Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/iS2i9zrReT83Rl04sPU2ry9mspI.roa
File: iS2i9zrReT83Rl04sPU2ry9mspI.roa (raw, json)
Hash identifier: jPW1et5b415L7XUX392hjbxggpuPnG6dSkQNwSX9Gyc=
Subject key identifier: 89:2D:A2:F7:3A:D1:79:3F:37:46:5D:38:B0:F5:36:AF:2F:66:B2:92
Certificate issuer: /CN=219885ea020e65006314ee9480def3b3efc039e3
Certificate serial: 01856C1C7B6C5D255E84A1829C9E6C60F978
Authority key identifier: 21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/iS2i9zrReT83Rl04sPU2ry9mspI.roa
Signing time: Sun 01 Jan 2023 06:54:43 +0000
ROA not before: Sun 01 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 5.180.184.0/24 maxlen: 24
5.180.185.0/24 maxlen: 24
5.180.186.0/24 maxlen: 24
5.180.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:7b:6c:5d:25:5e:84:a1:82:9c:9e:6c:60:f9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219885ea020e65006314ee9480def3b3efc039e3
Validity
Not Before: Jan 1 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=892da2f73ad1793f37465d38b0f536af2f66b292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1d:58:b8:30:6a:b9:5d:21:f8:ea:1f:99:bc:
50:68:e2:f8:da:16:e8:fb:2e:52:a0:e2:38:37:cb:
bf:6f:33:89:14:2b:38:a3:ed:9f:94:21:a5:28:46:
46:13:16:03:e9:be:a5:8f:51:a2:10:39:4f:c1:2f:
3f:40:33:6e:f8:7e:90:87:f6:28:98:f2:77:24:7e:
85:d2:fd:4e:d6:3f:1b:1a:3a:08:e1:e7:5c:33:ae:
a2:2c:bc:c5:37:94:a5:c3:26:f4:ea:83:c1:f7:27:
22:e8:b3:06:37:5a:b2:91:40:0b:fe:86:76:74:99:
5b:22:d8:67:20:17:3d:0e:0c:be:1d:51:7e:22:d6:
56:c2:6f:d0:4f:7e:a8:19:5e:76:4f:a2:99:3b:ac:
1b:7f:db:e2:7e:76:d1:74:aa:50:33:44:da:42:49:
37:b1:de:79:4a:ab:1a:2d:11:5d:0e:b0:b1:ee:5a:
53:8f:2a:ea:17:95:1f:08:48:5f:d3:7f:d3:63:98:
2b:e0:1c:a6:27:fc:fc:88:0e:b8:81:66:07:95:b6:
20:69:fe:65:42:67:54:b7:b4:3a:f0:28:99:df:ae:
61:d9:72:ff:69:18:43:0a:99:d7:f4:f4:89:c7:de:
29:9b:b3:f7:ca:22:5c:a3:40:9f:d4:84:44:7d:5d:
45:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2D:A2:F7:3A:D1:79:3F:37:46:5D:38:B0:F5:36:AF:2F:66:B2:92
X509v3 Authority Key Identifier:
keyid:21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/iS2i9zrReT83Rl04sPU2ry9mspI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/IZiF6gIOZQBjFO6UgN7zs-_AOeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:4b:f0:9e:e8:f4:88:c9:c5:cf:80:23:f4:96:b7:ce:76:d3:
eb:ec:ec:80:8c:2a:cb:60:bc:cd:49:8a:9f:58:d0:fe:8d:72:
