Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nnT2oMpRgGi_3x3dQjR_HGRGgXE.roa
File: nnT2oMpRgGi_3x3dQjR_HGRGgXE.roa (raw, json)
Hash identifier: bk31khuzN35eQQZ2tscGlBLfIbP3mrERYJYdiSjc0IU=
Subject key identifier: 9E:74:F6:A0:CA:51:80:68:BF:DF:1D:DD:42:34:7F:1C:64:46:81:71
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018C7994E15771E62402CE2CAC1F6AB962A9
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nnT2oMpRgGi_3x3dQjR_HGRGgXE.roa
Signing time: Sun 17 Dec 2023 21:00:49 +0000
ROA not before: Sun 17 Dec 2023 21:00:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200131
IP address blocks: 5.180.33.0/24 maxlen: 24
45.8.200.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:94:e1:57:71:e6:24:02:ce:2c:ac:1f:6a:b9:62:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 17 21:00:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e74f6a0ca518068bfdf1ddd42347f1c64468171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8b:df:20:65:15:2f:9d:10:7f:ff:08:da:c4:
04:ad:c1:22:56:8a:a6:8b:a3:e2:3f:b5:36:ca:ce:
e0:18:1f:b4:ee:34:4d:dc:ec:87:d5:32:b3:a2:1b:
fd:89:87:bd:3c:a1:f6:5b:58:ef:bd:43:27:1f:6c:
58:fe:7d:ae:8a:59:9d:34:96:a9:28:f5:27:60:34:
32:88:0d:be:9f:c5:34:06:30:a6:ea:f2:78:ff:6c:
8e:90:ac:83:5e:64:e8:5c:8d:3c:1e:c0:7e:a3:ec:
8a:c3:d4:5b:9c:e6:75:b2:16:c8:a4:56:56:86:a3:
60:71:5e:04:85:30:20:0b:12:26:0b:e2:49:b6:d5:
be:59:e5:0b:be:63:42:8a:aa:0d:a0:0e:3e:a5:41:
ee:02:a4:02:9a:c3:32:00:44:64:a3:ef:e2:ed:ce:
c5:f7:c8:6a:1a:74:ad:ce:15:52:f7:48:0e:d0:80:
29:54:0c:79:03:42:b6:13:fb:ac:77:c1:4c:b6:d1:
8d:84:c6:b1:79:b4:a8:6b:83:1a:4f:42:6b:40:c1:
0e:37:13:cb:92:ff:46:9c:80:83:24:fc:c0:f5:19:
af:21:16:d3:dc:ba:16:d9:1a:72:23:9e:fa:be:18:
76:54:f4:92:a0:56:56:3e:75:2f:95:c3:0c:fc:1c:
9a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:74:F6:A0:CA:51:80:68:BF:DF:1D:DD:42:34:7F:1C:64:46:81:71
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nnT2oMpRgGi_3x3dQjR_HGRGgXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.33.0/24
5.180.48.0/24
45.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
12:33:54:c2:ca:18:95:6f:e4:39:43:2d:3c:ab:5d:a2:c3:bb:
3b:87:10:5d:8c:83:a0:0e:22:2e:2e:f9:be:b1:be:de:27:ca:
80:36:c1:8e:3a:b7:51:47:7c:bd:f3:0d:c7:43:df:81:00:71:
7c:b8:09:69:e8:d0:f4:c3:f5:a3:c3:24:2d:ea:36:b7:1c:7e:
a5:4d:0d:7c:63:ee:dc:93:9a:6f:bd:2d:7f:29:e4:78:a7:54:
2b:7f:fb:78:63:94:24:61:a7:ae:56:f6:cf:f7:e5:e0:a0:39:
17:4d:41:81:20:a6:3e:c6:6c:fc:a7:ee:8d:c4:c9:2e:3a:f8:
5a:d6:e1:ae:ba:0c:56:90:3a:11:11:93:d2:da:c7:9b:5e:72:
96:6e:ab:15:2f:c1:1a:c6:0c:fa:0a:c0:70:03:4d:90:d2:f7:
d8:ef:2f:e2:c3:b2:86:8d:c4:80:bd:9d:09:f0:7b:c4:ae:b7:
32:03:ee:36:e4:fc:5d:67:40:1c:eb:0e:fb:ca:e7:28:3c:fd:
f0:85:1d:6b:7e:4f:f3:8b:f6:ca:83:7a:29:f2:7a:37:55:af:
7b:2b:d4:d0:26:51:fe:c2:97:f1:7d:56:39:10:ca:e7:99:1c:
ea:7f:ec:56:b2:8c:6c:5c:2c:95:8d:79:52:df:af:12:89:4c:
86:e9:c3:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx5lOFXceYkAs4srB9quWKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE3MjEwMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc0ZjZhMGNhNTE4MDY4YmZkZjFkZGQ0MjM0N2YxYzY0NDY4MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIvfIGUVL50Qf/8I2sQErcEiVoqm
i6PiP7U2ys7gGB+07jRN3OyH1TKzohv9iYe9PKH2W1jvvUMnH2xY/n2uilmdNJap
KPUnYDQyiA2+n8U0BjCm6vJ4/2yOkKyDXmToXI08HsB+o+yKw9RbnOZ1shbIpFZW
hqNgcV4EhTAgCxImC+JJttW+WeULvmNCiqoNoA4+pUHuAqQCmsMyAERko+/i7c7F
98hqGnStzhVS90gO0IApVAx5A0K2E/usd8FMttGNhMaxebSoa4MaT0JrQMEONxPL
kv9GnICDJPzA9RmvIRbT3LoW2RpyI576vhh2VPSSoFZWPnUvlcMM/Bya0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ509qDKUYBov98d3UI0fxxkRoFxMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbm5UMm9NcFJnR2lfM3gzZFFqUl9IR1JHZ1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbQhAwQA
BbQwAwQALQjIMA0GCSqGSIb3DQEBCwUAA4IBAQASM1TCyhiVb+Q5Qy08q12iw7s7
hxBdjIOgDiIuLvm+sb7eJ8qANsGOOrdRR3y98w3HQ9+BAHF8uAlp6ND0w/WjwyQt
6ja3HH6lTQ18Y+7ck5pvvS1/KeR4p1Qrf/t4Y5QkYaeuVvbP9+XgoDkXTUGBIKY+
xmz8p+6NxMkuOvha1uGuugxWkDoREZPS2sebXnKWbqsVL8Eaxgz6CsBwA02Q0vfY
7y/iw7KGjcSAvZ0J8HvErrcyA+425PxdZ0Ac6w77yucoPP3whR1rfk/zi/bKg3op
8no3Va97K9TQJlH+wpfxfVY5EMrnmRzqf+xWsoxsXCyVjXlS368SiUyG6cO6
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org