Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/j8XtPUDUUG1V2COIl5y8UhJuaeY.roa
File: j8XtPUDUUG1V2COIl5y8UhJuaeY.roa (raw, json)
Hash identifier: HkdlivdLUfkVo5VnGM7ijH4AVSIxXbVMajrWcVxqmU0=
Subject key identifier: 8F:C5:ED:3D:40:D4:50:6D:55:D8:23:88:97:9C:BC:52:12:6E:69:E6
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018AC255CC1881B4C8A67CB462F53D8E70CC
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/j8XtPUDUUG1V2COIl5y8UhJuaeY.roa
Signing time: Sat 23 Sep 2023 13:58:37 +0000
ROA not before: Sat 23 Sep 2023 13:58:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.145.0/24 maxlen: 24
181.41.144.0/24 maxlen: 24
181.41.150.0/24 maxlen: 24
181.41.151.0/24 maxlen: 24
181.41.149.0/24 maxlen: 24
181.41.147.0/24 maxlen: 24
181.41.148.0/24 maxlen: 24
181.41.146.0/24 maxlen: 24
181.41.159.0/24 maxlen: 24
181.41.157.0/24 maxlen: 24
181.41.158.0/24 maxlen: 24
181.41.156.0/24 maxlen: 24
181.41.158.0/23 maxlen: 23
181.41.156.0/23 maxlen: 23
181.41.156.0/22 maxlen: 22
189.28.64.0/24 maxlen: 24
189.28.64.0/20 maxlen: 20
189.28.64.0/19 maxlen: 19
189.28.64.0/22 maxlen: 22
189.28.64.0/21 maxlen: 21
189.28.64.0/23 maxlen: 23
189.28.68.0/24 maxlen: 24
189.28.70.0/24 maxlen: 24
189.28.71.0/24 maxlen: 24
189.28.69.0/24 maxlen: 24
189.28.67.0/24 maxlen: 24
189.28.66.0/23 maxlen: 23
189.28.66.0/24 maxlen: 24
189.28.65.0/24 maxlen: 24
189.28.68.0/22 maxlen: 22
189.28.68.0/23 maxlen: 23
189.28.70.0/23 maxlen: 23
189.28.75.0/24 maxlen: 24
189.28.77.0/24 maxlen: 24
189.28.78.0/24 maxlen: 24
189.28.76.0/24 maxlen: 24
189.28.74.0/24 maxlen: 24
189.28.74.0/23 maxlen: 23
189.28.73.0/24 maxlen: 24
189.28.72.0/24 maxlen: 24
189.28.72.0/22 maxlen: 22
189.28.72.0/23 maxlen: 23
189.28.72.0/21 maxlen: 21
189.28.78.0/23 maxlen: 23
189.28.76.0/23 maxlen: 23
189.28.76.0/22 maxlen: 22
189.28.81.0/24 maxlen: 24
189.28.83.0/24 maxlen: 24
189.28.84.0/24 maxlen: 24
189.28.82.0/24 maxlen: 24
189.28.80.0/24 maxlen: 24
189.28.80.0/23 maxlen: 23
189.28.80.0/22 maxlen: 22
189.28.80.0/21 maxlen: 21
189.28.80.0/20 maxlen: 20
189.28.79.0/24 maxlen: 24
189.28.84.0/23 maxlen: 23
189.28.85.0/24 maxlen: 24
189.28.84.0/22 maxlen: 22
189.28.82.0/23 maxlen: 23
189.28.88.0/22 maxlen: 22
189.28.90.0/23 maxlen: 23
189.28.88.0/21 maxlen: 21
189.28.88.0/23 maxlen: 23
189.28.86.0/23 maxlen: 23
189.28.87.0/24 maxlen: 24
189.28.86.0/24 maxlen: 24
189.28.90.0/24 maxlen: 24
189.28.91.0/24 maxlen: 24
189.28.88.0/24 maxlen: 24
189.28.89.0/24 maxlen: 24
189.28.92.0/22 maxlen: 22
189.28.94.0/23 maxlen: 23
189.28.92.0/23 maxlen: 23
189.28.95.0/24 maxlen: 24
189.28.93.0/24 maxlen: 24
189.28.94.0/24 maxlen: 24
189.28.92.0/24 maxlen: 24
203.88.98.0/23 maxlen: 23
203.88.96.0/23 maxlen: 23
203.88.96.0/22 maxlen: 22
203.88.97.0/24 maxlen: 24
203.88.98.0/24 maxlen: 24
203.88.96.0/24 maxlen: 24
203.88.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 19:10:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c2:55:cc:18:81:b4:c8:a6:7c:b4:62:f5:3d:8e:70:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 23 13:58:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fc5ed3d40d4506d55d82388979cbc52126e69e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:00:f9:20:e8:77:ae:17:c6:36:db:1d:a0:e6:
