Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/3g2sZuWmZacSTKVHGTHfYYaqdc8.roa
File: 3g2sZuWmZacSTKVHGTHfYYaqdc8.roa (raw, json)
Hash identifier: d6Y+blljXMQLxIzMTmFcaFeDQMH5wReNnuK8fUsH880=
Subject key identifier: DE:0D:AC:66:E5:A6:65:A7:12:4C:A5:47:19:31:DF:61:86:AA:75:CF
Certificate issuer: /CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Certificate serial: 018D7950CF7E2F3C4F8E424D85068CD909D7
Authority key identifier: E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/3g2sZuWmZacSTKVHGTHfYYaqdc8.roa
Signing time: Mon 05 Feb 2024 12:49:15 +0000
ROA not before: Mon 05 Feb 2024 12:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50319
IP address blocks: 5.180.140.0/22 maxlen: 22
185.84.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 Jul 2024 13:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:50:cf:7e:2f:3c:4f:8e:42:4d:85:06:8c:d9:09:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Validity
Not Before: Feb 5 12:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de0dac66e5a665a7124ca5471931df6186aa75cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0d:fb:4a:94:b3:01:0c:71:6b:94:25:f8:3b:
c2:47:75:92:dc:6a:d3:41:43:d5:c5:12:2d:fb:93:
8d:48:67:f8:38:78:24:01:23:ac:98:8e:61:cf:1e:
b9:c8:3f:d9:b1:1d:f8:c3:97:c9:ae:9d:00:9c:5b:
bc:62:f3:43:53:b9:c3:69:76:2f:87:ae:68:56:c1:
6f:67:e5:27:a8:60:05:9b:92:08:51:3e:ee:e6:37:
ae:21:30:ec:5c:1c:c9:4e:16:e9:fc:7d:0a:6e:98:
85:fd:44:8e:5f:4d:5c:28:78:6e:54:3b:5d:71:ca:
a3:26:52:ed:e5:c8:5b:39:d7:aa:f9:5d:8a:b6:44:
28:ee:02:45:3b:63:bb:18:cf:26:83:04:69:61:0a:
4d:bd:97:16:24:0f:5c:1c:f6:0c:61:9f:8d:c4:9a:
20:47:f7:7d:67:60:7a:36:0b:76:51:65:b4:82:e8:
b2:24:d8:e4:35:15:f8:68:54:64:88:f4:f4:0a:9a:
ce:c1:d2:31:6b:72:63:ad:e6:cc:45:c1:23:1c:bf:
4b:17:b2:5c:eb:35:c3:bd:88:68:6e:d0:01:e0:46:
79:36:86:e4:90:85:d9:01:33:a9:99:d2:4b:ab:34:
a8:d7:fd:c0:76:e0:9a:9d:f4:ae:44:3a:16:a6:1d:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0D:AC:66:E5:A6:65:A7:12:4C:A5:47:19:31:DF:61:86:AA:75:CF
X509v3 Authority Key Identifier:
keyid:E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/3g2sZuWmZacSTKVHGTHfYYaqdc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.140.0/22
185.84.196.0/22
Signature Algorithm: sha256WithRSAEncryption
14:19:0d:99:5b:42:f0:05:7a:d4:09:60:d7:90:be:e4:9e:0b:
9c:3f:f5:97:66:9f:0a:8c:3e:cf:8a:6c:cc:2f:de:d3:4f:6e:
19:bf:00:6e:85:2f:57:68:98:fa:28:d4:7b:6e:8d:72:60:15:
c3:2f:a0:55:ca:0f:91:43:76:3e:a0:43:a0:3f:78:a4:bd:35:
3b:8d:4e:f1:0e:55:fb:e0:59:00:fe:cf:ef:74:cf:ac:b7:21:
0b:b1:56:70:39:c6:d9:99:d0:95:c2:f6:8f:c1:e2:fe:f4:8a:
f8:30:64:03:22:11:9f:14:a2:71:42:58:93:78:49:9d:6d:f9:
d8:6c:21:52:47:d6:bd:0a:11:7d:0e:a6:52:0d:03:f1:fd:67:
26:96:27:9e:97:29:fe:c2:54:41:78:18:85:6f:ec:f3:86:ec:
05:25:9d:75:31:8a:67:50:fd:56:00:7d:cf:64:2e:f4:15:3f:
57:2c:cf:8e:1a:32:17:f8:fb:fd:c5:ce:fc:a3:03:d6:e8:88:
09:0f:f2:52:54:52:8b:d1:47:c9:bc:38:6c:2d:0f:8c:c6:9b:
3a:ba:76:32:33:f5:bf:c6:74:cd:ea:f3:34:f6:2d:54:1c:07:
95:86:cf:1c:97:53:1d:42:a6:5b:aa:83:bd:bc:d6:47:37:88:
20:85:3e:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY15UM9+LzxPjkJNhQaM2QnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzFiMDgwZDRlYTZmZDA2MTZhNmU3MDFjN2M4MTVkNmZm
ODdjMDAwHhcNMjQwMjA1MTI0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBkYWM2NmU1YTY2NWE3MTI0Y2E1NDcxOTMxZGY2MTg2YWE3NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg37SpSzAQxxa5Ql+DvCR3WS3GrT
QUPVxRIt+5ONSGf4OHgkASOsmI5hzx65yD/ZsR34w5fJrp0AnFu8YvNDU7nDaXYv
h65oVsFvZ+UnqGAFm5IIUT7u5jeuITDsXBzJThbp/H0KbpiF/USOX01cKHhuVDtd
ccqjJlLt5chbOdeq+V2KtkQo7gJFO2O7GM8mgwRpYQpNvZcWJA9cHPYMYZ+NxJog
R/d9Z2B6Ngt2UWW0guiyJNjkNRX4aFRkiPT0CprOwdIxa3JjrebMRcEjHL9LF7Jc
6zXDvYhobtAB4EZ5NobkkIXZATOpmdJLqzSo1/3AduCanfSuRDoWph1HQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4NrGblpmWnEkylRxkx32GGqnXPMB8GA1UdIwQY
MBaAFOYxsIDU6m/QYWpucBx8gV1v+HwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWIt
OTNiM2EzNjk2ZDk2LzEvM2cyc1p1V21aYWNTVEtWSEdUSGZZWWFxZGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWItOTNiM2EzNjk2ZDk2
LzEvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbSMAwQC
uVTEMA0GCSqGSIb3DQEBCwUAA4IBAQAUGQ2ZW0LwBXrUCWDXkL7kngucP/WXZp8K
jD7PimzML97TT24ZvwBuhS9XaJj6KNR7bo1yYBXDL6BVyg+RQ3Y+oEOgP3ikvTU7
jU7xDlX74FkA/s/vdM+styELsVZwOcbZmdCVwvaPweL+9Ir4MGQDIhGfFKJxQliT
eEmdbfnYbCFSR9a9ChF9DqZSDQPx/Wcmlieelyn+wlRBeBiFb+zzhuwFJZ11MYpn
UP1WAH3PZC70FT9XLM+OGjIX+Pv9xc78owPW6IgJD/JSVFKL0UfJvDhsLQ+Mxps6
unYyM/W/xnTN6vM09i1UHAeVhs8cl1MdQqZbqoO9vNZHN4gghT5x
-----END CERTIFICATE-----
Generated at Mon Jul 29 17:07:30 2024 by rpki-client on console-ams.rpki-client.org