Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/nRxdZ3hUPQsbhknALn8yGU8ux3k.roa
File: nRxdZ3hUPQsbhknALn8yGU8ux3k.roa (raw, json)
Hash identifier: z/sOikMMBP87fKfp3673EObuFch8d8RPN4bAcVGR464=
Subject key identifier: 9D:1C:5D:67:78:54:3D:0B:1B:86:49:C0:2E:7F:32:19:4F:2E:C7:79
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 018CC794FE5AF4C6589A953C1356EDC544B1
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/nRxdZ3hUPQsbhknALn8yGU8ux3k.roa
Signing time: Tue 02 Jan 2024 00:31:19 +0000
ROA not before: Tue 02 Jan 2024 00:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57099
IP address blocks: 5.181.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 05:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:fe:5a:f4:c6:58:9a:95:3c:13:56:ed:c5:44:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Jan 2 00:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d1c5d6778543d0b1b8649c02e7f32194f2ec779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:9d:30:11:e8:03:bc:2c:05:26:36:eb:2b:
22:2e:42:e3:19:08:ec:a6:c6:83:11:54:ad:40:11:
c5:3c:0f:7c:44:7a:b4:10:e8:ce:6d:2a:71:2d:84:
2c:dd:c8:05:a4:32:6d:b4:86:4d:c4:6f:bc:00:fc:
a9:c5:fd:7b:76:52:25:fe:6f:17:5d:1f:90:57:2b:
e3:96:75:74:16:10:b1:6c:45:a6:76:32:93:f6:28:
a4:f4:72:8b:3f:e8:fe:32:a2:5f:1a:11:54:f0:cf:
c1:da:dd:f3:5e:0a:a1:65:b9:e9:49:10:df:4f:11:
0b:83:78:7c:f1:05:4e:9a:f9:d3:05:56:c8:6b:ce:
b2:33:b7:b4:03:f6:06:7b:33:90:1e:5a:3d:24:e3:
5f:1e:01:a0:c7:8c:66:d6:44:b6:b9:8f:5c:82:a3:
01:6a:08:b3:bf:ce:12:60:ff:dd:16:f6:09:ba:cc:
e4:c3:aa:c2:6b:a7:97:60:3a:44:92:96:67:20:c3:
6c:83:99:d9:cf:6c:6b:6b:7f:ec:a6:99:e9:ee:2c:
5d:93:63:fa:7c:f4:cb:9a:c0:1c:2a:7b:e6:02:6a:
9b:2b:6f:13:3d:28:58:cf:80:25:b3:c6:f8:c1:7e:
ca:07:07:85:98:2d:fb:8f:2b:16:3e:ee:d5:d5:53:
eb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1C:5D:67:78:54:3D:0B:1B:86:49:C0:2E:7F:32:19:4F:2E:C7:79
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/nRxdZ3hUPQsbhknALn8yGU8ux3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.57.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:25:02:b5:e3:53:f7:77:b2:4c:8d:21:74:67:49:3a:93:5f:
41:bb:73:bf:de:46:ec:a6:f0:93:e5:fa:5e:d1:85:1c:25:60:
39:86:9f:eb:0a:35:35:cc:2b:9c:18:93:ed:83:b2:4f:b2:3e:
e5:32:22:a6:7d:ca:92:75:d3:2e:f6:30:48:4b:33:f9:ca:0b:
61:ef:58:79:b0:b7:7c:34:06:60:9e:21:d0:d4:7b:dc:5f:f4:
4d:31:77:c8:5b:d8:dc:c6:5d:c8:25:16:8d:49:da:4b:97:b1:
1b:a7:95:24:e6:d2:5e:b8:d9:9d:66:3e:0a:47:71:53:81:23:
e0:d7:47:4a:92:ba:58:52:8d:b1:e7:f5:82:36:4f:fc:25:02:
82:e7:e0:ff:1e:26:29:74:16:f6:13:d8:f4:5d:64:4a:71:c1:
d9:96:62:9c:70:ec:4e:1b:e3:cd:75:9c:56:f6:60:dd:4f:b8:
aa:c0:27:cb:f3:51:98:24:3a:6c:77:5c:ec:91:6f:b9:86:7b:
7c:29:41:6f:ed:dc:2f:00:7b:9f:36:de:ed:49:f3:9f:89:95:
dc:f7:97:e5:ed:10:69:4e:1a:73:fb:8c:c0:dd:d7:ab:32:10:
be:9f:f2:08:a2:77:ed:76:71:ce:0d:c9:fd:99:b4:f4:a6:e4:
6d:30:3a:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlP5a9MZYmpU8E1btxUSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjQwMTAyMDAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDFjNWQ2Nzc4NTQzZDBiMWI4NjQ5YzAyZTdmMzIxOTRmMmVjNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8CdMBHoA7wsBSY26ysiLkLjGQjs
psaDEVStQBHFPA98RHq0EOjObSpxLYQs3cgFpDJttIZNxG+8APypxf17dlIl/m8X
XR+QVyvjlnV0FhCxbEWmdjKT9iik9HKLP+j+MqJfGhFU8M/B2t3zXgqhZbnpSRDf
TxELg3h88QVOmvnTBVbIa86yM7e0A/YGezOQHlo9JONfHgGgx4xm1kS2uY9cgqMB
agizv84SYP/dFvYJuszkw6rCa6eXYDpEkpZnIMNsg5nZz2xra3/sppnp7ixdk2P6
fPTLmsAcKnvmAmqbK28TPShYz4Als8b4wX7KBweFmC37jysWPu7V1VPrZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0cXWd4VD0LG4ZJwC5/MhlPLsd5MB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvblJ4ZFozaFVQUXNiaGtuQUxuOHlHVTh1eDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbU5MA0G
CSqGSIb3DQEBCwUAA4IBAQAvJQK141P3d7JMjSF0Z0k6k19Bu3O/3kbspvCT5fpe
0YUcJWA5hp/rCjU1zCucGJPtg7JPsj7lMiKmfcqSddMu9jBISzP5ygth71h5sLd8
NAZgniHQ1HvcX/RNMXfIW9jcxl3IJRaNSdpLl7Ebp5Uk5tJeuNmdZj4KR3FTgSPg
10dKkrpYUo2x5/WCNk/8JQKC5+D/HiYpdBb2E9j0XWRKccHZlmKccOxOG+PNdZxW
9mDdT7iqwCfL81GYJDpsd1zskW+5hnt8KUFv7dwvAHufNt7tSfOfiZXc95fl7RBp
Thpz+4zA3derMhC+n/IIonftdnHODcn9mbT0puRtMDoB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:11 2024 by rpki-client on console-ams.rpki-client.org