Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2MNB-1b8JXxvHmBNxrN5gXYe4G4.roa
File: 2MNB-1b8JXxvHmBNxrN5gXYe4G4.roa (raw, json)
Hash identifier: 5J1aH3zLH6ZDHBewFhOjJBzpuFwAvbrdvx6V6OPQ0zI=
Subject key identifier: D8:C3:41:FB:56:FC:25:7C:6F:1E:60:4D:C6:B3:79:81:76:1E:E0:6E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 018EF77CF7A7B948BF87C0923248BEFFD892
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2MNB-1b8JXxvHmBNxrN5gXYe4G4.roa
Signing time: Fri 19 Apr 2024 17:52:25 +0000
ROA not before: Fri 19 Apr 2024 17:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 5.181.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 04:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f7:7c:f7:a7:b9:48:bf:87:c0:92:32:48:be:ff:d8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 19 17:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8c341fb56fc257c6f1e604dc6b37981761ee06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7b:48:b8:f6:80:e8:19:bf:ba:20:bc:28:b3:
4d:e6:f7:04:a0:f3:a1:e7:b8:05:73:5d:12:66:44:
09:8a:d4:bb:b8:c4:4c:66:ab:f3:69:59:66:3c:f4:
33:23:80:ba:1a:06:b3:48:9f:c9:77:49:f3:56:5a:
83:b6:2e:76:19:85:29:33:8c:e4:6e:e5:85:27:e0:
09:1d:4f:10:cd:df:3a:fb:e1:f5:b5:41:1e:f9:8c:
eb:63:4a:c7:a6:1f:12:67:42:32:c6:c3:fe:1d:36:
99:e0:a4:fe:f9:93:be:19:fd:eb:61:5c:c5:36:25:
f2:28:86:d7:a7:5e:d3:ff:fc:95:92:14:14:ab:27:
71:fb:4f:85:9c:e5:40:07:95:60:c4:b6:a6:48:83:
66:0f:ee:f0:27:b1:60:75:f2:98:01:e1:1e:bf:3e:
d7:d9:0f:c2:9e:18:5a:30:25:bd:bd:37:8f:6e:5e:
ef:6b:a6:38:6a:43:97:52:95:e3:c9:0d:5e:64:ca:
bc:9c:7a:9a:07:e1:ac:8e:02:0e:b4:86:64:08:e6:
dd:72:99:97:4b:e1:8f:5f:00:3f:49:47:80:5c:3e:
5b:09:83:80:98:be:43:d0:2c:f3:23:b1:d2:c7:07:
63:94:18:92:9d:69:3e:36:90:1b:0c:0e:a9:7e:cc:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C3:41:FB:56:FC:25:7C:6F:1E:60:4D:C6:B3:79:81:76:1E:E0:6E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2MNB-1b8JXxvHmBNxrN5gXYe4G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.182.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:45:d2:f0:fa:8a:01:34:77:80:48:fd:bb:9c:e3:45:1c:51:
dc:c7:6f:36:21:76:7f:39:1e:a3:25:12:ff:e5:29:d6:b8:f1:
e8:e0:49:8d:eb:4f:0b:24:90:d8:9b:3b:cf:22:e6:01:16:3e:
92:30:58:d2:ef:57:a7:72:33:d9:88:91:66:29:f1:90:c1:c0:
33:f8:d0:ca:a7:03:b3:93:75:01:9b:4d:46:59:63:4d:93:6b:
e9:fd:a7:2c:ff:5f:07:bb:84:23:05:b6:bc:3f:c9:77:83:45:
23:eb:b5:30:f4:14:d7:2b:70:da:68:2b:93:a0:48:ab:ff:b9:
a4:b7:1f:e8:cd:ba:3a:8d:c5:ab:85:c6:eb:f5:b1:50:cb:bb:
0d:4b:c4:3f:54:09:b8:48:11:02:fe:13:e5:24:03:b1:ae:4d:
8a:30:5d:41:d9:9a:75:dc:b1:f3:1a:32:a9:4a:7f:f9:26:ec:
d0:52:21:42:1f:4c:c4:4b:0c:f2:93:7b:62:0a:ac:69:ac:7a:
02:a6:dc:8e:47:32:d7:85:35:c0:76:51:62:dc:72:19:b2:f4:
28:a5:6a:91:f3:6b:53:26:e6:ba:ab:92:bf:42:e3:d9:ec:78:
8f:f1:4f:07:75:9a:53:f9:11:c9:a7:c6:48:cb:15:28:9b:9e:
2d:ba:bf:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY73fPenuUi/h8CSMki+/9iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQwNDE5MTc1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMzNDFmYjU2ZmMyNTdjNmYxZTYwNGRjNmIzNzk4MTc2MWVlMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXtIuPaA6Bm/uiC8KLNN5vcEoPOh
57gFc10SZkQJitS7uMRMZqvzaVlmPPQzI4C6GgazSJ/Jd0nzVlqDti52GYUpM4zk
buWFJ+AJHU8Qzd86++H1tUEe+YzrY0rHph8SZ0IyxsP+HTaZ4KT++ZO+Gf3rYVzF
NiXyKIbXp17T//yVkhQUqydx+0+FnOVAB5VgxLamSINmD+7wJ7FgdfKYAeEevz7X
2Q/CnhhaMCW9vTePbl7va6Y4akOXUpXjyQ1eZMq8nHqaB+GsjgIOtIZkCObdcpmX
S+GPXwA/SUeAXD5bCYOAmL5D0CzzI7HSxwdjlBiSnWk+NpAbDA6pfsyCHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjDQftW/CV8bx5gTcazeYF2HuBuMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMk1OQi0xYjhKWHh2SG1CTnhyTjVnWFllNEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbW2MA0G
CSqGSIb3DQEBCwUAA4IBAQANRdLw+ooBNHeASP27nONFHFHcx282IXZ/OR6jJRL/
5SnWuPHo4EmN608LJJDYmzvPIuYBFj6SMFjS71encjPZiJFmKfGQwcAz+NDKpwOz
k3UBm01GWWNNk2vp/acs/18Hu4QjBba8P8l3g0Uj67Uw9BTXK3DaaCuToEir/7mk
tx/ozbo6jcWrhcbr9bFQy7sNS8Q/VAm4SBEC/hPlJAOxrk2KMF1B2Zp13LHzGjKp
Sn/5JuzQUiFCH0zESwzyk3tiCqxprHoCptyORzLXhTXAdlFi3HIZsvQopWqR82tT
Jua6q5K/QuPZ7HiP8U8HdZpT+RHJp8ZIyxUom54tur9a
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:17 2025 by rpki-client