Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/JIu7TWQMli6fx13IrgcZq8-baNw.roa
File: JIu7TWQMli6fx13IrgcZq8-baNw.roa (raw, json)
Hash identifier: kNdgfSOCaBPIQuFZZrWmwcqp7j0ODxP7GyG6H0sSu7I=
Subject key identifier: 24:8B:BB:4D:64:0C:96:2E:9F:C7:5D:C8:AE:07:19:AB:CF:9B:68:DC
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018D0DEA15E73320BE073EAD5B5F1A61EDE1
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/JIu7TWQMli6fx13IrgcZq8-baNw.roa
Signing time: Mon 15 Jan 2024 16:17:41 +0000
ROA not before: Mon 15 Jan 2024 16:17:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46573
IP address blocks: 5.180.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 10:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:ea:15:e7:33:20:be:07:3e:ad:5b:5f:1a:61:ed:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 15 16:17:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=248bbb4d640c962e9fc75dc8ae0719abcf9b68dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:c8:f0:f0:04:1c:6e:30:91:25:40:00:bd:
ce:f5:6b:67:a6:7d:a5:5a:d1:d9:c3:3b:6d:2d:b9:
fe:fa:3b:6e:4c:32:00:7d:0b:9c:fa:d1:28:f6:6f:
77:9d:9c:a2:23:c0:90:05:52:3c:76:61:7e:63:f9:
f8:61:b2:66:be:b9:9f:07:85:f8:42:07:5f:23:86:
cc:e8:e5:fb:fd:99:72:c5:4b:ee:46:8d:18:b2:9a:
5b:44:08:2c:68:69:b2:df:aa:19:64:db:60:9f:f5:
b1:d3:33:43:d1:3b:80:61:cf:38:0f:ae:4f:b7:42:
79:3f:3e:2e:ed:4e:8c:9c:b3:ff:23:32:61:0b:9c:
dd:6a:6a:48:88:44:45:ed:db:36:0e:38:82:98:d4:
8d:99:b0:e3:38:51:f4:01:f0:70:4e:5b:a8:ff:34:
53:8b:a2:49:43:2c:54:e5:bf:98:61:e1:a9:55:60:
7b:28:75:d2:59:50:e1:3e:55:68:2a:21:cd:55:f5:
ba:ca:e5:8a:1d:64:15:46:50:18:35:f1:51:74:3d:
9d:ed:e6:27:39:ca:d6:59:e5:62:2e:5e:c5:e3:ae:
e8:a8:24:ca:d9:6f:fc:ef:7b:79:90:b1:2f:0a:a4:
d1:a4:9f:4e:e0:40:47:ce:f5:41:b9:06:5a:4a:b9:
26:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8B:BB:4D:64:0C:96:2E:9F:C7:5D:C8:AE:07:19:AB:CF:9B:68:DC
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/JIu7TWQMli6fx13IrgcZq8-baNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.195.0/24
Signature Algorithm: sha256WithRSAEncryption
90:62:b4:f5:9f:48:5c:45:b1:82:94:7d:85:db:93:f9:78:bd:
82:7c:d9:ca:e0:b4:3c:db:8a:63:7e:63:15:b7:d2:5c:27:28:
65:fd:62:a5:f1:43:ed:06:db:3b:95:20:ec:32:d0:9f:f3:82:
2c:c2:11:0f:bd:4c:91:b0:4f:df:2d:2c:65:3d:69:98:a9:a3:
f8:7e:1d:11:d3:96:36:22:8d:61:54:9e:10:99:ec:89:b3:9e:
8c:f6:c9:10:d3:66:64:3f:53:33:6d:fe:22:ff:d1:82:2c:92:
90:41:47:59:6d:f3:c8:3a:75:38:7d:98:4e:96:6f:33:56:da:
54:ea:4d:c5:07:c8:03:61:ba:f2:2d:10:1b:4a:6b:f3:47:90:
28:d4:e4:42:de:05:5b:00:b6:d7:49:4c:71:b9:38:b2:75:06:
e9:b7:b7:f0:db:7a:ed:60:3c:5e:45:f1:6b:f4:64:5d:13:68:
dc:eb:27:9f:3f:1b:c2:be:89:fc:63:65:3a:ff:8f:4d:e1:cb:
64:68:8e:5b:ce:c6:f7:9d:48:83:07:12:ed:29:42:3e:07:ed:
f1:fe:03:f7:2e:a8:6a:fc:c8:bc:14:d8:12:7e:1a:54:c4:b5:
07:44:b7:11:54:21:00:95:4f:8c:b4:ca:91:00:0e:5f:d8:8f:
48:89:2f:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0N6hXnMyC+Bz6tW18aYe3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTE1MTYxNzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhiYmI0ZDY0MGM5NjJlOWZjNzVkYzhhZTA3MTlhYmNmOWI2OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjfI8PAEHG4wkSVAAL3O9Wtnpn2l
WtHZwzttLbn++jtuTDIAfQuc+tEo9m93nZyiI8CQBVI8dmF+Y/n4YbJmvrmfB4X4
QgdfI4bM6OX7/ZlyxUvuRo0YsppbRAgsaGmy36oZZNtgn/Wx0zND0TuAYc84D65P
t0J5Pz4u7U6MnLP/IzJhC5zdampIiERF7ds2DjiCmNSNmbDjOFH0AfBwTluo/zRT
i6JJQyxU5b+YYeGpVWB7KHXSWVDhPlVoKiHNVfW6yuWKHWQVRlAYNfFRdD2d7eYn
OcrWWeViLl7F467oqCTK2W/873t5kLEvCqTRpJ9O4EBHzvVBuQZaSrkmSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSLu01kDJYun8ddyK4HGavPm2jcMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvSkl1N1RXUU1saTZmeDEzSXJnY1pxOC1iYU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbTDMA0G
CSqGSIb3DQEBCwUAA4IBAQCQYrT1n0hcRbGClH2F25P5eL2CfNnK4LQ824pjfmMV
t9JcJyhl/WKl8UPtBts7lSDsMtCf84IswhEPvUyRsE/fLSxlPWmYqaP4fh0R05Y2
Io1hVJ4QmeyJs56M9skQ02ZkP1Mzbf4i/9GCLJKQQUdZbfPIOnU4fZhOlm8zVtpU
6k3FB8gDYbryLRAbSmvzR5Ao1ORC3gVbALbXSUxxuTiydQbpt7fw23rtYDxeRfFr
9GRdE2jc6yefPxvCvon8Y2U6/49N4ctkaI5bzsb3nUiDBxLtKUI+B+3x/gP3Lqhq
/Mi8FNgSfhpUxLUHRLcRVCEAlU+MtMqRAA5f2I9IiS8I
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:29:08 2024 by rpki-client on console-fra.rpki-client.org