Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/k2Vf-FYzyn_toDYWyVm_3q4kRKc.roa
File: k2Vf-FYzyn_toDYWyVm_3q4kRKc.roa (raw, json)
Hash identifier: gBhSLNKCJByNSWFkIUmcKyNFG4p7XbQpgx5MYUgdkBw=
Subject key identifier: 93:65:5F:F8:56:33:CA:7F:ED:A0:36:16:C9:59:BF:DE:AE:24:44:A7
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018945AD48BBAFF13887BEF7AB7E1B8BAA3A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/k2Vf-FYzyn_toDYWyVm_3q4kRKc.roa
Signing time: Tue 11 Jul 2023 15:58:51 +0000
ROA not before: Tue 11 Jul 2023 15:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 270026
IP address blocks: 141.136.56.0/23 maxlen: 23
141.136.57.0/24 maxlen: 24
141.136.56.0/24 maxlen: 24
181.41.152.0/24 maxlen: 24
181.41.155.0/24 maxlen: 24
181.41.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:45:ad:48:bb:af:f1:38:87:be:f7:ab:7e:1b:8b:aa:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 11 15:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93655ff85633ca7feda03616c959bfdeae2444a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:84:08:ce:bc:30:56:ba:07:a4:8d:08:12:aa:
8a:62:9b:00:db:40:b4:f6:bf:ad:7e:73:fb:34:8f:
db:c0:0d:49:cd:d3:bf:14:c4:d2:b2:27:af:de:9d:
9e:0b:a3:3d:3d:35:26:66:74:c6:62:86:45:81:49:
ff:b8:0e:47:ed:93:ec:16:59:0c:ee:38:78:6a:ce:
c7:83:48:50:c6:f9:95:43:97:85:e9:3e:d4:86:6e:
cd:d8:2a:53:7d:65:a4:b8:b3:07:dc:d1:04:7e:32:
5d:e7:53:e5:75:98:4b:e5:52:23:04:36:95:65:80:
4b:f7:71:9a:49:ca:75:d4:22:59:eb:af:a4:12:d8:
86:69:62:26:41:62:0f:f9:cc:e0:e8:ad:3d:30:73:
40:14:c5:33:1a:80:20:e9:ed:fd:e5:73:45:01:c9:
e6:0e:50:db:dd:d2:3f:09:17:88:bc:dc:f6:26:b0:
ea:ae:fe:9a:03:0a:24:fe:e4:38:99:dd:34:6f:c2:
50:36:da:eb:d6:14:28:9f:b2:0c:19:cd:5b:41:76:
ae:3b:64:0c:68:69:a5:46:56:72:62:9b:7c:c2:4e:
20:fb:ad:4e:d5:53:ef:97:b5:8b:63:1c:b4:d9:2b:
d3:73:75:24:10:98:c4:1b:ac:f3:4a:30:b4:f1:c2:
f1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:65:5F:F8:56:33:CA:7F:ED:A0:36:16:C9:59:BF:DE:AE:24:44:A7
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/k2Vf-FYzyn_toDYWyVm_3q4kRKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.56.0/23
181.41.152.0/23
181.41.155.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:70:e9:84:ae:0f:42:84:78:52:7f:e5:e5:f8:c5:4a:16:97:
9e:b4:be:8c:01:ea:6b:c7:66:89:e7:4e:eb:f9:42:cf:63:e8:
c6:2e:59:6b:14:33:11:a1:77:aa:5e:84:36:82:0b:55:06:e3:
91:28:ca:5b:05:9b:36:ef:a5:92:be:a2:80:dc:d2:11:ce:59:
f5:fe:a5:d7:25:5c:b9:9e:95:de:e8:de:44:4f:2c:a3:ec:30:
bc:0b:8e:9e:6e:97:34:19:41:ba:d8:f9:0b:58:70:1e:cd:05:
06:2f:cb:77:70:40:15:a8:c2:40:09:0e:88:f5:61:a5:8d:4f:
9c:df:65:d6:59:be:3b:c5:7c:e4:5f:5b:99:b1:39:63:e1:2e:
1c:57:4d:0c:14:5b:ae:f3:cf:cc:28:1c:c4:d2:72:ac:69:5a:
38:8e:9a:fa:b2:aa:6b:73:ab:da:e4:cf:b8:61:c9:bd:74:30:
98:b0:dd:d1:ce:45:86:45:40:37:fb:01:aa:77:66:67:68:d0:
ef:37:57:85:79:c7:10:3d:6e:0c:e6:b1:37:f6:95:be:15:a7:
f1:78:5b:38:95:0d:48:8b:ff:36:5b:a6:b8:1f:24:c6:34:09:
2c:86:4c:78:14:8a:7b:97:12:11:1e:fc:57:dc:e3:50:1d:b4:
6d:09:45:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlFrUi7r/E4h773q34bi6o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNzExMTU1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY1NWZmODU2MzNjYTdmZWRhMDM2MTZjOTU5YmZkZWFlMjQ0NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44QIzrwwVroHpI0IEqqKYpsA20C0
9r+tfnP7NI/bwA1JzdO/FMTSsiev3p2eC6M9PTUmZnTGYoZFgUn/uA5H7ZPsFlkM
7jh4as7Hg0hQxvmVQ5eF6T7Uhm7N2CpTfWWkuLMH3NEEfjJd51PldZhL5VIjBDaV
ZYBL93GaScp11CJZ66+kEtiGaWImQWIP+czg6K09MHNAFMUzGoAg6e395XNFAcnm
DlDb3dI/CReIvNz2JrDqrv6aAwok/uQ4md00b8JQNtrr1hQon7IMGc1bQXauO2QM
aGmlRlZyYpt8wk4g+61O1VPvl7WLYxy02SvTc3UkEJjEG6zzSjC08cLxcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJNlX/hWM8p/7aA2FslZv96uJESnMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvazJWZi1GWXp5bl90b0RZV3lWbV8zcTRrUktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBjYg4AwQB
tSmYAwQAtSmbMA0GCSqGSIb3DQEBCwUAA4IBAQArcOmErg9ChHhSf+Xl+MVKFpee
tL6MAeprx2aJ507r+ULPY+jGLllrFDMRoXeqXoQ2ggtVBuORKMpbBZs276WSvqKA
3NIRzln1/qXXJVy5npXe6N5ETyyj7DC8C46ebpc0GUG62PkLWHAezQUGL8t3cEAV
qMJACQ6I9WGljU+c32XWWb47xXzkX1uZsTlj4S4cV00MFFuu88/MKBzE0nKsaVo4
jpr6sqprc6va5M+4Ycm9dDCYsN3RzkWGRUA3+wGqd2ZnaNDvN1eFeccQPW4M5rE3
9pW+FafxeFs4lQ1Ii/82W6a4HyTGNAkshkx4FIp7lxIRHvxX3ONQHbRtCUVD
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:09 2024 by rpki-client on console-ams.rpki-client.org