Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/odrYY00ntgzs0wrLTDU43EL1eGw.roa
File: odrYY00ntgzs0wrLTDU43EL1eGw.roa (raw, json)
Hash identifier: qviG1Tpvg984CKDstg3XNsG2B7Yq2FwDj/VXAJCyM6k=
Subject key identifier: A1:DA:D8:63:4D:27:B6:0C:EC:D3:0A:CB:4C:35:38:DC:42:F5:78:6C
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 01869200401043A3120F1DFECBB3EF267931
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/odrYY00ntgzs0wrLTDU43EL1eGw.roa
Signing time: Mon 27 Feb 2023 08:32:14 +0000
ROA not before: Mon 27 Feb 2023 08:32:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209137
IP address blocks: 5.180.171.0/24 maxlen: 24
5.180.170.0/23 maxlen: 23
5.180.168.0/23 maxlen: 23
5.180.168.0/22 maxlen: 22
5.180.168.0/24 maxlen: 24
5.180.169.0/24 maxlen: 24
5.180.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:00:40:10:43:a3:12:0f:1d:fe:cb:b3:ef:26:79:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Feb 27 08:32:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1dad8634d27b60cecd30acb4c3538dc42f5786c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:96:7e:81:6c:36:3a:b1:a2:84:d7:e7:74:
6e:42:d9:28:b2:ed:d5:5a:b2:34:29:3e:66:4d:1a:
a0:73:60:a3:96:09:3e:40:91:d7:1b:ac:c0:de:db:
60:82:69:2f:c0:6f:ce:f8:c2:85:cb:88:f5:30:2c:
7c:55:09:cd:28:7c:50:f5:08:87:6f:c2:e2:8b:09:
42:f1:ae:07:49:88:bd:47:5c:ce:d3:96:b5:0e:00:
10:8b:ba:88:94:df:a8:66:7b:65:3c:71:35:4c:e9:
b0:c6:93:de:e7:92:00:22:7c:b9:2f:f9:4b:b8:d6:
00:7d:71:a9:06:98:98:34:c2:71:0f:04:3d:cb:6c:
0b:5f:1a:14:dd:09:c2:ff:90:d3:88:d0:ad:13:7c:
c3:20:c3:10:ca:64:9d:cb:25:71:17:11:cd:bd:49:
70:0f:6a:97:65:65:e2:66:ce:10:7f:21:64:9b:82:
cb:74:f7:cf:22:bc:31:9e:d6:8c:e9:ba:20:5b:2d:
30:ca:f9:08:c9:ce:39:fc:e8:93:e5:32:43:43:3b:
d2:c3:c3:2f:6c:9e:a3:4f:ba:56:8a:a9:9b:2a:ac:
08:b4:34:57:b4:4f:10:82:6f:71:17:26:27:98:5e:
62:eb:c2:e3:42:85:37:0b:68:47:f8:55:74:f8:f8:
78:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DA:D8:63:4D:27:B6:0C:EC:D3:0A:CB:4C:35:38:DC:42:F5:78:6C
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/odrYY00ntgzs0wrLTDU43EL1eGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0/22
Signature Algorithm: sha256WithRSAEncryption
42:8b:d3:fa:14:08:28:49:87:fa:fc:04:07:8c:97:59:70:2e:
59:52:71:55:c1:af:ac:fc:13:86:d8:4a:96:04:15:ee:dd:ec:
fc:12:28:26:1d:8b:93:d7:04:a1:57:3a:b3:77:16:69:90:2d:
43:94:b3:c4:54:ef:e0:64:eb:c0:0a:65:1a:24:c6:57:ff:84:
63:32:ab:85:42:e4:20:d8:37:7f:f6:ff:fb:98:23:40:51:5f:
b8:f9:8b:d8:62:6e:56:37:78:55:c6:cb:a9:67:47:2e:f6:ab:
78:50:3b:88:fa:f5:05:d1:d6:2f:e1:bd:ed:38:e2:ef:6f:f6:
73:a1:73:bd:b7:53:d7:f9:64:20:b7:27:8f:3e:61:f5:4e:99:
da:3b:8b:9c:32:38:73:3f:17:a4:30:d1:7f:20:31:bc:f9:8a:
a7:4c:f4:08:5e:1c:b3:b9:af:d7:4f:ae:b9:8e:89:d2:e0:0e:
0d:83:fc:b8:9d:35:10:10:75:f5:e2:c2:d8:af:12:97:a4:7f:
18:36:e5:57:b4:6d:c5:36:54:cf:1a:d2:4f:b6:fa:e7:fc:3e:
25:f0:f7:cf:b4:2c:0f:f7:c2:55:d1:31:03:82:64:79:7e:7c:
e1:76:63:17:76:65:64:50:53:94:96:68:22:ee:f2:58:13:fb:
f5:eb:88:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaSAEAQQ6MSDx3+y7PvJnkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjMwMjI3MDgzMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRhZDg2MzRkMjdiNjBjZWNkMzBhY2I0YzM1MzhkYzQyZjU3ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP6WfoFsNjqxooTX53RuQtkosu3V
WrI0KT5mTRqgc2Cjlgk+QJHXG6zA3ttggmkvwG/O+MKFy4j1MCx8VQnNKHxQ9QiH
b8LiiwlC8a4HSYi9R1zO05a1DgAQi7qIlN+oZntlPHE1TOmwxpPe55IAIny5L/lL
uNYAfXGpBpiYNMJxDwQ9y2wLXxoU3QnC/5DTiNCtE3zDIMMQymSdyyVxFxHNvUlw
D2qXZWXiZs4QfyFkm4LLdPfPIrwxntaM6bogWy0wyvkIyc45/OiT5TJDQzvSw8Mv
bJ6jT7pWiqmbKqwItDRXtE8Qgm9xFyYnmF5i68LjQoU3C2hH+FV0+Ph4zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHa2GNNJ7YM7NMKy0w1ONxC9XhsMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvb2RyWVkwMG50Z3pzMHdyTFREVTQzRUwxZUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G
CSqGSIb3DQEBCwUAA4IBAQBCi9P6FAgoSYf6/AQHjJdZcC5ZUnFVwa+s/BOG2EqW
BBXu3ez8EigmHYuT1wShVzqzdxZpkC1DlLPEVO/gZOvACmUaJMZX/4RjMquFQuQg
2Dd/9v/7mCNAUV+4+YvYYm5WN3hVxsupZ0cu9qt4UDuI+vUF0dYv4b3tOOLvb/Zz
oXO9t1PX+WQgtyePPmH1TpnaO4ucMjhzPxekMNF/IDG8+YqnTPQIXhyzua/XT665
jonS4A4Ng/y4nTUQEHX14sLYrxKXpH8YNuVXtG3FNlTPGtJPtvrn/D4l8PfPtCwP
98JV0TEDgmR5fnzhdmMXdmVkUFOUlmgi7vJYE/v164jg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:04 2024 by rpki-client on console-ams.rpki-client.org