Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8hDrM3AsZVKmGZtaeExEyJL7YU0.roa
File: 8hDrM3AsZVKmGZtaeExEyJL7YU0.roa (raw, json)
Hash identifier: 6XXyidJi4HriISmItNj9iPxgQRGxfNcVL6NFGWnJTsk=
Subject key identifier: F2:10:EB:33:70:2C:65:52:A6:19:9B:5A:78:4C:44:C8:92:FB:61:4D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0187DE98691A2BFD718630E4CEA093237352
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8hDrM3AsZVKmGZtaeExEyJL7YU0.roa
Signing time: Tue 02 May 2023 22:32:23 +0000
ROA not before: Tue 02 May 2023 22:32:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.180.233.0/24 maxlen: 24
5.180.234.0/24 maxlen: 24
5.253.38.0/24 maxlen: 24
45.9.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 09:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:de:98:69:1a:2b:fd:71:86:30:e4:ce:a0:93:23:73:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 2 22:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f210eb33702c6552a6199b5a784c44c892fb614d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:90:88:4e:0a:f8:fc:dc:cc:4b:7d:46:5e:f8:
22:82:64:03:c5:69:c0:15:5c:dd:82:c9:c0:3a:b3:
cf:dd:2b:eb:90:83:48:7d:2e:93:6e:b4:4c:ca:55:
87:5d:8b:a8:cd:96:d2:18:09:b7:e7:87:62:a9:cc:
89:2c:0b:b1:7a:c5:d2:65:b2:4b:5c:22:b9:58:b0:
45:9a:5f:b9:07:f1:91:c6:0f:65:dc:4f:83:34:17:
39:0e:3b:ea:f3:7f:36:a5:f3:c7:e3:b6:b9:b5:bd:
4e:36:d3:46:08:7f:0a:1a:71:d4:42:63:cd:56:ba:
b2:a7:6f:dc:0c:38:d1:28:ff:62:57:d6:16:9b:68:
21:9f:cf:76:4a:bd:1a:be:5e:2e:64:97:28:72:a8:
60:e8:43:25:a4:08:dd:8e:8c:c4:0b:1e:90:5b:63:
38:b6:13:d3:de:b0:51:ae:08:02:f5:54:bd:7e:60:
67:8c:72:82:26:92:2d:a7:21:1d:d7:40:90:f5:43:
3d:d0:ee:ea:40:ee:e7:41:01:ca:9b:e5:89:f3:d2:
95:28:14:f9:c2:96:d2:4e:a4:9f:95:44:d3:63:42:
cc:fb:09:30:8e:19:bf:eb:e9:8f:81:ea:ad:2d:6d:
27:4e:ef:fc:a1:70:8d:22:61:95:94:8a:ee:ca:95:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:10:EB:33:70:2C:65:52:A6:19:9B:5A:78:4C:44:C8:92:FB:61:4D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8hDrM3AsZVKmGZtaeExEyJL7YU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.233.0-5.180.234.255
5.253.38.0/24
45.9.2.0/24
Signature Algorithm: sha256WithRSAEncryption
31:58:2a:ab:a2:d0:df:de:cf:9d:05:87:96:bf:1a:0a:06:63:
e9:29:6c:d4:3e:05:72:a6:1d:c8:93:e6:18:be:7c:43:74:81:
d1:d3:6a:87:dc:6f:23:e8:59:7c:2a:96:82:ed:0c:ee:ac:0e:
18:67:28:22:f5:47:63:95:22:88:55:08:74:58:d3:27:e0:fb:
90:b7:14:c3:9a:9c:29:10:94:94:3c:32:0d:e1:9f:e1:62:1c:
4e:62:17:6f:f5:95:09:cf:00:12:1a:27:8a:65:74:ed:c5:28:
a5:ca:a7:f0:cf:bc:e9:b0:c8:9c:c5:a0:5d:f8:65:fa:10:15:
8f:bf:50:42:d5:a9:50:13:af:7c:1b:70:d0:35:23:6f:78:27:
08:6b:9b:ce:68:33:37:69:2a:20:e3:f8:03:c6:c5:48:6a:96:
17:09:2a:fc:21:4a:6b:3e:61:7a:f7:52:ab:2d:e7:d4:af:46:
9a:27:54:33:6e:9e:2d:a6:76:de:fa:57:27:d9:c1:3e:a5:e4:
e9:70:44:a8:5b:a9:c4:08:2f:ff:ed:75:cb:67:14:63:22:c8:
e7:0a:50:37:18:31:f7:80:af:2b:89:55:1a:78:85:01:22:6f:
8e:2b:99:d3:21:7f:b6:fd:57:da:c4:9d:9a:35:9e:63:f5:d9:
b0:ff:35:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYfemGkaK/1xhjDkzqCTI3NSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNTAyMjIzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjEwZWIzMzcwMmM2NTUyYTYxOTliNWE3ODRjNDRjODkyZmI2MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JCITgr4/NzMS31GXvgigmQDxWnA
FVzdgsnAOrPP3SvrkINIfS6TbrRMylWHXYuozZbSGAm354diqcyJLAuxesXSZbJL
XCK5WLBFml+5B/GRxg9l3E+DNBc5Djvq8382pfPH47a5tb1ONtNGCH8KGnHUQmPN
Vrqyp2/cDDjRKP9iV9YWm2ghn892Sr0avl4uZJcocqhg6EMlpAjdjozECx6QW2M4
thPT3rBRrggC9VS9fmBnjHKCJpItpyEd10CQ9UM90O7qQO7nQQHKm+WJ89KVKBT5
wpbSTqSflUTTY0LM+wkwjhm/6+mPgeqtLW0nTu/8oXCNImGVlIruypX7kwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPIQ6zNwLGVSphmbWnhMRMiS+2FNMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvOGhEck0zQXNaVkttR1p0YWVFeEV5Skw3WVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFtOkD
BAAFtOoDBAAF/SYDBAAtCQIwDQYJKoZIhvcNAQELBQADggEBADFYKqui0N/ez50F
h5a/GgoGY+kpbNQ+BXKmHciT5hi+fEN0gdHTaofcbyPoWXwqloLtDO6sDhhnKCL1
R2OVIohVCHRY0yfg+5C3FMOanCkQlJQ8Mg3hn+FiHE5iF2/1lQnPABIaJ4pldO3F
KKXKp/DPvOmwyJzFoF34ZfoQFY+/UELVqVATr3wbcNA1I294Jwhrm85oMzdpKiDj
+APGxUhqlhcJKvwhSms+YXr3Uqst59SvRponVDNuni2mdt76VyfZwT6l5OlwRKhb
qcQIL//tdctnFGMiyOcKUDcYMfeAryuJVRp4hQEib44rmdMhf7b9V9rEnZo1nmP1
2bD/NeE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org