Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/GNBxnDz3dM7NGcJIfZ3BbI8nLp0.roa
File: GNBxnDz3dM7NGcJIfZ3BbI8nLp0.roa (raw, json)
Hash identifier: tsdDTpme3w4VmO89G8XGacOzI9m8nWSXKp5DJLWnzWA=
Subject key identifier: 18:D0:71:9C:3C:F7:74:CE:CD:19:C2:48:7D:9D:C1:6C:8F:27:2E:9D
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 018CC94CA2AB6F3F6C7E7E911CB62697F47C
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/GNBxnDz3dM7NGcJIfZ3BbI8nLp0.roa
Signing time: Tue 02 Jan 2024 08:31:31 +0000
ROA not before: Tue 02 Jan 2024 08:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209137
IP address blocks: 5.180.171.0/24 maxlen: 24
5.180.170.0/23 maxlen: 23
5.180.168.0/23 maxlen: 23
5.180.168.0/22 maxlen: 22
5.180.168.0/24 maxlen: 24
5.180.169.0/24 maxlen: 24
5.180.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 06:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a2:ab:6f:3f:6c:7e:7e:91:1c:b6:26:97:f4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 2 08:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d0719c3cf774cecd19c2487d9dc16c8f272e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:53:2a:de:84:8e:9f:33:54:a1:e8:ff:16:5d:
de:ee:6c:37:77:02:12:c0:17:d3:f1:a4:aa:af:97:
a8:05:a5:18:01:ea:0d:89:7e:07:4b:68:93:79:eb:
96:12:89:e6:bb:6d:6a:1e:b9:8b:97:a2:6f:c4:4e:
fd:6b:6e:f8:5b:69:e1:4d:8e:4f:b5:cf:e8:2e:29:
f2:9b:d7:08:ce:2b:86:e8:7b:9d:5a:9e:bc:fa:67:
77:a9:2e:72:6a:97:96:f1:92:ea:7f:cf:2b:ea:50:
3f:e5:f8:a5:c0:87:06:d2:6f:14:a3:de:ff:58:1e:
01:a6:eb:2d:16:f5:ef:04:3a:cf:e1:ca:db:cd:31:
c0:42:cb:fa:0d:4a:98:6d:56:d0:60:fa:08:8e:f4:
09:b9:4a:ba:e2:46:b4:85:c6:3a:eb:5b:90:79:46:
d7:a7:eb:ff:60:21:cb:82:1a:33:d9:3d:a2:c9:cd:
54:a0:a0:f4:82:1b:03:4e:aa:60:b2:0c:35:a4:7f:
d4:22:37:70:b2:9a:f8:e5:bd:ee:07:e7:3f:71:58:
6e:ae:41:aa:aa:8e:00:9e:01:36:42:c6:dd:e7:72:
5b:4c:5a:35:0a:7f:6c:a8:88:7f:8e:78:a4:c3:cd:
bc:d6:03:77:09:6d:ed:c9:62:aa:dd:a4:9b:d9:dd:
be:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D0:71:9C:3C:F7:74:CE:CD:19:C2:48:7D:9D:C1:6C:8F:27:2E:9D
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/GNBxnDz3dM7NGcJIfZ3BbI8nLp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0/22
Signature Algorithm: sha256WithRSAEncryption
19:58:56:8f:a4:65:55:a0:e7:61:0a:e0:78:38:72:56:d1:0b:
27:3d:a4:a8:02:51:2d:4b:db:89:b3:c1:a6:aa:c5:f6:c2:31:
d5:b4:e8:7f:c0:c5:11:6a:b5:e0:39:ba:34:e0:ba:20:5f:fc:
70:af:c4:f9:ab:ba:a3:95:bc:b1:74:a8:ff:35:48:4d:4b:86:
62:c7:7c:e6:7a:3c:7b:27:dd:0b:62:85:f7:ca:67:2e:ba:cc:
c9:e2:49:a9:62:cf:32:32:c8:ad:04:8b:61:cf:1f:5b:bf:06:
be:78:2d:08:4c:90:55:04:bf:25:f7:1d:f5:3a:96:62:03:34:
44:f5:9a:c3:fb:7d:22:f0:cb:e2:b7:74:06:51:1e:bb:40:74:
45:2b:11:4e:c5:0e:ca:b1:58:47:92:78:e0:61:8c:fe:d7:a2:
cb:58:2f:4f:ee:a4:46:3e:01:e4:03:7a:ee:0a:3c:52:c4:b8:
f5:3c:81:14:7c:49:a3:97:a5:f1:f3:e8:11:cd:28:0e:d7:a6:
6c:e2:09:af:f7:20:14:7b:ee:af:06:ca:6e:fc:3b:31:a6:e9:
ec:c4:ba:5f:23:c3:53:a7:8d:44:48:3f:2f:f4:4c:19:69:73:
ae:9f:ad:2c:7f:7d:44:dc:58:62:5a:0e:ba:35:eb:9f:a4:4a:
4e:e3:77:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKKrbz9sfn6RHLYml/R8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjQwMTAyMDgzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQwNzE5YzNjZjc3NGNlY2QxOWMyNDg3ZDlkYzE2YzhmMjcyZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FMq3oSOnzNUoej/Fl3e7mw3dwIS
wBfT8aSqr5eoBaUYAeoNiX4HS2iTeeuWEonmu21qHrmLl6JvxE79a274W2nhTY5P
tc/oLinym9cIziuG6HudWp68+md3qS5yapeW8ZLqf88r6lA/5filwIcG0m8Uo97/
WB4BpustFvXvBDrP4crbzTHAQsv6DUqYbVbQYPoIjvQJuUq64ka0hcY661uQeUbX
p+v/YCHLghoz2T2iyc1UoKD0ghsDTqpgsgw1pH/UIjdwspr45b3uB+c/cVhurkGq
qo4AngE2Qsbd53JbTFo1Cn9sqIh/jnikw8281gN3CW3tyWKq3aSb2d2+PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjQcZw893TOzRnCSH2dwWyPJy6dMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvR05CeG5EejNkTTdOR2NKSWZaM0JiSThuTHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G
CSqGSIb3DQEBCwUAA4IBAQAZWFaPpGVVoOdhCuB4OHJW0QsnPaSoAlEtS9uJs8Gm
qsX2wjHVtOh/wMURarXgObo04LogX/xwr8T5q7qjlbyxdKj/NUhNS4Zix3zmejx7
J90LYoX3ymcuuszJ4kmpYs8yMsitBIthzx9bvwa+eC0ITJBVBL8l9x31OpZiAzRE
9ZrD+30i8Mvit3QGUR67QHRFKxFOxQ7KsVhHknjgYYz+16LLWC9P7qRGPgHkA3ru
CjxSxLj1PIEUfEmjl6Xx8+gRzSgO16Zs4gmv9yAUe+6vBspu/DsxpunsxLpfI8NT
p41ESD8v9EwZaXOun60sf31E3FhiWg66NeufpEpO43dE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:04 2024 by rpki-client on console-ams.rpki-client.org