Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/TLdPltNSA7_LJI_k0GnR4naEtdU.roa
File: TLdPltNSA7_LJI_k0GnR4naEtdU.roa (raw, json)
Hash identifier: G8BMxM96O9OcR4WhFuoqSU+wVum2k0Z9Ncwt90rygag=
Subject key identifier: 4C:B7:4F:96:D3:52:03:BF:CB:24:8F:E4:D0:69:D1:E2:76:84:B5:D5
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 018A6A270357DA61BA22CAE18389A2493B2A
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/TLdPltNSA7_LJI_k0GnR4naEtdU.roa
Signing time: Wed 06 Sep 2023 11:00:56 +0000
ROA not before: Wed 06 Sep 2023 11:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205847
IP address blocks: 5.181.58.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.57.0/24 maxlen: 24
5.181.56.0/24 maxlen: 24
5.181.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:27:03:57:da:61:ba:22:ca:e1:83:89:a2:49:3b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Sep 6 11:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb74f96d35203bfcb248fe4d069d1e27684b5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:6b:4b:d1:0b:a2:17:c9:00:8d:55:3a:7b:
bb:51:40:ec:42:90:dd:3b:64:da:a7:a8:c1:c7:da:
98:99:2f:01:da:25:6e:cf:10:39:ab:0a:c9:fc:e8:
47:29:5c:6a:b8:5f:0a:a4:f2:48:23:0c:36:55:fa:
29:2f:ca:b1:a2:fb:a7:0b:1f:9b:ad:bf:c9:13:b6:
e0:44:47:27:8a:08:7b:b0:5c:83:85:22:c2:80:a1:
4e:2d:7c:dd:f0:ba:20:cc:05:11:d6:05:62:6d:cf:
bb:e1:d7:3c:a3:65:38:e2:f2:56:d4:99:a3:85:12:
9d:60:84:27:00:5b:2d:c3:35:c0:46:33:05:34:35:
dc:50:63:49:38:97:e5:88:af:70:74:2a:03:34:34:
5b:1a:5f:ef:2c:43:52:e3:50:3d:aa:aa:de:c3:64:
60:5d:6e:fc:1c:3f:97:40:a3:34:80:5c:20:78:77:
dc:df:cb:d5:e5:c4:2b:3a:2c:39:90:72:3f:05:4f:
d6:c6:e7:71:26:b2:73:90:8d:32:4f:aa:37:38:da:
dc:12:7a:c1:6c:3a:80:ec:3a:5e:0a:fd:2a:0c:de:
25:fa:11:b0:56:86:e5:c5:25:d3:42:1d:71:cc:f6:
be:96:08:fa:eb:ff:b8:cd:e0:ea:8f:8a:c3:ee:1f:
46:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B7:4F:96:D3:52:03:BF:CB:24:8F:E4:D0:69:D1:E2:76:84:B5:D5
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/TLdPltNSA7_LJI_k0GnR4naEtdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:eb:a0:11:7e:c4:05:a9:3a:a2:c8:8d:17:17:3e:b7:d8:c6:
09:67:89:0a:24:56:9d:1e:c5:24:42:23:c3:dd:0d:90:f1:68:
11:59:52:5f:e2:3b:f0:3f:48:f4:70:73:8f:1c:85:12:f7:22:
f7:d6:c0:ec:5b:12:73:10:86:81:84:08:05:ba:2b:f7:f2:7a:
a3:de:d5:f3:57:b3:ab:09:8b:f6:88:07:42:66:5c:59:9b:d2:
ba:54:27:89:3b:fe:30:f1:78:87:93:90:c3:c6:7b:31:38:16:
0f:59:f1:0c:13:85:dd:25:d4:99:be:43:e0:a3:15:d6:3e:ad:
bd:00:fe:c1:84:e5:02:1b:b1:c8:12:83:02:ec:5d:01:a0:4e:
2e:11:9c:f3:71:a8:25:43:e6:31:fa:df:b7:3b:75:26:33:83:
52:11:43:18:a7:fd:2d:70:16:28:9d:37:c9:72:0d:a2:cd:44:
1e:a8:31:6f:56:0b:4d:d3:f3:5d:c2:9c:4e:b5:bf:52:05:a8:
55:bd:8c:70:bc:9c:46:98:f0:f2:ed:83:fd:e2:52:08:54:81:
d3:3c:32:1a:a5:dd:d8:11:c7:e5:22:76:8e:d7:8a:e0:1e:db:
82:61:f8:bc:d6:67:22:9c:b9:76:02:32:5e:ea:20:d6:28:e1:
04:ef:7b:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpqJwNX2mG6Isrhg4miSTsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjMwOTA2MTEwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I3NGY5NmQzNTIwM2JmY2IyNDhmZTRkMDY5ZDFlMjc2ODRiNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsRrS9ELohfJAI1VOnu7UUDsQpDd
O2Tap6jBx9qYmS8B2iVuzxA5qwrJ/OhHKVxquF8KpPJIIww2VfopL8qxovunCx+b
rb/JE7bgREcnigh7sFyDhSLCgKFOLXzd8LogzAUR1gVibc+74dc8o2U44vJW1Jmj
hRKdYIQnAFstwzXARjMFNDXcUGNJOJfliK9wdCoDNDRbGl/vLENS41A9qqrew2Rg
XW78HD+XQKM0gFwgeHfc38vV5cQrOiw5kHI/BU/WxudxJrJzkI0yT6o3ONrcEnrB
bDqA7DpeCv0qDN4l+hGwVoblxSXTQh1xzPa+lgj66/+4zeDqj4rD7h9G3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEy3T5bTUgO/yySP5NBp0eJ2hLXVMB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvVExkUGx0TlNBN19MSklfazBHblI0bmFFdGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCg66ARfsQFqTqiyI0XFz632MYJZ4kKJFadHsUkQiPD
3Q2Q8WgRWVJf4jvwP0j0cHOPHIUS9yL31sDsWxJzEIaBhAgFuiv38nqj3tXzV7Or
CYv2iAdCZlxZm9K6VCeJO/4w8XiHk5DDxnsxOBYPWfEME4XdJdSZvkPgoxXWPq29
AP7BhOUCG7HIEoMC7F0BoE4uEZzzcaglQ+Yx+t+3O3UmM4NSEUMYp/0tcBYonTfJ
cg2izUQeqDFvVgtN0/NdwpxOtb9SBahVvYxwvJxGmPDy7YP94lIIVIHTPDIapd3Y
EcflInaO14rgHtuCYfi81mcinLl2AjJe6iDWKOEE73t/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org