Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/Vb4MzxIW8vrBCB93Ctc-DqPDlQ0.roa
File: Vb4MzxIW8vrBCB93Ctc-DqPDlQ0.roa (raw, json)
Hash identifier: F7k5++JonUTVtKx+nwj53lt5xdAyXqsu7FN+d2L3gZw=
Subject key identifier: 55:BE:0C:CF:12:16:F2:FA:C1:08:1F:77:0A:D7:3E:0E:A3:C3:95:0D
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 018CC726E7590FD29A3525B614C1757DDDB7
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/Vb4MzxIW8vrBCB93Ctc-DqPDlQ0.roa
Signing time: Mon 01 Jan 2024 22:31:04 +0000
ROA not before: Mon 01 Jan 2024 22:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35202
IP address blocks: 5.180.116.0/22 maxlen: 24
2a0a:6400::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e7:59:0f:d2:9a:35:25:b6:14:c1:75:7d:dd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Jan 1 22:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55be0ccf1216f2fac1081f770ad73e0ea3c3950d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:61:f4:3a:b9:e6:73:a7:1c:02:b9:fa:a1:04:
6e:0a:26:eb:bb:4e:03:0a:12:89:09:c5:75:a2:57:
09:77:66:a0:d3:58:c4:f1:8b:da:30:51:6f:81:c0:
f1:03:19:e7:7b:69:bd:38:d5:ff:32:b7:5a:a8:b8:
f5:4f:32:5d:69:a0:38:4d:7f:96:09:d3:16:56:59:
d1:dc:91:ea:93:b7:ce:1d:01:8e:7a:bf:2a:c5:73:
98:89:b7:3a:9d:5f:63:ec:4c:08:6f:cd:78:37:2f:
9a:a3:81:5d:e9:10:5e:32:76:e9:c5:32:a1:2b:4b:
1e:ef:be:dc:62:66:30:43:05:3a:82:7b:fe:d0:7b:
7d:3e:ef:87:0a:2a:12:ce:c8:1f:55:92:eb:fb:74:
70:05:7b:16:e2:38:84:82:79:40:b0:d6:51:f5:db:
b9:7c:c3:67:09:68:4a:be:7e:c5:be:ca:38:0c:a7:
b2:35:b5:24:71:41:b3:bb:06:8e:d9:1a:b6:c9:22:
dd:ae:ab:2a:65:c0:a5:a2:e0:17:95:f4:a9:ac:d1:
32:e7:a5:3b:24:1e:4c:50:71:64:b4:9b:f9:6a:41:
c9:5b:13:74:1d:46:3c:e2:b6:30:85:ae:14:06:6e:
f6:d2:04:e2:62:93:94:52:4a:eb:34:62:50:71:4b:
b6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BE:0C:CF:12:16:F2:FA:C1:08:1F:77:0A:D7:3E:0E:A3:C3:95:0D
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/Vb4MzxIW8vrBCB93Ctc-DqPDlQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.116.0/22
IPv6:
2a0a:6400::/29
Signature Algorithm: sha256WithRSAEncryption
c6:ae:bc:fc:f4:4b:38:32:17:34:d9:ae:d7:67:5f:74:13:58:
a7:cb:e7:14:3a:b5:12:c1:05:b1:29:eb:3f:25:49:ec:eb:a0:
4d:60:df:3e:80:7c:ea:53:6f:32:dd:97:15:9b:b4:33:1c:ed:
35:ce:fa:bf:46:ee:47:80:f1:39:70:4c:94:f3:06:ed:af:1b:
43:45:cd:8a:8e:61:05:38:2c:72:73:40:34:fa:0e:b7:73:fd:
29:c1:9e:92:bc:4b:45:33:2a:f0:5e:ed:51:5c:e3:c4:ce:21:
1a:ed:76:3c:af:e5:49:17:84:8a:98:15:12:4f:53:f5:2e:cd:
3c:9c:c6:cb:f5:bb:ff:29:7c:34:4c:6a:42:ce:85:6b:50:9c:
31:dc:72:6b:b8:fa:61:95:58:67:b5:18:4c:60:b6:b8:9d:fe:
13:69:fc:5f:27:ca:f3:83:c8:48:5c:c1:4e:2b:d3:8a:47:90:
43:ca:d3:73:65:8f:c5:79:f0:c9:50:3d:79:4a:42:b3:61:81:
32:a0:f7:4b:f5:72:0b:19:8e:8c:a1:64:31:94:7f:b3:68:6a:
ba:0b:89:68:da:78:57:27:b0:26:85:a5:f7:74:b9:c3:a5:ff:
9d:46:d7:30:0a:b9:19:06:09:af:34:2e:bd:f8:28:45:7d:b5:
ff:cb:64:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJudZD9KaNSW2FMF1fd23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjQwMTAxMjIzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWJlMGNjZjEyMTZmMmZhYzEwODFmNzcwYWQ3M2UwZWEzYzM5NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12H0Ornmc6ccArn6oQRuCibru04D
ChKJCcV1olcJd2ag01jE8YvaMFFvgcDxAxnne2m9ONX/MrdaqLj1TzJdaaA4TX+W
CdMWVlnR3JHqk7fOHQGOer8qxXOYibc6nV9j7EwIb814Ny+ao4Fd6RBeMnbpxTKh
K0se777cYmYwQwU6gnv+0Ht9Pu+HCioSzsgfVZLr+3RwBXsW4jiEgnlAsNZR9du5
fMNnCWhKvn7Fvso4DKeyNbUkcUGzuwaO2Rq2ySLdrqsqZcClouAXlfSprNEy56U7
JB5MUHFktJv5akHJWxN0HUY84rYwha4UBm720gTiYpOUUkrrNGJQcUu2dwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFW+DM8SFvL6wQgfdwrXPg6jw5UNMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvVmI0TXp4SVc4dnJCQ0I5M0N0Yy1EcVBEbFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbR0MA0E
AgACMAcDBQMqCmQAMA0GCSqGSIb3DQEBCwUAA4IBAQDGrrz89Es4Mhc02a7XZ190
E1iny+cUOrUSwQWxKes/JUns66BNYN8+gHzqU28y3ZcVm7QzHO01zvq/Ru5HgPE5
cEyU8wbtrxtDRc2KjmEFOCxyc0A0+g63c/0pwZ6SvEtFMyrwXu1RXOPEziEa7XY8
r+VJF4SKmBUST1P1Ls08nMbL9bv/KXw0TGpCzoVrUJwx3HJruPphlVhntRhMYLa4
nf4TafxfJ8rzg8hIXMFOK9OKR5BDytNzZY/FefDJUD15SkKzYYEyoPdL9XILGY6M
oWQxlH+zaGq6C4lo2nhXJ7AmhaX3dLnDpf+dRtcwCrkZBgmvNC69+ChFfbX/y2RR
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:55 2025 by rpki-client