Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/wBIEuMsRjXNFWiMOlp03ZEs0sfg.roa
File: wBIEuMsRjXNFWiMOlp03ZEs0sfg.roa (raw, json)
Hash identifier: KbNHJFZblxqILCkmJWBct2zb6pq560gConIysDmLAWo=
Subject key identifier: C0:12:04:B8:CB:11:8D:73:45:5A:23:0E:96:9D:37:64:4B:34:B1:F8
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 018570B08971384D733D82B4855AFAE189BE
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/wBIEuMsRjXNFWiMOlp03ZEs0sfg.roa
Signing time: Mon 02 Jan 2023 04:14:55 +0000
ROA not before: Mon 02 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206801
IP address blocks: 5.180.168.0/24 maxlen: 24
5.180.170.0/24 maxlen: 24
5.180.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 19 Jan 2023 08:42:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:89:71:38:4d:73:3d:82:b4:85:5a:fa:e1:89:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 2 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c01204b8cb118d73455a230e969d37644b34b1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:77:fa:2a:28:43:ac:18:cb:e6:0d:4c:e3:5f:
76:21:d1:a3:ac:f8:ec:e5:bc:a8:ed:d0:35:54:b0:
2e:dc:4d:2f:f0:5b:4b:d4:1c:97:de:0e:42:b5:40:
22:12:5e:0d:b3:48:aa:9b:c9:3a:9a:16:b2:dd:30:
6e:34:7a:58:59:9a:f8:24:b3:66:a2:aa:f3:4a:37:
1b:f2:48:db:96:57:e5:43:e4:fc:44:f5:3b:b1:70:
00:f7:c9:ac:40:23:71:63:b8:b7:be:ba:76:da:95:
e7:f2:f6:1f:28:00:5f:8d:37:b0:b8:a5:2e:bc:f4:
97:6c:66:26:3f:8c:e9:d9:a8:b6:37:ce:1b:b2:d3:
82:f9:a6:bd:d6:e2:c7:39:65:7f:e7:67:be:de:cf:
b2:a4:b5:ef:f3:0a:16:c5:35:61:ca:3d:af:d1:ec:
b4:57:b0:3d:f5:d7:be:80:b3:a7:23:ff:92:46:72:
2c:7a:8e:c1:03:6b:ca:5f:29:61:b8:13:3d:48:13:
9a:25:fa:97:ee:a5:85:3d:d3:ee:87:0f:99:31:08:
6b:99:69:81:32:6b:a2:97:67:f2:f1:96:d6:86:dd:
24:72:8e:fa:e8:02:7f:3c:1e:fe:cb:b7:e7:ec:d0:
ea:6f:f2:2c:57:18:f5:76:cb:ff:d6:a7:ee:19:ab:
da:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:12:04:B8:CB:11:8D:73:45:5A:23:0E:96:9D:37:64:4B:34:B1:F8
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/wBIEuMsRjXNFWiMOlp03ZEs0sfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0-5.180.170.255
Signature Algorithm: sha256WithRSAEncryption
23:f2:65:96:21:dd:02:7b:56:22:06:1f:8d:35:9f:66:89:d3:
8a:0c:8a:16:b1:c7:45:fe:8f:4e:e7:b8:5f:cc:13:07:19:38:
a3:75:91:1b:87:83:84:7e:25:05:0b:c0:06:39:1f:a4:9a:19:
c2:84:0b:95:27:da:b7:79:06:53:7d:ca:71:66:38:5d:f7:15:
d7:a0:e6:fd:3c:51:f3:1e:33:11:c7:cd:7e:4b:1a:c0:3f:04:
b1:b5:d3:42:d6:f6:56:39:d9:b6:3f:9c:f2:7e:45:db:24:e2:
09:1c:d3:e7:02:b7:9e:94:8c:27:38:46:08:ea:91:62:25:41:
86:c4:ff:fd:e1:d2:9a:ac:8e:b2:3d:02:74:ac:2b:69:53:cc:
b8:fa:56:36:d3:2d:81:b5:3e:cc:60:73:ee:f7:96:6d:bc:44:
b7:5b:59:42:ad:12:5c:8b:a8:b9:0e:c9:23:1a:ae:a2:36:12:
3d:50:07:f6:d4:bf:84:39:20:0d:92:49:11:db:11:cb:55:28:
51:5d:15:59:64:7a:ca:7e:90:45:b7:b0:ae:64:e6:7e:ed:a4:
51:a7:e1:1b:b0:bd:15:1b:26:ec:ff:eb:90:10:a8:f5:5c:08:
4e:bd:e8:8a:e1:5f:a4:89:f3:6d:a1:81:ee:12:13:16:20:b5:
cf:e8:df:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwsIlxOE1zPYK0hVr64Ym+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjMwMTAyMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDEyMDRiOGNiMTE4ZDczNDU1YTIzMGU5NjlkMzc2NDRiMzRiMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3f6KihDrBjL5g1M4192IdGjrPjs
5byo7dA1VLAu3E0v8FtL1ByX3g5CtUAiEl4Ns0iqm8k6mhay3TBuNHpYWZr4JLNm
oqrzSjcb8kjbllflQ+T8RPU7sXAA98msQCNxY7i3vrp22pXn8vYfKABfjTewuKUu
vPSXbGYmP4zp2ai2N84bstOC+aa91uLHOWV/52e+3s+ypLXv8woWxTVhyj2v0ey0
V7A99de+gLOnI/+SRnIseo7BA2vKXylhuBM9SBOaJfqX7qWFPdPuhw+ZMQhrmWmB
Mmuil2fy8ZbWht0kco766AJ/PB7+y7fn7NDqb/IsVxj1dsv/1qfuGava6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMASBLjLEY1zRVojDpadN2RLNLH4MB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEvd0JJRXVNc1JqWE5GV2lNT2xwMDNaRXMwc2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMFtKgD
BAAFtKowDQYJKoZIhvcNAQELBQADggEBACPyZZYh3QJ7ViIGH401n2aJ04oMihax
x0X+j07nuF/MEwcZOKN1kRuHg4R+JQULwAY5H6SaGcKEC5Un2rd5BlN9ynFmOF33
Fdeg5v08UfMeMxHHzX5LGsA/BLG100LW9lY52bY/nPJ+Rdsk4gkc0+cCt56UjCc4
RgjqkWIlQYbE//3h0pqsjrI9AnSsK2lTzLj6VjbTLYG1Psxgc+73lm28RLdbWUKt
ElyLqLkOySMarqI2Ej1QB/bUv4Q5IA2SSRHbEctVKFFdFVlkesp+kEW3sK5k5n7t
pFGn4RuwvRUbJuz/65AQqPVcCE696IrhX6SJ822hge4SExYgtc/o30s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:04 2024 by rpki-client on console-ams.rpki-client.org