Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa
File: 5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa (raw, json)
Hash identifier: aAZPDm6OwVnMAtPNmy2jiUWAhaQcubXam2huh1yLGfo=
Subject key identifier: E6:55:14:42:30:69:44:78:12:1B:BF:FD:23:D7:12:43:FA:24:04:81
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01857067226B34A717625E3F792E804FDE9C
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa
Signing time: Mon 02 Jan 2023 02:54:45 +0000
ROA not before: Mon 02 Jan 2023 02:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200645
IP address blocks: 185.177.232.0/22 maxlen: 22
5.202.208.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:22:6b:34:a7:17:62:5e:3f:79:2e:80:4f:de:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e655144230694478121bbffd23d71243fa240481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f5:67:f6:b9:7c:38:e5:56:d0:af:4d:80:14:
42:60:78:c6:f9:92:e5:91:88:28:c7:13:e9:2d:29:
8f:de:b3:c1:03:0e:08:a9:7a:fb:5e:5a:58:ab:b1:
b8:e0:63:5e:c9:57:a4:a1:66:9f:66:ca:55:74:1b:
9f:05:2d:70:48:0c:9b:9d:aa:be:51:81:ba:c2:8d:
ec:83:e4:9d:3e:9e:47:48:45:60:70:cc:c9:9e:c9:
75:6c:1b:9d:0a:bc:de:e1:d4:d9:d2:3a:0a:46:76:
2a:46:b0:40:f4:34:2b:a7:10:65:7b:02:c9:22:10:
81:be:52:b4:7e:f3:29:87:9a:c3:22:6b:eb:52:bc:
be:92:fb:ad:0f:c9:05:d6:eb:35:b2:39:5b:49:61:
7b:b9:b3:f8:0c:4d:fc:75:3b:05:d0:10:f5:17:22:
e3:29:61:7f:2f:83:16:87:1e:7f:0a:48:b9:24:ab:
df:94:78:48:e3:27:26:46:fe:55:7d:cf:94:41:2a:
45:1e:41:04:5e:5f:9d:84:14:12:32:55:0b:8d:1c:
c6:ad:ca:34:44:57:63:d9:b1:12:54:f5:dc:71:28:
71:41:f6:29:c0:4a:96:63:bb:39:b6:00:0c:be:7f:
2b:42:6c:47:d8:a6:c2:6d:53:2d:0a:fc:5f:c8:11:
00:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:55:14:42:30:69:44:78:12:1B:BF:FD:23:D7:12:43:FA:24:04:81
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/5lUUQjBpRHgSG7_9I9cSQ_okBIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.208.0/20
185.177.232.0/22
Signature Algorithm: sha256WithRSAEncryption
12:de:fc:0f:ee:05:a0:23:56:3e:55:c1:16:76:d2:2e:c9:71:
d1:a6:5e:5e:55:e2:60:b2:03:56:35:cb:b3:0b:7e:d9:31:e7:
f1:10:6b:33:93:c7:38:a9:ca:d6:96:b8:16:dc:88:13:9a:fd:
07:11:05:97:07:02:e7:95:91:f3:51:d5:31:74:17:0e:75:56:
83:0c:b3:d7:c7:c2:79:7e:cf:7b:b7:4b:a9:c2:85:df:22:45:
06:3a:d7:02:30:14:26:2c:8b:40:6c:6c:1e:29:2c:fc:2a:d5:
c6:5c:48:d4:36:5c:10:03:9f:17:83:9a:4b:8b:c5:e5:7b:8e:
45:fc:51:4d:dd:05:3b:84:d1:83:7f:86:ad:8d:e2:c6:5c:fd:
a8:c2:c2:b8:a1:9e:c6:0c:7a:c6:a9:4d:47:c3:de:02:ea:fc:
21:8c:b0:c2:45:b9:53:cb:73:89:2b:70:64:e9:84:2f:1b:0d:
36:d7:1c:4f:40:92:94:57:24:cb:6b:bc:df:1d:f9:92:2a:30:
26:0d:9a:26:bc:66:f7:fc:f2:d9:01:a7:21:94:57:13:22:bf:
ca:ec:88:63:c0:18:b0:f9:7a:5f:a8:96:94:45:24:c5:dd:39:
f1:23:bc:8f:af:c7:64:0d:cc:a2:6c:df:d4:db:bd:83:a0:db:
8a:4b:2f:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZyJrNKcXYl4/eS6AT96cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU1MTQ0MjMwNjk0NDc4MTIxYmJmZmQyM2Q3MTI0M2ZhMjQwNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPVn9rl8OOVW0K9NgBRCYHjG+ZLl
kYgoxxPpLSmP3rPBAw4IqXr7XlpYq7G44GNeyVekoWafZspVdBufBS1wSAybnaq+
UYG6wo3sg+SdPp5HSEVgcMzJnsl1bBudCrze4dTZ0joKRnYqRrBA9DQrpxBlewLJ
IhCBvlK0fvMph5rDImvrUry+kvutD8kF1us1sjlbSWF7ubP4DE38dTsF0BD1FyLj
KWF/L4MWhx5/Cki5JKvflHhI4ycmRv5Vfc+UQSpFHkEEXl+dhBQSMlULjRzGrco0
RFdj2bESVPXccShxQfYpwEqWY7s5tgAMvn8rQmxH2KbCbVMtCvxfyBEAcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOZVFEIwaUR4Ehu//SPXEkP6JASBMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvNWxVVVFqQnBSSGdTRzdfOUk5Y1NRX29rQklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBcrQAwQC
ubHoMA0GCSqGSIb3DQEBCwUAA4IBAQAS3vwP7gWgI1Y+VcEWdtIuyXHRpl5eVeJg
sgNWNcuzC37ZMefxEGszk8c4qcrWlrgW3IgTmv0HEQWXBwLnlZHzUdUxdBcOdVaD
DLPXx8J5fs97t0upwoXfIkUGOtcCMBQmLItAbGweKSz8KtXGXEjUNlwQA58Xg5pL
i8Xle45F/FFN3QU7hNGDf4atjeLGXP2owsK4oZ7GDHrGqU1Hw94C6vwhjLDCRblT
y3OJK3Bk6YQvGw021xxPQJKUVyTLa7zfHfmSKjAmDZomvGb3/PLZAachlFcTIr/K
7IhjwBiw+XpfqJaURSTF3TnxI7yPr8dkDcyibN/U272DoNuKSy9w
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:17:00 2024 by rpki-client on console-ams.rpki-client.org