30:14:2a:34:12:58:f6:2b:e7:61:9a:87:ed:0a:bd:
b1:44:03:69:27:2c:c4:ec:10:68:7a:7c:5c:e6:26:
25:b2:45:94:f7:61:ad:8f:4c:42:2d:91:f9:63:c6:
5d:f0:64:af:a2:20:aa:87:14:df:86:e3:24:58:8b:
da:39:3e:ac:73:48:a2:78:7f:16:21:a5:e9:00:f3:
65:2d:8d:da:94:fd:dc:3b:67:aa:b4:a4:ff:e1:e5:
25:c2:80:89:45:a6:cc:8b:39:61:fa:ee:ba:b4:9c:
c0:56:5b:df:0b:4f:1c:80:60:38:65:a4:5e:35:3a:
27:21:2f:e9:c5:a4:84:43:6c:d4:92:fd:e0:78:cf:
9b:37:e0:e2:52:fd:24:4b:4f:cd:74:59:12:85:f7:
a8:49:59:e3:9d:52:3a:72:7a:fd:15:0e:bc:ee:14:
8a:b6:a7:95:0f:56:ae:f6:f4:15:59:ff:ff:df:ad:
34:ac:fa:53:fb:10:a7:53:68:d1:bf:2c:ea:c6:1c:
6b:ef:9f:63:0b:9c:83:eb:de:1f:ef:56:ce:95:8b:
48:76:b3:6b:87:d0:d7:42:b3:1c:2d:6c:88:13:89:
ac:47:cb:63:94:23:35:91:1b:56:ce:c0:21:74:d7:
cd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C5:ED:3D:40:D4:50:6D:55:D8:23:88:97:9C:BC:52:12:6E:69:E6
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/j8XtPUDUUG1V2COIl5y8UhJuaeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
189.28.64.0/19
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
97:5d:a8:22:bc:20:45:a7:63:3e:87:48:6c:e5:dc:06:f4:6c:
c7:28:18:85:58:48:bb:ec:8b:e6:ae:6c:55:c3:7e:f6:96:59:
80:d6:90:69:f2:b3:8f:57:ad:e7:1e:a2:7e:e4:e5:b7:80:c5:
d9:a0:91:8c:4e:ea:e5:61:2f:ed:75:0e:f5:da:bb:ec:5b:2e:
94:53:35:e7:11:d5:fc:1f:fb:4e:1a:e2:87:38:59:20:a1:17:
a2:c9:1a:24:4f:c5:8d:de:4e:04:52:7a:bf:a0:56:90:c3:40:
39:7f:2b:8e:ef:d2:c3:66:d3:24:fc:03:b2:82:07:5d:e8:8e:
32:6a:e1:75:00:3c:ec:53:ad:04:68:5a:cc:5b:74:f5:6e:23:
cb:d7:58:2c:64:00:ee:4d:54:5a:e8:04:a2:fe:63:59:2d:25:
ff:75:59:27:1f:12:09:73:29:90:50:d0:a1:26:db:37:ea:b5:
0b:9a:e4:00:d2:04:f1:6d:13:ed:09:fb:5d:79:85:1c:0c:53:
23:09:d3:c4:e9:5e:3a:b1:ff:ff:48:5e:d2:96:98:c6:b9:2b:
3e:a0:d7:aa:96:3d:22:27:03:88:a6:f0:ab:79:0a:d0:82:29:
03:e3:cc:b3:f8:54:81:41:49:07:67:b5:30:79:4e:b5:8e:cd:
16:93:ec:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrCVcwYgbTIpny0YvU9jnDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwOTIzMTM1ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM1ZWQzZDQwZDQ1MDZkNTVkODIzODg5NzljYmM1MjEyNmU2OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgD5IOh3rhfGNtsdoOYwFCo0Elj2
K+dhmoftCr2xRANpJyzE7BBoenxc5iYlskWU92Gtj0xCLZH5Y8Zd8GSvoiCqhxTf
huMkWIvaOT6sc0iieH8WIaXpAPNlLY3alP3cO2eqtKT/4eUlwoCJRabMizlh+u66
tJzAVlvfC08cgGA4ZaReNTonIS/pxaSEQ2zUkv3geM+bN+DiUv0kS0/NdFkShfeo
SVnjnVI6cnr9FQ687hSKtqeVD1au9vQVWf//3600rPpT+xCnU2jRvyzqxhxr759j
C5yD694f71bOlYtIdrNrh9DXQrMcLWyIE4msR8tjlCM1kRtWzsAhdNfN7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI/F7T1A1FBtVdgjiJecvFISbmnmMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvajhYdFBVRFVVRzFWMkNPSWw1eThVaEp1YWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQCXXagivCBFp2M+h0hs
5dwG9GzHKBiFWEi77IvmrmxVw372llmA1pBp8rOPV63nHqJ+5OW3gMXZoJGMTurl
YS/tdQ712rvsWy6UUzXnEdX8H/tOGuKHOFkgoReiyRokT8WN3k4EUnq/oFaQw0A5
fyuO79LDZtMk/AOyggdd6I4yauF1ADzsU60EaFrMW3T1biPL11gsZADuTVRa6ASi
/mNZLSX/dVknHxIJcymQUNChJts36rULmuQA0gTxbRPtCftdeYUcDFMjCdPE6V46
sf//SF7SlpjGuSs+oNeqlj0iJwOIpvCreQrQgikD48yz+FSBQUkHZ7UweU61js0W
k+z7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org