Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/YaCbFYWe11l9wK8c_ZBa5uEfG3M.roa
File: YaCbFYWe11l9wK8c_ZBa5uEfG3M.roa (raw, json)
Hash identifier: 9333pVzvJp5IPyxyERfm4jD5yRplzBfFbyWeum6D+tg=
Subject key identifier: 61:A0:9B:15:85:9E:D7:59:7D:C0:AF:1C:FD:90:5A:E6:E1:1F:1B:73
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 018692003E145BA8D863BB89C3705BF332DC
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/YaCbFYWe11l9wK8c_ZBa5uEfG3M.roa
Signing time: Mon 27 Feb 2023 08:32:14 +0000
ROA not before: Mon 27 Feb 2023 08:32:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206801
IP address blocks: 5.180.170.0/23 maxlen: 23
5.180.168.0/23 maxlen: 23
5.180.168.0/22 maxlen: 22
5.180.168.0/24 maxlen: 24
5.180.169.0/24 maxlen: 24
5.180.170.0/24 maxlen: 24
5.180.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:00:3e:14:5b:a8:d8:63:bb:89:c3:70:5b:f3:32:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Feb 27 08:32:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61a09b15859ed7597dc0af1cfd905ae6e11f1b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0c:62:bf:4d:a2:54:6a:52:6b:de:78:04:f5:
ea:eb:8b:13:b4:42:e7:06:34:a6:a6:48:45:94:1f:
8d:fc:1f:a8:71:da:08:6f:37:ff:93:75:2d:b2:73:
30:ee:e0:0b:98:6a:9c:fc:8c:13:71:68:83:12:c8:
cc:54:15:aa:32:dc:fb:9b:ce:64:67:0e:4d:b8:a7:
5b:d8:29:c5:4a:9c:c8:20:6e:ac:28:5a:22:5c:33:
86:f6:e8:e1:77:6f:c0:10:10:36:e0:70:dd:bc:21:
14:16:ba:70:1e:80:e6:16:f3:f5:af:6f:f6:2b:59:
af:8f:a8:32:12:fb:48:48:e8:67:0a:b7:e2:8b:34:
de:92:81:bd:32:5a:ae:12:5d:7f:48:6a:4f:1c:c7:
a8:03:fd:b8:01:d3:15:d2:ea:86:32:8a:c4:bd:8f:
cb:08:d2:76:6e:e1:97:10:d4:17:d0:e9:ef:ad:b0:
94:6a:75:da:1d:a1:80:dd:71:37:e0:5a:46:d2:0a:
df:7f:3f:9f:aa:53:09:b1:75:42:e6:31:91:0f:94:
f3:d5:42:41:ac:6b:8e:b4:d5:97:52:e1:0a:b6:30:
be:83:79:5a:ef:85:23:6c:1d:a8:17:2f:a3:e3:c3:
a6:1e:13:16:7e:2f:9e:58:4b:93:db:ca:97:7f:66:
86:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A0:9B:15:85:9E:D7:59:7D:C0:AF:1C:FD:90:5A:E6:E1:1F:1B:73
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/YaCbFYWe11l9wK8c_ZBa5uEfG3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:5c:59:be:55:05:73:15:3a:ec:77:1c:0e:e1:04:9e:3e:55:
04:c3:df:33:67:cb:0b:23:f0:fd:b7:06:40:e4:ee:fc:77:2e:
bd:97:65:a9:58:6e:da:1e:19:c2:23:c4:54:1b:6d:f8:b0:65:
db:4a:95:f9:a8:b0:07:4e:cc:3a:46:2b:66:34:1b:69:e0:a3:
9f:a0:80:49:d8:70:ba:28:16:f4:9d:35:94:2c:e3:b2:bc:fd:
c7:5e:1b:8c:2d:ac:fc:db:5f:7a:b5:94:dc:ab:80:7e:51:00:
84:ac:a2:ad:af:f0:d1:ba:fa:2e:e1:93:ca:66:65:95:d3:6d:
65:2d:83:f1:14:2a:ac:ea:4d:ab:ce:d9:f6:11:94:f8:43:5a:
55:91:74:91:46:00:d0:ab:eb:7f:c5:93:cc:fc:91:7a:bb:d4:
b6:d0:f7:b1:48:30:4a:24:13:c2:42:52:f9:28:36:0d:bf:8d:
a8:c0:b7:f0:ad:6c:4b:34:a2:f4:fd:65:44:06:41:10:cc:50:
ab:df:a3:ac:72:1c:c2:c8:84:6c:24:2d:8c:e5:2e:76:76:0b:
7b:85:a3:d3:d0:ca:45:45:f8:84:f2:47:4c:90:30:d9:4f:71:
01:b7:89:a5:8a:71:2c:a0:e4:83:16:02:a9:2f:65:7b:c1:ce:
85:6e:8c:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaSAD4UW6jYY7uJw3Bb8zLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjMwMjI3MDgzMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWEwOWIxNTg1OWVkNzU5N2RjMGFmMWNmZDkwNWFlNmUxMWYxYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Axiv02iVGpSa954BPXq64sTtELn
BjSmpkhFlB+N/B+ocdoIbzf/k3UtsnMw7uALmGqc/IwTcWiDEsjMVBWqMtz7m85k
Zw5NuKdb2CnFSpzIIG6sKFoiXDOG9ujhd2/AEBA24HDdvCEUFrpwHoDmFvP1r2/2
K1mvj6gyEvtISOhnCrfiizTekoG9MlquEl1/SGpPHMeoA/24AdMV0uqGMorEvY/L
CNJ2buGXENQX0OnvrbCUanXaHaGA3XE34FpG0grffz+fqlMJsXVC5jGRD5Tz1UJB
rGuOtNWXUuEKtjC+g3la74UjbB2oFy+j48OmHhMWfi+eWEuT28qXf2aGfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGgmxWFntdZfcCvHP2QWubhHxtzMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvWWFDYkZZV2UxMWw5d0s4Y19aQmE1dUVmRzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/XFm+VQVzFTrsdxwO4QSePlUEw98zZ8sLI/D9twZA
5O78dy69l2WpWG7aHhnCI8RUG234sGXbSpX5qLAHTsw6RitmNBtp4KOfoIBJ2HC6
KBb0nTWULOOyvP3HXhuMLaz82196tZTcq4B+UQCErKKtr/DRuvou4ZPKZmWV021l
LYPxFCqs6k2rztn2EZT4Q1pVkXSRRgDQq+t/xZPM/JF6u9S20PexSDBKJBPCQlL5
KDYNv42owLfwrWxLNKL0/WVEBkEQzFCr36OschzCyIRsJC2M5S52dgt7haPT0MpF
RfiE8kdMkDDZT3EBt4mlinEsoOSDFgKpL2V7wc6FboyE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:41 2024 by rpki-client on console-fra.rpki-client.org