Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y2SUBTdXoEKLqTCPnUlohwrd80w.roa
File: y2SUBTdXoEKLqTCPnUlohwrd80w.roa (raw, json)
Hash identifier: EFMw0wNF+qYzkkmJJBfvkEWMmdEhFzmxyWu1Q1j71s0=
Subject key identifier: CB:64:94:05:37:57:A0:42:8B:A9:30:8F:9D:49:68:87:0A:DD:F3:4C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B524A449271CF32097ADDC66BB717
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y2SUBTdXoEKLqTCPnUlohwrd80w.roa
Signing time: Sun 01 Jan 2023 18:15:02 +0000
ROA not before: Sun 01 Jan 2023 18:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210574
IP address blocks: 5.180.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:52:4a:44:92:71:cf:32:09:7a:dd:c6:6b:b7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb6494053757a0428ba9308f9d4968870addf34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1a:17:32:ce:c1:d0:b4:dd:be:00:95:1c:59:
3c:da:24:b7:67:92:57:9b:4d:05:21:36:33:7a:74:
5d:e1:9d:25:d7:be:89:83:29:96:04:67:bd:d1:bc:
4e:e8:72:1f:f8:64:c9:e1:37:1d:09:ed:d9:b0:db:
47:51:8d:60:9c:77:ea:8d:61:eb:eb:e1:9e:b9:2f:
0f:c7:af:5d:43:8c:07:4e:2a:b8:5f:35:78:91:27:
9c:f2:af:f2:01:ab:67:73:86:c9:8c:2e:71:54:c9:
14:9b:76:43:27:13:fd:66:49:ae:73:b9:89:f6:54:
78:07:70:14:ff:82:76:65:1e:69:9d:83:1e:de:fd:
e8:1e:3e:3f:ef:1c:ff:1b:7e:b6:11:d0:c7:b0:af:
0d:d8:ec:09:a0:61:ca:62:2d:1f:bc:b8:0f:39:37:
5f:3a:5a:21:55:89:8e:7a:47:28:39:a5:fc:d5:4d:
ae:e5:d5:02:a9:1f:71:f9:81:0e:9f:01:b1:19:d6:
34:ba:49:5b:89:b3:d2:58:a9:39:2f:59:8f:21:93:
dd:22:58:23:5c:c3:9b:bb:c2:c3:cd:85:8c:48:04:
8e:a7:ee:2b:a7:5e:55:65:77:8d:bf:b1:29:3c:c0:
14:5f:d3:83:54:73:fe:ed:d9:f1:2b:d3:81:75:73:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:64:94:05:37:57:A0:42:8B:A9:30:8F:9D:49:68:87:0A:DD:F3:4C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y2SUBTdXoEKLqTCPnUlohwrd80w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.81.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:6c:1c:ef:c4:1e:2b:37:15:62:b4:9b:0e:c3:27:3d:b5:37:
69:e1:0f:d2:e1:b0:48:a4:88:bd:91:3e:85:81:9d:34:ad:1f:
8a:88:87:50:10:e1:b9:95:e9:10:be:83:b6:4b:91:cd:6d:95:
b6:a8:42:35:3d:6a:e5:e5:dd:4f:ff:b0:0a:0e:08:de:9f:91:
2b:7b:a0:f5:e7:db:76:4b:89:2e:ca:ee:6e:8d:4f:1a:80:f4:
47:47:04:05:87:f9:d0:d4:83:ef:83:5e:85:77:bc:ca:cc:e9:
80:23:bb:82:77:1a:2d:92:b9:bf:e6:6a:0d:74:6f:74:f6:00:
92:de:a4:ba:98:40:80:fd:6e:03:56:f9:db:a8:dd:a5:72:97:
18:9a:49:99:3d:80:bd:c9:ce:50:20:9f:b8:52:52:5a:50:13:
8e:49:b6:43:ae:36:65:f8:a7:a0:42:64:49:b1:46:19:8f:ae:
31:eb:9e:c2:f2:06:cb:a5:bd:ae:a4:90:90:21:20:29:da:ab:
b3:1f:79:9a:c5:c9:5b:e6:31:28:10:9e:c9:8b:6d:01:48:b3:
bb:c1:f7:9f:13:d0:b7:be:53:7b:5c:99:81:22:d8:e7:ad:3b:
46:ba:83:6d:46:fd:15:51:61:28:53:6d:22:c5:4f:5d:36:62:
bc:87:1d:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVui1JKRJJxzzIJet3Ga7cXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY0OTQwNTM3NTdhMDQyOGJhOTMwOGY5ZDQ5Njg4NzBhZGRmMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhoXMs7B0LTdvgCVHFk82iS3Z5JX
m00FITYzenRd4Z0l176JgymWBGe90bxO6HIf+GTJ4TcdCe3ZsNtHUY1gnHfqjWHr
6+GeuS8Px69dQ4wHTiq4XzV4kSec8q/yAatnc4bJjC5xVMkUm3ZDJxP9Zkmuc7mJ
9lR4B3AU/4J2ZR5pnYMe3v3oHj4/7xz/G362EdDHsK8N2OwJoGHKYi0fvLgPOTdf
OlohVYmOekcoOaX81U2u5dUCqR9x+YEOnwGxGdY0uklbibPSWKk5L1mPIZPdIlgj
XMObu8LDzYWMSASOp+4rp15VZXeNv7EpPMAUX9ODVHP+7dnxK9OBdXPKEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtklAU3V6BCi6kwj51JaIcK3fNMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveTJTVUJUZFhvRUtMcVRDUG5VbG9od3JkODB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbRRMA0G
CSqGSIb3DQEBCwUAA4IBAQBabBzvxB4rNxVitJsOwyc9tTdp4Q/S4bBIpIi9kT6F
gZ00rR+KiIdQEOG5lekQvoO2S5HNbZW2qEI1PWrl5d1P/7AKDgjen5Ere6D159t2
S4kuyu5ujU8agPRHRwQFh/nQ1IPvg16Fd7zKzOmAI7uCdxotkrm/5moNdG909gCS
3qS6mECA/W4DVvnbqN2lcpcYmkmZPYC9yc5QIJ+4UlJaUBOOSbZDrjZl+KegQmRJ
sUYZj64x657C8gbLpb2upJCQISAp2quzH3maxclb5jEoEJ7Ji20BSLO7wfefE9C3
vlN7XJmBItjnrTtGuoNtRv0VUWEoU20ixU9dNmK8hx3a
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org