Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aaw14HhFOoimqRXK9Heb0gfkzWY.roa
File: aaw14HhFOoimqRXK9Heb0gfkzWY.roa (raw, json)
Hash identifier: 9V62hpFtlerEvt7ypaXIWt3Ez7DlHPv6/kzjcrX/iY0=
Subject key identifier: 69:AC:35:E0:78:45:3A:88:A6:A9:15:CA:F4:77:9B:D2:07:E4:CD:66
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B504C0EEE95C1FE0BBCCB6B7C1BE3
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aaw14HhFOoimqRXK9Heb0gfkzWY.roa
Signing time: Sun 01 Jan 2023 18:15:01 +0000
ROA not before: Sun 01 Jan 2023 18:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 5.180.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:50:4c:0e:ee:95:c1:fe:0b:bc:cb:6b:7c:1b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ac35e078453a88a6a915caf4779bd207e4cd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:ca:d4:e0:5c:3f:7d:4e:31:44:53:45:c4:
ac:cb:33:dc:11:58:26:9a:92:d2:05:4a:32:fb:8b:
6c:12:a3:52:24:8e:e4:5d:b7:7b:65:ef:5b:7b:86:
75:e4:9f:65:f9:d9:65:9d:99:e3:13:5c:86:08:86:
8c:ae:9a:8e:7e:e0:42:9f:f6:e4:11:93:61:a7:9e:
64:44:64:89:7d:fc:ef:14:1e:7b:8f:40:aa:a5:96:
bd:5e:93:cf:12:eb:19:a8:f6:fd:3a:bc:79:5b:bf:
11:58:f0:13:1b:e1:14:d5:0e:ff:8a:27:86:c3:16:
c1:8b:74:7f:6d:77:20:c7:5e:5f:6f:3a:b5:fb:e8:
d9:19:a4:7a:54:5d:b2:4c:16:92:33:7f:80:c3:2e:
17:bd:12:7f:85:02:a7:17:bb:72:c7:15:eb:b4:79:
ab:dc:b7:50:0e:8c:22:42:c8:6a:9d:52:18:70:ab:
47:74:c3:8d:14:57:c6:fb:89:ba:d4:1a:ef:dc:30:
13:8c:af:ec:e0:d3:e2:c3:47:22:7a:23:47:9b:e8:
68:ea:58:3c:36:35:b4:f7:df:42:ec:3e:39:d6:78:
df:39:e6:34:13:a9:4c:ec:52:82:88:30:36:ab:69:
80:b4:87:95:82:c4:35:cd:b4:4c:34:5b:46:6a:2b:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AC:35:E0:78:45:3A:88:A6:A9:15:CA:F4:77:9B:D2:07:E4:CD:66
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aaw14HhFOoimqRXK9Heb0gfkzWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2c:7f:fc:bc:3f:f7:09:50:94:0d:b4:7b:7c:09:be:fc:cf:
af:36:11:bd:a8:3e:cb:4f:8e:7b:02:ab:23:00:55:cd:05:64:
28:fa:d9:75:64:7e:1c:fe:29:9a:ea:df:46:14:85:b3:1a:41:
05:17:d1:94:e5:a4:0e:5a:2f:18:90:f1:e7:2f:e3:a6:0b:73:
c5:cb:d5:83:07:53:ad:32:a5:0f:f8:82:8f:e8:ca:8b:54:d6:
0c:8c:0a:38:8a:c9:1f:77:f6:50:98:4b:1b:da:ed:d7:ff:f4:
6d:ec:dd:68:92:b9:64:c1:21:be:f4:d2:d1:cd:35:65:b3:5b:
88:bf:93:78:03:ad:bd:fc:cd:3c:37:61:d1:00:64:7b:a6:8a:
93:32:9c:ec:b0:75:95:be:90:fe:07:96:d2:02:a6:7d:0b:f4:
ea:e8:e5:e0:ed:1a:14:c8:40:a2:41:8d:c8:30:f4:ad:43:0d:
9f:8a:74:b7:ee:8b:96:d3:4b:cd:31:e6:34:0a:c5:bc:cb:be:
f1:bc:50:dc:f5:53:c7:72:53:9a:9d:86:28:56:a8:50:85:6f:
39:15:f1:32:68:37:17:5a:8c:b4:66:8c:59:91:19:e2:4e:7a:
ec:4a:10:f0:49:52:45:b4:d4:53:7d:55:a8:26:e2:e8:7e:a9:
29:11:b6:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVui1BMDu6Vwf4LvMtrfBvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjMzVlMDc4NDUzYTg4YTZhOTE1Y2FmNDc3OWJkMjA3ZTRjZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5PK1OBcP31OMURTRcSsyzPcEVgm
mpLSBUoy+4tsEqNSJI7kXbd7Ze9be4Z15J9l+dllnZnjE1yGCIaMrpqOfuBCn/bk
EZNhp55kRGSJffzvFB57j0CqpZa9XpPPEusZqPb9Orx5W78RWPATG+EU1Q7/iieG
wxbBi3R/bXcgx15fbzq1++jZGaR6VF2yTBaSM3+Awy4XvRJ/hQKnF7tyxxXrtHmr
3LdQDowiQshqnVIYcKtHdMONFFfG+4m61Brv3DATjK/s4NPiw0cieiNHm+ho6lg8
NjW0999C7D451njfOeY0E6lM7FKCiDA2q2mAtIeVgsQ1zbRMNFtGaiscDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmsNeB4RTqIpqkVyvR3m9IH5M1mMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYWF3MTRIaEZPb2ltcVJYSzlIZWIwZ2ZreldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCMLH/8vD/3CVCUDbR7fAm+/M+vNhG9qD7LT457Aqsj
AFXNBWQo+tl1ZH4c/ima6t9GFIWzGkEFF9GU5aQOWi8YkPHnL+OmC3PFy9WDB1Ot
MqUP+IKP6MqLVNYMjAo4iskfd/ZQmEsb2u3X//Rt7N1okrlkwSG+9NLRzTVls1uI
v5N4A629/M08N2HRAGR7poqTMpzssHWVvpD+B5bSAqZ9C/Tq6OXg7RoUyECiQY3I
MPStQw2finS37ouW00vNMeY0CsW8y77xvFDc9VPHclOanYYoVqhQhW85FfEyaDcX
Woy0ZoxZkRniTnrsShDwSVJFtNRTfVWoJuLofqkpEbak
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org