Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tHXFDWzEkWfk4NaK19w7U_viQbM.roa
File: tHXFDWzEkWfk4NaK19w7U_viQbM.roa (raw, json)
Hash identifier: Vew1stN4ig1+ClQ1Z15FYd5pTfYwXWvDKv2ZsuTjqmc=
Subject key identifier: B4:75:C5:0D:6C:C4:91:67:E4:E0:D6:8A:D7:DC:3B:53:FB:E2:41:B3
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0186037DE72CEBA0B1B495119626DCC7EE93
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tHXFDWzEkWfk4NaK19w7U_viQbM.roa
Signing time: Mon 30 Jan 2023 16:23:48 +0000
ROA not before: Mon 30 Jan 2023 16:23:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.147.0/24 maxlen: 24
181.41.156.0/22 maxlen: 22
203.88.96.0/22 maxlen: 22
203.88.97.0/24 maxlen: 24
203.88.98.0/24 maxlen: 24
203.88.96.0/24 maxlen: 24
203.88.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:7d:e7:2c:eb:a0:b1:b4:95:11:96:26:dc:c7:ee:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 30 16:23:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b475c50d6cc49167e4e0d68ad7dc3b53fbe241b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:3c:95:40:7f:85:da:3a:99:52:56:75:37:
a5:7b:2f:37:b8:9c:5b:eb:89:c0:9c:69:66:b5:a3:
78:82:81:67:2d:cb:92:f0:33:d7:6d:d8:56:8c:b5:
79:1a:1c:d2:97:c6:91:03:1d:13:83:4b:92:53:6c:
74:fd:90:58:3e:f6:fd:b5:27:d5:c2:2d:1c:01:65:
75:37:a4:d4:0c:c2:bd:af:79:d3:91:8d:fe:ed:b5:
21:bc:32:ec:58:84:2d:ab:b9:e5:95:d6:16:6b:f5:
99:ab:f7:c6:a5:fe:9c:64:a3:14:62:55:49:4c:47:
35:96:68:f6:6f:e3:61:d4:3a:56:2b:73:64:b7:9c:
01:c6:fb:05:7e:c4:67:27:40:f4:33:dc:37:8c:b6:
b3:f4:53:a6:0c:55:23:ab:39:9e:e3:e2:65:15:bf:
b3:57:50:81:5d:62:4b:e9:03:1f:c1:fa:89:42:d8:
17:b5:69:eb:71:03:8f:a4:ef:7a:6b:a3:ef:a1:87:
80:d6:67:79:5f:46:1e:77:cf:2f:75:9e:1d:22:31:
7f:56:0e:df:9c:77:b2:95:30:b6:82:c3:18:81:f7:
53:82:62:9a:f7:ab:2e:fd:a7:9c:f2:91:66:97:fd:
e1:de:c8:f1:52:b1:4f:a5:86:bc:c0:3d:73:ef:84:
1a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:75:C5:0D:6C:C4:91:67:E4:E0:D6:8A:D7:DC:3B:53:FB:E2:41:B3
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tHXFDWzEkWfk4NaK19w7U_viQbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:a9:92:1d:9e:ff:66:64:1c:9c:c3:69:0e:c3:60:f1:02:3b:
91:6b:14:ea:9a:e6:b2:7a:d5:95:c9:7d:57:73:96:46:d1:fa:
a9:d5:d1:1b:14:75:fd:bb:68:fc:01:08:70:18:0c:79:83:00:
5a:c2:a2:75:6f:85:98:9a:4e:09:12:9b:3e:c4:09:fa:9a:79:
ff:03:86:4f:c3:eb:db:0a:df:f5:bf:8f:60:82:5d:ad:2a:e3:
5e:c1:6a:7e:3c:a5:fc:c7:53:38:ec:0a:21:b8:f7:b1:ce:e9:
35:80:6c:1e:c8:85:dc:97:2b:fb:b0:15:e0:2e:df:4f:d7:1b:
92:85:86:b0:0c:aa:14:18:a1:03:78:36:26:00:6c:d0:d7:fb:
4a:46:8e:2b:5b:50:da:8f:d8:5d:10:1b:53:88:12:c3:16:9f:
8e:4a:cc:fb:65:c0:67:d6:7b:3a:aa:c4:3c:0d:0f:41:ae:2f:
f7:0c:6f:6a:9f:9d:9a:0b:dc:59:06:60:32:4b:fa:f9:18:1a:
21:42:12:58:fe:ac:ed:dd:ae:54:d6:c6:d1:8e:98:96:6b:a2:
a9:18:9f:65:44:dc:f2:3b:96:2b:a9:56:72:eb:8b:91:11:9a:
4e:70:f9:2b:fa:67:6c:9e:0f:cf:17:5c:09:ba:f3:94:35:6f:
3b:b2:73:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYDfecs66CxtJURlibcx+6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTMwMTYyMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc1YzUwZDZjYzQ5MTY3ZTRlMGQ2OGFkN2RjM2I1M2ZiZTI0MWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsQ8lUB/hdo6mVJWdTeley83uJxb
64nAnGlmtaN4goFnLcuS8DPXbdhWjLV5GhzSl8aRAx0Tg0uSU2x0/ZBYPvb9tSfV
wi0cAWV1N6TUDMK9r3nTkY3+7bUhvDLsWIQtq7nlldYWa/WZq/fGpf6cZKMUYlVJ
TEc1lmj2b+Nh1DpWK3Nkt5wBxvsFfsRnJ0D0M9w3jLaz9FOmDFUjqzme4+JlFb+z
V1CBXWJL6QMfwfqJQtgXtWnrcQOPpO96a6PvoYeA1md5X0Yed88vdZ4dIjF/Vg7f
nHeylTC2gsMYgfdTgmKa96su/aec8pFml/3h3sjxUrFPpYa8wD1z74QaiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLR1xQ1sxJFn5ODWitfcO1P74kGzMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvdEhYRkRXekVrV2ZrNE5hSzE5dzdVX3ZpUWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDtSmQAwQC
tSmcAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQCOqZIdnv9mZBycw2kOw2DxAjuR
axTqmuayetWVyX1Xc5ZG0fqp1dEbFHX9u2j8AQhwGAx5gwBawqJ1b4WYmk4JEps+
xAn6mnn/A4ZPw+vbCt/1v49ggl2tKuNewWp+PKX8x1M47AohuPexzuk1gGweyIXc
lyv7sBXgLt9P1xuShYawDKoUGKEDeDYmAGzQ1/tKRo4rW1Daj9hdEBtTiBLDFp+O
Ssz7ZcBn1ns6qsQ8DQ9Bri/3DG9qn52aC9xZBmAyS/r5GBohQhJY/qzt3a5U1sbR
jpiWa6KpGJ9lRNzyO5YrqVZy64uREZpOcPkr+mdsng/PF1wJuvOUNW87snON
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:54 2023 by rpki-client on console-fra.rpki-client.org