Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/lPhW4TseeDK6YuLUrhp40rJ7IPc.roa
File: lPhW4TseeDK6YuLUrhp40rJ7IPc.roa (raw, json)
Hash identifier: iptWJriQ9X1pJdmIsy3c8fHA+mYNvzHOjGmM75USIAk=
Subject key identifier: 94:F8:56:E1:3B:1E:78:32:BA:62:E2:D4:AE:1A:78:D2:B2:7B:20:F7
Certificate issuer: /CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
Certificate serial: 01856DC1DBB1C6262F00EA7223DED06EAE0F
Authority key identifier: D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/lPhW4TseeDK6YuLUrhp40rJ7IPc.roa
Signing time: Sun 01 Jan 2023 14:34:59 +0000
ROA not before: Sun 01 Jan 2023 14:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8637
IP address blocks: 5.180.229.0/24 maxlen: 24
5.180.228.0/24 maxlen: 24
5.180.228.0/22 maxlen: 24
2a0b:c800:1::/48 maxlen: 48
2a0b:c800:4::/48 maxlen: 48
2a0b:c800:2::/48 maxlen: 48
2a0b:c800:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:db:b1:c6:26:2f:00:ea:72:23:de:d0:6e:ae:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
Validity
Not Before: Jan 1 14:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94f856e13b1e7832ba62e2d4ae1a78d2b27b20f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:d1:e4:1b:02:06:92:16:59:fd:53:9e:13:
de:89:7c:1a:c3:2c:f1:48:72:71:2b:8c:96:68:5a:
03:9b:10:2b:79:32:d5:22:17:e4:ac:f3:9d:a4:31:
3d:ae:a9:11:00:37:77:46:db:93:bd:f1:e8:ea:b5:
35:e7:da:54:75:04:c2:45:80:03:0d:33:d4:e9:2a:
cd:d3:a3:ce:ef:89:ce:20:dc:51:08:96:71:32:38:
ae:57:77:bc:6e:da:2c:71:c0:ee:6e:59:6a:98:db:
b4:35:5f:57:77:a6:6d:e4:cd:1d:fc:4f:26:c1:c9:
a8:6c:5a:81:0e:8b:5f:81:ed:d4:b3:e7:2b:91:b8:
4b:e4:14:15:99:2d:07:74:22:e8:e2:a2:5a:89:d0:
f2:56:29:b8:bd:ba:06:88:cc:68:75:05:81:d3:05:
35:42:f1:a3:10:12:95:5f:a8:d0:41:71:b8:cb:d8:
64:54:5c:f7:e9:c6:90:30:22:f2:6f:81:66:01:03:
c7:8e:aa:d7:bd:8a:7d:74:12:2c:88:25:0c:43:2f:
9d:de:f1:4e:aa:73:2e:5b:9c:a1:88:17:1a:3e:b2:
97:05:43:95:40:79:4e:95:54:0a:61:6e:01:4e:ad:
3c:aa:63:1e:53:d0:92:a1:52:61:4b:16:4a:01:be:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F8:56:E1:3B:1E:78:32:BA:62:E2:D4:AE:1A:78:D2:B2:7B:20:F7
X509v3 Authority Key Identifier:
keyid:D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/lPhW4TseeDK6YuLUrhp40rJ7IPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0Mo8Cxlv3gunTBSHvcucX6BTZks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.228.0/22
IPv6:
2a0b:c800:1::-2a0b:c800:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:f8:5d:04:1d:86:8d:5e:a6:85:3c:ad:29:c1:12:80:a7:e3:
