Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3PmOVD-iFIxFgRFMMxQcv53YKdk.roa
File: 3PmOVD-iFIxFgRFMMxQcv53YKdk.roa (raw, json)
Hash identifier: LP3HunLsc6LaU6aRrRj6M6fWznCtdBsi1oNI7zQ8F6c=
Subject key identifier: DC:F9:8E:54:3F:A2:14:8C:45:81:11:4C:33:14:1C:BF:9D:D8:29:D9
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0185706720BE4271B8F56E9CF6618E7A2A2C
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3PmOVD-iFIxFgRFMMxQcv53YKdk.roa
Signing time: Mon 02 Jan 2023 02:54:44 +0000
ROA not before: Mon 02 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60138
IP address blocks: 5.202.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:20:be:42:71:b8:f5:6e:9c:f6:61:8e:7a:2a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf98e543fa2148c4581114c33141cbf9dd829d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:24:f6:6f:be:f6:19:bf:9d:79:2f:f7:92:
b0:30:c9:45:a1:c1:be:5f:3e:20:91:5c:f7:67:70:
da:cb:d9:d0:57:22:ee:ba:08:df:d9:0b:63:8a:3b:
ae:cb:9c:07:9d:e8:da:f1:5a:1e:ec:b5:2d:09:2b:
72:c5:08:e4:fd:24:4c:67:82:09:3c:85:51:da:e4:
91:70:99:56:6b:03:5e:75:cd:75:95:3e:0b:63:3c:
92:d0:75:5f:ec:6d:b3:cf:fc:92:96:6f:ae:b8:f6:
fd:f3:49:6c:ea:c6:8e:01:97:69:77:5f:6b:0d:37:
08:35:40:34:d2:43:ba:15:14:52:72:26:9b:99:db:
25:f0:20:e5:5b:a7:03:bd:d0:f3:37:6b:a0:1a:6c:
79:4d:6c:55:24:ad:6f:6c:78:27:89:58:e1:fa:d3:
c0:6c:2e:4f:f2:fb:37:cd:6f:70:7f:5a:00:1b:25:
d0:fc:23:68:af:1b:72:5c:b4:7e:95:59:2f:cd:f3:
e0:b7:8a:61:84:a7:c2:8e:ed:46:50:f0:90:59:7a:
f6:1d:c0:da:97:c0:6b:89:03:fe:aa:0a:89:33:92:
da:75:22:99:42:92:cb:00:59:32:d2:2c:bc:34:06:
02:f6:fd:d0:4b:9d:37:46:91:8b:f7:40:09:05:01:
09:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F9:8E:54:3F:A2:14:8C:45:81:11:4C:33:14:1C:BF:9D:D8:29:D9
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/3PmOVD-iFIxFgRFMMxQcv53YKdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:a8:bf:4a:64:e3:ab:84:57:fa:9d:35:cf:d5:94:04:13:8d:
fd:84:68:1d:78:15:77:9d:bb:cb:86:47:b4:3f:9b:1e:91:78:
d1:82:77:b4:75:bd:7c:b7:22:be:b5:43:b7:28:78:1e:90:58:
d7:bb:85:95:cc:82:b3:7e:a0:1e:66:0b:76:be:6f:6f:09:d8:
0c:df:9c:7f:1d:42:e9:3b:5f:52:4d:28:29:bb:10:22:7d:2d:
b5:32:df:d3:82:38:44:be:1d:3f:10:e6:99:14:f5:0e:b0:59:
04:bf:40:f2:8b:66:24:bb:e5:92:fe:28:7b:dc:7c:bf:bd:50:
c6:6a:ec:43:4e:df:23:95:8c:78:fc:8f:37:c4:83:3e:e1:b1:
e8:69:72:a8:7a:30:86:45:b2:4b:c3:9f:c9:cd:b7:90:37:5f:
a5:27:c1:f9:44:aa:42:53:04:6e:f1:dc:25:d7:47:83:0b:e0:
c7:ec:fc:1d:89:c5:17:c5:6a:44:68:3d:77:bd:fc:69:8c:db:
47:8b:75:d8:10:99:91:1f:6b:bd:53:ec:86:85:ed:b9:0f:bc:
81:0d:53:e5:1b:d8:cf:e6:a4:75:b1:87:f0:62:8f:e3:cc:e1:
b1:19:4e:9f:6a:c7:de:fe:91:a0:a9:6e:8b:54:83:7d:f9:6f:
f2:b8:f0:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZyC+QnG49W6c9mGOeiosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y5OGU1NDNmYTIxNDhjNDU4MTExNGMzMzE0MWNiZjlkZDgyOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjok9m++9hm/nXkv95KwMMlFocG+
Xz4gkVz3Z3Day9nQVyLuugjf2Qtjijuuy5wHneja8Voe7LUtCStyxQjk/SRMZ4IJ
PIVR2uSRcJlWawNedc11lT4LYzyS0HVf7G2zz/ySlm+uuPb980ls6saOAZdpd19r
DTcINUA00kO6FRRSciabmdsl8CDlW6cDvdDzN2ugGmx5TWxVJK1vbHgniVjh+tPA
bC5P8vs3zW9wf1oAGyXQ/CNorxtyXLR+lVkvzfPgt4phhKfCju1GUPCQWXr2HcDa
l8BriQP+qgqJM5LadSKZQpLLAFky0iy8NAYC9v3QS503RpGL90AJBQEJbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNz5jlQ/ohSMRYERTDMUHL+d2CnZMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvM1BtT1ZELWlGSXhGZ1JGTU14UWN2NTNZS2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcpYMA0G
CSqGSIb3DQEBCwUAA4IBAQC0qL9KZOOrhFf6nTXP1ZQEE439hGgdeBV3nbvLhke0
P5sekXjRgne0db18tyK+tUO3KHgekFjXu4WVzIKzfqAeZgt2vm9vCdgM35x/HULp
O19STSgpuxAifS21Mt/TgjhEvh0/EOaZFPUOsFkEv0Dyi2Yku+WS/ih73Hy/vVDG
auxDTt8jlYx4/I83xIM+4bHoaXKoejCGRbJLw5/JzbeQN1+lJ8H5RKpCUwRu8dwl
10eDC+DH7PwdicUXxWpEaD13vfxpjNtHi3XYEJmRH2u9U+yGhe25D7yBDVPlG9jP
5qR1sYfwYo/jzOGxGU6fasfe/pGgqW6LVIN9+W/yuPBS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org