Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PNiQDU52dy4VJgXYMbuo-Hc3VJQ.roa
File: PNiQDU52dy4VJgXYMbuo-Hc3VJQ.roa (raw, json)
Hash identifier: kge+ea2cGNHpLS1cn45ij8m9kVSK3htYsECURXqvZXQ=
Subject key identifier: 3C:D8:90:0D:4E:76:77:2E:15:26:05:D8:31:BB:A8:F8:77:37:54:94
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC76E4D94BFD96B25A3F88D842EEA
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PNiQDU52dy4VJgXYMbuo-Hc3VJQ.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198411
IP address blocks: 5.226.16.0/20 maxlen: 24
5.226.16.0/21 maxlen: 24
45.157.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c7:6e:4d:94:bf:d9:6b:25:a3:f8:8d:84:2e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd8900d4e76772e152605d831bba8f877375494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:cc:6a:b2:62:3d:f3:8d:11:d0:c3:f5:b6:
c0:78:40:e1:ac:7e:ae:26:0b:9a:48:74:86:e0:06:
9e:bf:43:bb:4e:90:00:3a:9f:96:0d:fc:cc:0d:dd:
9a:38:e8:1d:a6:e6:2f:ee:62:bf:af:2b:72:c8:90:
02:ab:49:d4:53:20:a8:67:dd:6e:cb:15:60:42:e6:
df:96:02:1d:89:cf:df:f1:f7:0f:59:44:5a:15:25:
a0:d9:df:ff:66:f7:84:b4:73:04:98:f0:49:7c:20:
7b:3a:3b:fc:22:2d:96:23:4d:c9:97:8c:ff:9e:cc:
d6:8b:6d:de:8a:54:d7:4a:ba:ff:6a:76:5d:ab:5b:
2f:83:c0:fb:50:96:2a:a7:11:b3:3f:10:c6:49:23:
4e:eb:d9:ff:d0:3f:8f:7c:03:c7:b7:15:28:99:8c:
7d:f4:32:d3:1b:e1:91:19:46:74:e9:60:92:41:ea:
f0:c6:21:3a:ae:b5:31:f9:b5:54:e8:ed:e8:17:93:
d9:65:99:7e:c1:b0:94:5d:ee:ca:12:b1:bd:65:20:
13:a8:b2:e7:46:38:ae:f5:2e:f2:94:d7:b9:90:fb:
a7:91:58:b5:e4:32:52:17:8a:39:76:0f:27:3f:52:
ef:3c:47:5c:27:32:b8:67:88:4f:2f:36:b8:77:58:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D8:90:0D:4E:76:77:2E:15:26:05:D8:31:BB:A8:F8:77:37:54:94
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/PNiQDU52dy4VJgXYMbuo-Hc3VJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.16.0/20
45.157.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:db:09:2d:97:c1:40:ed:0e:5e:7c:1e:80:80:b3:a5:a9:0a:
47:27:41:f7:cd:d3:9a:62:ac:7f:37:41:ef:ad:ad:63:83:6b:
e2:48:8c:92:10:24:1e:bb:e5:fb:43:02:f2:3b:ba:bc:90:7b:
78:4c:cd:b4:40:ee:e4:64:ed:d7:50:ef:5b:09:c0:60:81:0f:
f7:ec:fc:6c:2d:7b:cd:3f:07:3c:6d:0f:bb:88:e5:3d:10:43:
70:3a:83:6f:39:85:b5:c6:86:70:f7:0d:a2:f6:53:db:39:98:
93:7f:69:cd:53:ee:2b:08:a7:9b:9c:1f:73:71:b2:72:47:7e:
45:d0:bb:a9:26:4a:52:fd:d3:fc:f5:cd:f2:de:85:36:b5:43:
d8:1c:e3:6e:ed:f8:a0:33:fa:48:f0:f2:41:6e:11:76:21:fc:
83:1a:e3:85:20:59:de:60:07:7a:c5:bc:7c:35:a5:7c:cf:be:
c8:83:17:59:f2:6d:48:0e:2c:e2:d8:81:f7:48:9b:6e:44:e6:
e9:fd:20:fd:b7:09:d2:2f:9a:86:43:fc:8d:78:c6:43:4d:f6:
87:29:01:4e:7e:13:71:77:b3:74:9f:81:d1:bb:2d:01:fb:2f:
b2:de:c6:af:05:64:1e:65:88:33:34:a1:34:5c:f2:b4:7f:36:
9e:f0:a8:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2sduTZS/2Wslo/iNhC7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q4OTAwZDRlNzY3NzJlMTUyNjA1ZDgzMWJiYThmODc3Mzc1NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8XMarJiPfONEdDD9bbAeEDhrH6u
JguaSHSG4Aaev0O7TpAAOp+WDfzMDd2aOOgdpuYv7mK/rytyyJACq0nUUyCoZ91u
yxVgQubflgIdic/f8fcPWURaFSWg2d//ZveEtHMEmPBJfCB7Ojv8Ii2WI03Jl4z/
nszWi23eilTXSrr/anZdq1svg8D7UJYqpxGzPxDGSSNO69n/0D+PfAPHtxUomYx9
9DLTG+GRGUZ06WCSQerwxiE6rrUx+bVU6O3oF5PZZZl+wbCUXe7KErG9ZSATqLLn
Rjiu9S7ylNe5kPunkVi15DJSF4o5dg8nP1LvPEdcJzK4Z4hPLza4d1gZAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDzYkA1OdncuFSYF2DG7qPh3N1SUMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvUE5pUURVNTJkeTRWSmdYWU1idW8tSGMzVkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBeIQAwQC
LZ04MA0GCSqGSIb3DQEBCwUAA4IBAQAL2wktl8FA7Q5efB6AgLOlqQpHJ0H3zdOa
Yqx/N0Hvra1jg2viSIySECQeu+X7QwLyO7q8kHt4TM20QO7kZO3XUO9bCcBggQ/3
7PxsLXvNPwc8bQ+7iOU9EENwOoNvOYW1xoZw9w2i9lPbOZiTf2nNU+4rCKebnB9z
cbJyR35F0LupJkpS/dP89c3y3oU2tUPYHONu7figM/pI8PJBbhF2IfyDGuOFIFne
YAd6xbx8NaV8z77IgxdZ8m1IDizi2IH3SJtuRObp/SD9twnSL5qGQ/yNeMZDTfaH
KQFOfhNxd7N0n4HRuy0B+y+y3savBWQeZYgzNKE0XPK0fzae8KjM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org