cf:55:63:04:b3:ac:96:c3:18:96:96:48:c4:f1:9a:1e:74:32:
23:6f:3d:d2:e8:fd:94:1b:e9:bb:5e:d5:14:2f:37:c9:5a:22:
78:e9:a6:c6:af:64:8b:65:db:60:8e:5d:ef:e8:c4:1f:a6:c5:
48:51:ee:36:1a:98:fb:0d:32:a9:dd:74:24:dd:97:fd:ab:48:
2b:c7:25:9c:76:3e:97:f0:ce:06:04:04:ca:27:a7:9a:12:4c:
4f:7a:4c:12:13:c5:bd:61:59:e0:a4:58:5b:02:bf:78:26:fc:
c7:6f:a1:b9:6e:32:90:ed:5b:34:34:75:6b:72:6a:0f:40:02:
cd:72:2a:3e:b5:2f:5e:3e:f5:d7:e9:a4:5b:a6:7a:9e:d8:0e:
ef:8d:30:b0:85:0b:33:eb:af:cd:31:d5:d8:0e:83:e5:e6:46:
fe:b1:18:84:24:85:5d:e6:45:13:bf:15:24:94:41:25:1f:44:
c7:c5:00:fc:a1:1c:c8:45:ca:b8:9e:71:a5:0a:f1:35:78:28:
f8:23:d2:02:2c:b6:ae:11:6e:b9:f3:e4:60:36:2c:29:af:2a:
ad:3c:a5:98:bf:d6:80:3b:e8:07:7b:7b:d2:06:0d:27:8e:13:
4f:37:35:bb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtwduxxiYvAOpyI97Qbq4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2EzYzBiMTk2ZmRlMGJhNzRjMTQ4N2JkY2I5YzVmYTA1
MzY2NGIwHhcNMjMwMTAxMTQzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY4NTZlMTNiMWU3ODMyYmE2MmUyZDRhZTFhNzhkMmIyN2IyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnvR5BsCBpIWWf1TnhPeiXwawyzx
SHJxK4yWaFoDmxAreTLVIhfkrPOdpDE9rqkRADd3RtuTvfHo6rU159pUdQTCRYAD
DTPU6SrN06PO74nOINxRCJZxMjiuV3e8btosccDubllqmNu0NV9Xd6Zt5M0d/E8m
wcmobFqBDotfge3Us+crkbhL5BQVmS0HdCLo4qJaidDyVim4vboGiMxodQWB0wU1
QvGjEBKVX6jQQXG4y9hkVFz36caQMCLyb4FmAQPHjqrXvYp9dBIsiCUMQy+d3vFO
qnMuW5yhiBcaPrKXBUOVQHlOlVQKYW4BTq08qmMeU9CSoVJhSxZKAb7McQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJT4VuE7HngyumLi1K4aeNKyeyD3MB8GA1UdIwQY
MBaAFNDKPAsZb94Lp0wUh73LnF+gU2ZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME1vOEN4bHYzZ3VuVEJTSHZjdWNYNkJUWmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84MTAyNGYtNTE3MS00N2M0LWI1Y2Et
NmI2MzMzMWVmZjAyLzEvbFBoVzRUc2VlREs2WXVMVXJocDQwcko3SVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84MTAyNGYtNTE3MS00N2M0LWI1Y2EtNmI2MzMzMWVmZjAy
LzEvME1vOEN4bHYzZ3VuVEJTSHZjdWNYNkJUWmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCBbTkMBoE
AgACMBQwEgMHACoLyAAAAQMHACoLyAAABDANBgkqhkiG9w0BAQsFAAOCAQEAHPhd
BB2GjV6mhTytKcESgKfjz1VjBLOslsMYlpZIxPGaHnQyI2890uj9lBvpu17VFC83
yVoieOmmxq9ki2XbYI5d7+jEH6bFSFHuNhqY+w0yqd10JN2X/atIK8clnHY+l/DO
BgQEyienmhJMT3pMEhPFvWFZ4KRYWwK/eCb8x2+huW4ykO1bNDR1a3JqD0ACzXIq
PrUvXj711+mkW6Z6ntgO740wsIULM+uvzTHV2A6D5eZG/rEYhCSFXeZFE78VJJRB
JR9Ex8UA/KEcyEXKuJ5xpQrxNXgo+CPSAiy2rhFuufPkYDYsKa8qrTylmL/WgDvo
B3t70gYNJ44TTzc1uw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:43 2024 by rpki-client on console-fra.rpki-client.org