjNiZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUp27YxyyGWi8ic7dvqtlRrt/Aaw
3XBjPTYxilZqkqpg/uXIbHjvmkpaSky0qhIDRaZWhuyIa6zDEN6j6c98hLnBZ9iU
3s1shW3Q555I6oliW6JS2UF/JRe15xCHTDQjxICsA3ZHQpcMSJm8ZKsPBfXhu/CA
O56eBEN2DfCyO6oMM0SLsccuj1PNMK3Xy+eTwo8+pb9WimFeUew9JyGuNyf18PJh
cvFkmH29m9UBgwOgRaz7cxldssGwBGQ9WyjDOc6sn1y+CWe3xjCm6T63BjHu2Ot2
aIOSiVm63XhAm0rVNth5xitqEiahjXzKFM5tqdP3Gwtb9hfHUag/8+ByFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNDBTJ1pQ4DXRbJkqL8sIx2871bMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvWTBNRk1uV2xEZ05kRnNtU292eXdqSGJ6dlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBtSmYMA0G
CSqGSIb3DQEBCwUAA4IBAQBVSidii6c0ln2sbCppPBii7z1FJS5JusNVxVcY+YiD
G7W0gn7Cp5EYxXeP+I4guDksXhRc83gxNph0SLgTYUJhK48qbcguvkLDH7D9CubV
aSfBvqEZL4H7UUqKu0V/bsiNW1LbVNQ4ZBqwvKGBVzbc8k/NCHsgE4kfvG4D/twa
e83Y66PU5IUCuiVuy4UaUbJnZ+gCqOv5pI6hN54++fnJldRhA0kagAFp7VKqxK9v
ZWIXqjWzWfIqKAxhA6qsnYxWPm0kr66zgdhdmf1Yt1Mo0V7MRtPBdkkVgkeRiHtP
Xx58pfh5+low4hGR+fbUqt9VGE6kgNkqgSxNjWy7SytC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org