f9:18:a3:78:5a:39:03:b0:29:83:79:25:ae:80:a7:c3:2d:94:
6b:4b:e2:d7:12:ce:c7:52:cb:db:4a:25:4a:88:15:53:e3:ef:
94:33:e3:7e:da:b5:88:cd:40:25:9c:63:ae:8d:36:25:69:09:
40:aa:fc:51:af:ee:d7:16:da:1e:f5:22:f4:d8:ff:56:53:bf:
47:09:9f:16:80:8a:b8:41:a1:f2:8b:1f:8b:44:a4:37:5a:45:
5b:e1:2a:76:d8:eb:ce:99:c1:61:41:4c:d7:d4:a2:b0:29:b2:
40:a8:33:3e:a1:ec:9d:a7:f8:c9:ed:bf:41:a5:6f:d9:eb:31:
c1:ae:fe:b1:e2:9d:0f:5b:73:6d:75:0c:41:78:90:ee:07:c4:
fc:93:00:56:c1:ba:81:43:b7:31:8a:2b:7a:2b:95:da:c5:3b:
a3:5f:0c:d7:28:5a:90:c8:fa:b6:62:6a:8e:ad:09:c2:b5:4f:
dc:97:86:69:1e:d1:57:b9:af:2d:20:bf:ed:e8:25:79:39:7c:
fd:06:d4:d6:f9:3e:86:1c:5b:2b:8c:79:f5:94:9e:0f:55:a8:
20:7e:a6:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHHtsXSVehKGCnJ5sYPl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOTg4NWVhMDIwZTY1MDA2MzE0ZWU5NDgwZGVmM2IzZWZj
MDM5ZTMwHhcNMjMwMTAxMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTJkYTJmNzNhZDE3OTNmMzc0NjVkMzhiMGY1MzZhZjJmNjZiMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx1YuDBquV0h+OofmbxQaOL42hbo
+y5SoOI4N8u/bzOJFCs4o+2flCGlKEZGExYD6b6lj1GiEDlPwS8/QDNu+H6Qh/Yo
mPJ3JH6F0v1O1j8bGjoI4edcM66iLLzFN5Slwyb06oPB9yci6LMGN1qykUAL/oZ2
dJlbIthnIBc9Dgy+HVF+ItZWwm/QT36oGV52T6KZO6wbf9vifnbRdKpQM0TaQkk3
sd55SqsaLRFdDrCx7lpTjyrqF5UfCEhf03/TY5gr4BymJ/z8iA64gWYHlbYgaf5l
QmdUt7Q68CiZ365h2XL/aRhDCpnX9PSJx94pm7P3yiJco0Cf1IREfV1FOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIktovc60Xk/N0ZdOLD1Nq8vZrKSMB8GA1UdIwQY
MBaAFCGYheoCDmUAYxTulIDe87PvwDnjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVppRjZnSU9aUUJqRk82VWdON3pzLV9BT2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZTA0YWMtYTE5MC00ODA0LTkxM2Mt
ZmZjMDI1ODMxZjRmLzEvaVMyaTl6clJlVDgzUmwwNHNQVTJyeTltc3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZTA0YWMtYTE5MC00ODA0LTkxM2MtZmZjMDI1ODMxZjRm
LzEvSVppRjZnSU9aUUJqRk82VWdON3pzLV9BT2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbS4MA0G
CSqGSIb3DQEBCwUAA4IBAQAsS/Ce6PSIycXPgCP0lrfOdtPr7OyAjCrLYLzNSYqf
WND+jXL5GKN4WjkDsCmDeSWugKfDLZRrS+LXEs7HUsvbSiVKiBVT4++UM+N+2rWI
zUAlnGOujTYlaQlAqvxRr+7XFtoe9SL02P9WU79HCZ8WgIq4QaHyix+LRKQ3WkVb
4Sp22OvOmcFhQUzX1KKwKbJAqDM+oeydp/jJ7b9BpW/Z6zHBrv6x4p0PW3NtdQxB
eJDuB8T8kwBWwbqBQ7cxiit6K5XaxTujXwzXKFqQyPq2YmqOrQnCtU/cl4ZpHtFX
ua8tIL/t6CV5OXz9BtTW+T6GHFsrjHn1lJ4PVaggfqYx
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:52 2024 by rpki-client on console-ams.rpki-client.org