Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/MzJYIM_-Z-OPdOh_c9lLR4cPT6s.roa
File: MzJYIM_-Z-OPdOh_c9lLR4cPT6s.roa (raw, json)
Hash identifier: dcifaRz8fAJlylN5lhxDAGcsEcBAM3Ac8rEbxCBg2Ac=
Subject key identifier: 33:32:58:20:CF:FE:67:E3:8F:74:E8:7F:73:D9:4B:47:87:0F:4F:AB
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 0185C932BD209D6AEF6904D0EAFDE934031B
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/MzJYIM_-Z-OPdOh_c9lLR4cPT6s.roa
Signing time: Thu 19 Jan 2023 08:43:43 +0000
ROA not before: Thu 19 Jan 2023 08:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209137
IP address blocks: 5.180.171.0/24 maxlen: 24
5.180.168.0/24 maxlen: 24
5.180.169.0/24 maxlen: 24
5.180.168.0/23 maxlen: 23
5.180.170.0/24 maxlen: 24
5.180.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Feb 2023 08:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:32:bd:20:9d:6a:ef:69:04:d0:ea:fd:e9:34:03:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 19 08:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33325820cffe67e38f74e87f73d94b47870f4fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c7:da:41:f5:31:7f:cf:29:42:7d:73:75:d2:
1d:24:f9:41:4e:38:62:d7:af:f8:fa:df:db:97:76:
4c:7a:d7:26:4a:bd:4d:67:93:b5:02:cd:a4:56:9c:
54:e8:2d:8a:ce:7a:d3:c0:1c:e0:98:1e:8a:d3:d0:
e7:26:91:b3:b2:6e:c5:7e:51:a8:54:e6:38:65:f7:
0a:75:60:4e:a5:1e:f9:8e:94:d6:26:5d:8e:97:f2:
a1:5f:c8:29:08:5b:8a:47:b6:2c:a6:04:27:14:39:
52:82:84:18:46:4a:df:e7:4e:5c:96:fe:77:24:a4:
15:c2:18:d8:94:88:c7:62:7d:0d:13:21:98:5f:97:
c3:4a:4f:37:d7:75:db:7b:54:a9:33:42:3b:e2:b2:
66:55:d2:6a:66:19:6f:a5:0e:5f:67:d0:28:2a:a4:
06:2e:e8:b8:7c:f5:d9:ad:b9:b3:b9:bc:3a:98:e0:
59:c4:ff:1d:98:ce:fd:25:8f:25:a4:99:80:a6:c1:
84:4f:2c:36:e7:ae:06:0e:9c:b8:a2:5b:2d:a1:95:
b7:23:1b:a1:db:e6:f2:f6:f1:7a:ab:cb:c3:48:83:
49:75:e4:92:f0:1e:8c:dd:83:f4:53:22:5a:d6:68:
4c:00:20:ef:9d:61:91:ed:d7:95:28:2d:ff:6c:79:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:32:58:20:CF:FE:67:E3:8F:74:E8:7F:73:D9:4B:47:87:0F:4F:AB
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/MzJYIM_-Z-OPdOh_c9lLR4cPT6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0/22
Signature Algorithm: sha256WithRSAEncryption
66:3e:26:6c:79:89:3a:4f:f6:53:6b:43:29:5f:f6:38:d6:ec:
89:8c:06:fb:20:72:ef:a7:c8:4d:4a:f0:bd:bb:e3:00:26:ab:
df:52:14:44:02:6a:da:bd:5d:f0:7f:4e:33:e7:19:7c:db:41:
5b:3f:5d:a8:ff:73:ce:9d:ef:14:17:04:0f:44:f6:ca:a1:34:
c0:9b:37:6b:1e:36:2b:e2:b0:e9:05:26:25:47:2c:c8:36:eb:
48:5a:20:4e:bc:5a:33:71:67:42:f0:14:a9:10:75:e9:78:5a:
0b:4f:8e:6b:16:df:c9:48:33:7e:0f:fb:fb:81:d5:9a:ee:f0:
82:cd:57:52:e8:a2:ff:45:00:c4:5b:68:e0:09:94:88:ef:8e:
b7:4c:52:e2:9c:04:21:8b:28:7d:5c:f2:62:b9:9f:da:1e:74:
e5:2e:fb:f3:f5:de:ed:fd:b2:6b:9e:93:3d:43:e3:26:ce:05:
aa:dd:0e:74:a4:1a:a1:a4:a0:45:59:ee:15:6d:aa:8b:50:74:
0a:2a:96:80:fa:7e:83:37:9a:46:09:d5:e3:e9:3f:6d:99:46:
52:f0:06:66:30:b5:cf:78:47:99:73:25:96:f4:84:10:a3:3d:
a1:ca:39:99:19:40:21:f4:0e:c6:84:74:51:c6:d0:d6:14:2f:
4d:b1:82:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXJMr0gnWrvaQTQ6v3pNAMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjMwMTE5MDg0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzMyNTgyMGNmZmU2N2UzOGY3NGU4N2Y3M2Q5NGI0Nzg3MGY0ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcfaQfUxf88pQn1zddIdJPlBTjhi
16/4+t/bl3ZMetcmSr1NZ5O1As2kVpxU6C2KznrTwBzgmB6K09DnJpGzsm7FflGo
VOY4ZfcKdWBOpR75jpTWJl2Ol/KhX8gpCFuKR7YspgQnFDlSgoQYRkrf505clv53
JKQVwhjYlIjHYn0NEyGYX5fDSk8313Xbe1SpM0I74rJmVdJqZhlvpQ5fZ9AoKqQG
Lui4fPXZrbmzubw6mOBZxP8dmM79JY8lpJmApsGETyw2564GDpy4olstoZW3Ixuh
2+by9vF6q8vDSINJdeSS8B6M3YP0UyJa1mhMACDvnWGR7deVKC3/bHmq+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMyWCDP/mfjj3Tof3PZS0eHD0+rMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvTXpKWUlNXy1aLU9QZE9oX2M5bExSNGNQVDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G
CSqGSIb3DQEBCwUAA4IBAQBmPiZseYk6T/ZTa0MpX/Y41uyJjAb7IHLvp8hNSvC9
u+MAJqvfUhREAmravV3wf04z5xl820FbP12o/3POne8UFwQPRPbKoTTAmzdrHjYr
4rDpBSYlRyzINutIWiBOvFozcWdC8BSpEHXpeFoLT45rFt/JSDN+D/v7gdWa7vCC
zVdS6KL/RQDEW2jgCZSI7463TFLinAQhiyh9XPJiuZ/aHnTlLvvz9d7t/bJrnpM9
Q+MmzgWq3Q50pBqhpKBFWe4VbaqLUHQKKpaA+n6DN5pGCdXj6T9tmUZS8AZmMLXP
eEeZcyWW9IQQoz2hyjmZGUAh9A7GhHRRxtDWFC9NsYJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:04 2024 by rpki-client on console-ams.rpki-client.org