Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/can9ItNv6sLYUWTIp1P1cx6sYQg.roa
File: can9ItNv6sLYUWTIp1P1cx6sYQg.roa (raw, json)
Hash identifier: qRdQj6h24It/seF7Yqj3e5hIaTX0rABGAJ9XN5XtoOY=
Subject key identifier: 71:A9:FD:22:D3:6F:EA:C2:D8:51:64:C8:A7:53:F5:73:1E:AC:61:08
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018837DB15A058D7CE6EFDBD9B38E9232ED2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/can9ItNv6sLYUWTIp1P1cx6sYQg.roa
Signing time: Sat 20 May 2023 06:31:24 +0000
ROA not before: Sat 20 May 2023 06:31:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.145.0/24 maxlen: 24
181.41.144.0/24 maxlen: 24
181.41.150.0/24 maxlen: 24
181.41.151.0/24 maxlen: 24
181.41.149.0/24 maxlen: 24
181.41.147.0/24 maxlen: 24
181.41.148.0/24 maxlen: 24
181.41.146.0/24 maxlen: 24
181.41.156.0/22 maxlen: 22
189.28.64.0/24 maxlen: 24
189.28.64.0/19 maxlen: 19
189.28.71.0/24 maxlen: 24
189.28.69.0/24 maxlen: 24
189.28.70.0/24 maxlen: 24
189.28.67.0/24 maxlen: 24
189.28.68.0/24 maxlen: 24
189.28.66.0/24 maxlen: 24
189.28.65.0/24 maxlen: 24
189.28.78.0/24 maxlen: 24
189.28.76.0/24 maxlen: 24
189.28.77.0/24 maxlen: 24
189.28.74.0/24 maxlen: 24
189.28.75.0/24 maxlen: 24
189.28.73.0/24 maxlen: 24
189.28.72.0/24 maxlen: 24
189.28.83.0/24 maxlen: 24
189.28.84.0/24 maxlen: 24
189.28.81.0/24 maxlen: 24
189.28.82.0/24 maxlen: 24
189.28.80.0/24 maxlen: 24
189.28.79.0/24 maxlen: 24
189.28.85.0/24 maxlen: 24
189.28.90.0/24 maxlen: 24
189.28.91.0/24 maxlen: 24
189.28.88.0/24 maxlen: 24
189.28.89.0/24 maxlen: 24
189.28.86.0/24 maxlen: 24
189.28.87.0/24 maxlen: 24
189.28.95.0/24 maxlen: 24
189.28.93.0/24 maxlen: 24
189.28.94.0/24 maxlen: 24
189.28.92.0/24 maxlen: 24
203.88.96.0/22 maxlen: 22
203.88.97.0/24 maxlen: 24
203.88.98.0/24 maxlen: 24
203.88.96.0/24 maxlen: 24
203.88.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Aug 2023 19:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:db:15:a0:58:d7:ce:6e:fd:bd:9b:38:e9:23:2e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 20 06:31:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a9fd22d36feac2d85164c8a753f5731eac6108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:52:6c:47:90:95:29:23:97:c0:48:08:b3:31:
90:02:5f:b6:fa:20:85:8e:20:0a:a6:cc:2d:40:e9:
fe:b7:a6:c5:eb:a6:6c:47:e6:05:50:53:45:d9:7c:
a8:27:e1:21:6a:73:3f:e6:45:44:a0:9d:20:28:a8:
72:72:a2:8e:46:de:f4:4c:dc:86:eb:7e:06:39:a4:
ce:a1:97:74:00:63:df:62:3c:63:4d:d9:51:e7:9a:
97:06:e0:28:21:c2:1d:b6:3a:6b:7c:44:c6:a6:83:
86:d1:09:b0:40:b7:10:39:48:cd:3e:4e:b7:52:fe:
bf:69:a7:2d:d6:85:53:36:e5:dc:e6:ae:97:5f:65:
d5:1c:20:eb:ee:bd:5a:14:07:09:2f:ce:1e:58:68:
3c:ee:2b:6d:d3:ef:68:b1:0c:fc:8f:10:a6:fd:e5:
