Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/7D4lDvBhseh9WCy1TvPUv4zNCps.roa
File: 7D4lDvBhseh9WCy1TvPUv4zNCps.roa (raw, json)
Hash identifier: 3QgSMBdMTKSGO+a9dWmgHY8y4fd9ljlRC2gbVQRyJp8=
Subject key identifier: EC:3E:25:0E:F0:61:B1:E8:7D:58:2C:B5:4E:F3:D4:BF:8C:CD:0A:9B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018C7348E53B34488A54DBF28C33352A14B7
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/7D4lDvBhseh9WCy1TvPUv4zNCps.roa
Signing time: Sat 16 Dec 2023 15:40:06 +0000
ROA not before: Sat 16 Dec 2023 15:40:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.180.234.0/24 maxlen: 24
5.180.33.0/24 maxlen: 24
5.180.34.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:48:e5:3b:34:48:8a:54:db:f2:8c:33:35:2a:14:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 16 15:40:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec3e250ef061b1e87d582cb54ef3d4bf8ccd0a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:5a:38:5f:6b:08:fb:3e:dc:05:c8:a2:65:36:
56:4a:c1:78:d6:74:04:93:d0:67:2b:a6:3f:0a:7f:
7d:4e:aa:34:e4:0c:ca:1e:e6:92:be:ee:13:8b:1e:
48:66:f2:8c:eb:bc:be:03:7b:67:1c:68:29:29:53:
a1:98:6e:6c:af:00:d5:fa:9c:ce:95:2e:79:7d:9a:
cb:88:8b:51:a7:21:a7:c5:fa:72:86:d7:ee:8c:f0:
9a:54:3d:e4:fa:7f:cf:93:b5:7c:07:fa:ab:61:28:
fb:8d:ff:67:5d:18:0f:52:a1:8e:a4:0e:dd:59:5f:
cd:2b:a0:2f:87:f1:85:9e:54:6e:b5:ae:86:31:9e:
51:93:34:ff:1b:c0:b7:84:3c:e1:4a:01:c6:43:b8:
58:3f:da:5f:35:b5:be:c1:81:cc:ec:fe:a1:b9:3f:
83:b6:92:74:ab:35:cf:9e:87:ea:7f:5f:86:9c:b6:
7f:00:49:7b:0c:c1:10:58:5b:ae:fa:5b:ac:00:11:
78:39:7c:1c:d1:0f:f4:4e:18:67:b5:41:dc:63:b5:
91:9b:56:9d:6c:e3:d3:34:64:73:d0:ab:cd:f1:71:
42:c7:be:e2:57:e1:67:bc:3f:5a:db:05:61:24:a1:
83:1b:43:00:79:8d:13:ea:0d:4e:8e:3a:47:45:86:
58:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3E:25:0E:F0:61:B1:E8:7D:58:2C:B5:4E:F3:D4:BF:8C:CD:0A:9B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/7D4lDvBhseh9WCy1TvPUv4zNCps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.33.0-5.180.34.255
5.180.48.0/24
5.180.234.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:02:01:b5:31:cb:82:33:94:4d:9d:41:f5:6d:39:2d:c1:eb:
03:ca:b8:1f:54:ae:a0:03:cf:35:e4:8d:a2:3d:12:11:67:a2:
4a:c4:1b:08:72:50:40:d1:6f:40:de:a0:af:00:f9:07:23:18:
96:d4:94:22:d0:68:71:79:3b:e5:9c:8f:16:32:a7:de:cf:85:
d9:1a:e0:64:cc:8c:66:d6:de:cc:1c:ee:92:b3:02:92:4d:a6:
89:30:1c:ef:75:a0:75:06:8c:ca:f3:67:86:c3:3e:92:21:7a:
a9:0d:86:c7:d0:34:ad:f8:f0:6e:d2:c1:83:aa:3a:32:85:0c:
18:fe:35:83:6c:3b:4c:07:09:f9:b3:e0:ca:70:8f:02:12:28:
87:c6:4a:68:18:0b:97:79:67:b9:32:fa:5c:db:c4:4a:c3:a6:
06:45:fe:e5:7c:a3:2f:99:c0:d6:64:cb:f9:ee:c3:56:f7:d5:
94:01:a0:31:74:1e:6a:ce:e7:27:cd:e5:15:18:e8:35:c5:6f:
4d:7d:1f:7d:3f:47:90:78:80:6a:c6:75:c3:b6:47:ec:86:27:
0f:2d:1c:f8:c4:2c:c2:ab:ee:df:7e:43:b3:82:eb:66:81:1c:
20:92:e1:5f:d9:20:68:4a:87:3d:35:1f:36:51:41:8a:dd:42:
70:36:fe:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxzSOU7NEiKVNvyjDM1KhS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE2MTU0MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNlMjUwZWYwNjFiMWU4N2Q1ODJjYjU0ZWYzZDRiZjhjY2QwYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Vo4X2sI+z7cBciiZTZWSsF41nQE
k9BnK6Y/Cn99Tqo05AzKHuaSvu4Tix5IZvKM67y+A3tnHGgpKVOhmG5srwDV+pzO
lS55fZrLiItRpyGnxfpyhtfujPCaVD3k+n/Pk7V8B/qrYSj7jf9nXRgPUqGOpA7d
WV/NK6Avh/GFnlRuta6GMZ5RkzT/G8C3hDzhSgHGQ7hYP9pfNbW+wYHM7P6huT+D
tpJ0qzXPnofqf1+GnLZ/AEl7DMEQWFuu+lusABF4OXwc0Q/0ThhntUHcY7WRm1ad
bOPTNGRz0KvN8XFCx77iV+FnvD9a2wVhJKGDG0MAeY0T6g1OjjpHRYZY/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOw+JQ7wYbHofVgstU7z1L+MzQqbMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvN0Q0bER2QmhzZWg5V0N5MVR2UFV2NHpOQ3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFtCED
BAAFtCIDBAAFtDADBAAFtOowDQYJKoZIhvcNAQELBQADggEBAE8CAbUxy4IzlE2d
QfVtOS3B6wPKuB9UrqADzzXkjaI9EhFnokrEGwhyUEDRb0DeoK8A+QcjGJbUlCLQ
aHF5O+WcjxYyp97Phdka4GTMjGbW3swc7pKzApJNpokwHO91oHUGjMrzZ4bDPpIh
eqkNhsfQNK348G7SwYOqOjKFDBj+NYNsO0wHCfmz4MpwjwISKIfGSmgYC5d5Z7ky
+lzbxErDpgZF/uV8oy+ZwNZky/nuw1b31ZQBoDF0HmrO5yfN5RUY6DXFb019H30/
R5B4gGrGdcO2R+yGJw8tHPjELMKr7t9+Q7OC62aBHCCS4V/ZIGhKhz01HzZRQYrd
QnA2/hw=
-----END CERTIFICATE-----
Generated at Sat Dec 16 17:39:59 2023 by rpki-client on console-fra.rpki-client.org