Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pv1aqf44h2U1WHLZf1W5GU-O7nE.roa
File: pv1aqf44h2U1WHLZf1W5GU-O7nE.roa (raw, json)
Hash identifier: G9M85g3ctjkpj2YEpbKGG7UcD04AvhNZRTDn8glaBr0=
Subject key identifier: A6:FD:5A:A9:FE:38:87:65:35:58:72:D9:7F:55:B9:19:4F:8E:EE:71
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0189CEF1284D9F66707FC3ABD7A585D8E4B1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pv1aqf44h2U1WHLZf1W5GU-O7nE.roa
Signing time: Mon 07 Aug 2023 07:40:58 +0000
ROA not before: Mon 07 Aug 2023 07:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.180.49.0/24 maxlen: 24
5.180.82.0/24 maxlen: 24
5.253.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:f1:28:4d:9f:66:70:7f:c3:ab:d7:a5:85:d8:e4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 7 07:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6fd5aa9fe388765355872d97f55b9194f8eee71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:86:61:38:85:64:a7:5e:dc:1a:6e:5b:6d:
ce:29:ac:24:dd:90:f7:44:cd:50:d8:01:ec:e9:2e:
d9:1b:35:15:4a:fc:a8:13:88:86:ed:74:60:bc:be:
58:b6:2a:51:c0:02:7d:ea:47:d7:4e:20:f9:33:ff:
0d:4b:b6:df:49:fb:93:5e:13:b6:5e:64:af:2b:18:
08:9e:6f:1f:f4:89:0b:8a:27:55:53:7e:b3:3e:72:
6f:58:88:5f:89:ee:e8:72:a5:da:2e:3f:49:f5:9c:
52:9b:10:04:68:f5:67:c1:93:37:98:0f:0c:cb:49:
34:49:d2:7f:e9:95:26:6a:61:34:db:fa:09:6e:25:
8b:2d:42:66:09:6e:8b:25:cd:4e:33:79:ed:9d:90:
17:6a:b3:0a:16:9b:97:62:ad:0c:e9:cf:63:ed:a2:
35:be:1a:87:4b:4f:f2:5f:ee:b1:1a:3b:8d:d9:0b:
b1:5a:4b:88:59:71:ba:af:9f:23:56:27:49:b8:5f:
2a:b0:0f:43:94:fc:8d:08:c2:11:08:5a:76:2e:bb:
c0:1d:29:f5:90:36:8c:b8:5a:03:76:75:a8:fc:8c:
ad:aa:bd:f8:02:0b:fc:31:ca:6a:db:d8:4b:80:34:
29:85:9d:f7:09:18:52:f6:4d:74:c8:9d:43:5a:9f:
d1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FD:5A:A9:FE:38:87:65:35:58:72:D9:7F:55:B9:19:4F:8E:EE:71
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pv1aqf44h2U1WHLZf1W5GU-O7nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.49.0/24
5.180.82.0/24
5.253.46.0/24
Signature Algorithm: sha256WithRSAEncryption
38:3c:5f:65:7d:ab:9d:5b:df:e1:41:54:90:84:9d:0f:3f:2e:
ab:68:66:06:8e:3c:42:af:72:9b:3f:e9:51:ba:0f:4f:51:14:
e4:2f:7d:a4:e5:a6:a7:f0:d2:af:f8:10:e3:ac:aa:70:37:e1:
8c:18:9a:f5:9e:35:73:44:ff:60:fa:35:c9:46:96:86:2b:39:
53:a9:31:e1:c0:4c:c3:3e:6f:5f:d0:ef:36:f1:49:34:94:77:
45:e5:86:cd:ff:7f:5b:e4:da:7f:7d:6e:4d:d4:d8:68:6f:4f:
de:38:64:f7:21:30:1b:9a:2d:71:23:d6:5e:45:66:3c:63:eb:
d1:e7:bb:d5:ff:26:cb:bd:6e:dd:c7:6b:0e:ca:9a:f5:94:78:
fc:d9:1e:7f:76:d3:1a:0d:a0:07:71:59:ad:cb:78:15:e1:c5:
4c:af:a1:51:66:3d:49:bc:50:6c:82:e1:d2:7f:91:1d:f1:8e:
25:be:1e:51:96:19:f2:0c:2a:c2:be:6a:6f:56:71:1a:fd:47:
b0:f3:16:2f:2f:a6:ef:61:cd:70:68:08:a0:27:4b:43:e9:14:
f7:cf:a2:53:82:2d:05:af:e2:b3:d3:2f:ed:9c:76:38:72:14:
e3:9c:0a:d6:d3:13:26:40:54:f5:10:32:83:ff:4b:65:2d:96:
a8:a5:03:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnO8ShNn2Zwf8Or16WF2OSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODA3MDc0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmZkNWFhOWZlMzg4NzY1MzU1ODcyZDk3ZjU1YjkxOTRmOGVlZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrmGYTiFZKde3BpuW23OKawk3ZD3
RM1Q2AHs6S7ZGzUVSvyoE4iG7XRgvL5YtipRwAJ96kfXTiD5M/8NS7bfSfuTXhO2
XmSvKxgInm8f9IkLiidVU36zPnJvWIhfie7ocqXaLj9J9ZxSmxAEaPVnwZM3mA8M
y0k0SdJ/6ZUmamE02/oJbiWLLUJmCW6LJc1OM3ntnZAXarMKFpuXYq0M6c9j7aI1
vhqHS0/yX+6xGjuN2QuxWkuIWXG6r58jVidJuF8qsA9DlPyNCMIRCFp2LrvAHSn1
kDaMuFoDdnWo/Iytqr34Agv8Mcpq29hLgDQphZ33CRhS9k10yJ1DWp/RoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKb9Wqn+OIdlNVhy2X9VuRlPju5xMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcHYxYXFmNDRoMlUxV0hMWmYxVzVHVS1PN25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbQxAwQA
BbRSAwQABf0uMA0GCSqGSIb3DQEBCwUAA4IBAQA4PF9lfaudW9/hQVSQhJ0PPy6r
aGYGjjxCr3KbP+lRug9PURTkL32k5aan8NKv+BDjrKpwN+GMGJr1njVzRP9g+jXJ
RpaGKzlTqTHhwEzDPm9f0O828Uk0lHdF5YbN/39b5Np/fW5N1Nhob0/eOGT3ITAb
mi1xI9ZeRWY8Y+vR57vV/ybLvW7dx2sOypr1lHj82R5/dtMaDaAHcVmty3gV4cVM
r6FRZj1JvFBsguHSf5Ed8Y4lvh5RlhnyDCrCvmpvVnEa/Uew8xYvL6bvYc1waAig
J0tD6RT3z6JTgi0Fr+Kz0y/tnHY4chTjnArW0xMmQFT1EDKD/0tlLZaopQOX
-----END CERTIFICATE-----
Generated at Wed Aug 9 19:37:46 2023 by rpki-client on console-fra.rpki-client.org