53:1c:23:51:f6:c2:d5:4a:8d:52:e0:bc:6d:6f:1a:
4d:67:4f:2b:24:0a:ef:e2:23:86:2c:ea:23:da:7c:
7e:09:ea:c8:95:70:78:22:80:e9:a3:96:69:20:72:
4a:d7:bc:f7:7f:58:67:88:01:93:30:f7:39:ca:82:
c3:e5:d8:a3:99:1e:97:18:08:c2:18:c6:da:c8:cb:
e9:d0:7d:00:5c:8d:71:5b:4b:1a:85:ee:5d:7e:94:
ce:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A9:FD:22:D3:6F:EA:C2:D8:51:64:C8:A7:53:F5:73:1E:AC:61:08
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/can9ItNv6sLYUWTIp1P1cx6sYQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
189.28.64.0/19
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:4b:04:d9:5d:47:0c:9d:f4:5a:9a:e8:73:12:46:34:b7:6f:
ce:15:5a:98:40:9b:ba:ab:8c:12:cd:4a:eb:8d:b4:dd:7a:91:
f3:1c:fb:aa:e8:ad:a9:5a:a8:15:7a:ac:d0:be:51:5f:1e:69:
7e:34:50:04:b0:f6:a2:eb:86:83:94:ad:5b:d6:a0:72:74:27:
9f:b1:77:9f:dd:02:bd:65:18:34:57:75:6b:fb:f3:2e:a3:2a:
e9:62:6b:fe:5c:4f:13:80:e8:51:ca:81:fd:44:91:f8:16:aa:
52:d3:45:e4:c0:6e:5b:8b:a0:5d:fa:82:9a:d8:9b:7f:c3:d3:
27:d5:f1:19:3a:b8:0c:f1:25:ff:5b:31:41:64:3e:72:bc:25:
b4:92:c7:ea:a3:28:58:2a:d0:c8:1f:2b:69:39:75:13:09:e8:
7c:fb:5a:3d:e8:46:34:f7:5e:cd:d1:f0:43:44:be:dd:9a:8a:
8e:f1:2f:25:95:f5:08:6f:5d:cd:b3:4b:15:d3:a1:0d:aa:d9:
a2:11:dc:c3:7a:d9:d6:e6:a9:33:2b:a2:7f:db:52:3b:a4:26:
77:4a:5d:4a:b5:a1:8c:eb:89:5f:27:cc:0f:2c:bd:29:2f:96:
42:c5:ff:cb:a9:c1:db:77:9a:31:36:21:d4:f3:10:d4:5a:c3:
e6:0a:45:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYg32xWgWNfObv29mzjpIy7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNTIwMDYzMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE5ZmQyMmQzNmZlYWMyZDg1MTY0YzhhNzUzZjU3MzFlYWM2MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VJsR5CVKSOXwEgIszGQAl+2+iCF
jiAKpswtQOn+t6bF66ZsR+YFUFNF2XyoJ+EhanM/5kVEoJ0gKKhycqKORt70TNyG
634GOaTOoZd0AGPfYjxjTdlR55qXBuAoIcIdtjprfETGpoOG0QmwQLcQOUjNPk63
Uv6/aact1oVTNuXc5q6XX2XVHCDr7r1aFAcJL84eWGg87itt0+9osQz8jxCm/eVT
HCNR9sLVSo1S4LxtbxpNZ08rJArv4iOGLOoj2nx+CerIlXB4IoDpo5ZpIHJK17z3
f1hniAGTMPc5yoLD5dijmR6XGAjCGMbayMvp0H0AXI1xW0sahe5dfpTOKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHGp/SLTb+rC2FFkyKdT9XMerGEIMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvY2FuOUl0TnY2c0xZVVdUSXAxUDFjeDZzWVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQC7SwTZXUcMnfRamuhz
EkY0t2/OFVqYQJu6q4wSzUrrjbTdepHzHPuq6K2pWqgVeqzQvlFfHml+NFAEsPai
64aDlK1b1qBydCefsXef3QK9ZRg0V3Vr+/MuoyrpYmv+XE8TgOhRyoH9RJH4FqpS
00XkwG5bi6Bd+oKa2Jt/w9Mn1fEZOrgM8SX/WzFBZD5yvCW0ksfqoyhYKtDIHytp
OXUTCeh8+1o96EY0917N0fBDRL7dmoqO8S8llfUIb13Ns0sV06ENqtmiEdzDetnW
5qkzK6J/21I7pCZ3Sl1KtaGM64lfJ8wPLL0pL5ZCxf/LqcHbd5oxNiHU8xDUWsPm
CkVc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org