Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VHdLZDwFQFvwqRrdiu7J3HYjhl4.roa
File: VHdLZDwFQFvwqRrdiu7J3HYjhl4.roa (raw, json)
Hash identifier: pGwEXcPngMTn1eeftTsmH8TC8GcHQHAAzAdCVNpy12c=
Subject key identifier: 54:77:4B:64:3C:05:40:5B:F0:A9:1A:DD:8A:EE:C9:DC:76:23:86:5E
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0185706724BB56D00EC60A14ABF285CC5E54
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VHdLZDwFQFvwqRrdiu7J3HYjhl4.roa
Signing time: Mon 02 Jan 2023 02:54:45 +0000
ROA not before: Mon 02 Jan 2023 02:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208412
IP address blocks: 5.202.204.0/23 maxlen: 24
5.202.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:24:bb:56:d0:0e:c6:0a:14:ab:f2:85:cc:5e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54774b643c05405bf0a91add8aeec9dc7623865e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:95:4a:49:f0:49:09:b6:5e:5b:05:65:34:
22:40:10:a6:fe:9e:38:ac:c2:f2:1e:8c:02:de:58:
f4:b6:f0:d4:74:a8:46:79:ff:9c:7b:1e:08:84:d1:
84:fd:b5:97:95:52:f5:1c:12:cf:38:3e:e4:5d:71:
93:f1:3e:76:78:2a:8d:a9:e1:76:17:1c:16:89:c6:
c2:44:dd:95:c1:be:31:1b:a1:df:86:3b:20:10:2b:
9c:81:f2:44:22:05:d2:cb:3b:17:60:f7:04:3c:1e:
9f:3a:cc:c4:13:07:da:29:fe:5d:04:f4:15:c8:6f:
14:04:d3:b6:39:db:80:39:4a:09:7b:c0:fc:d1:34:
7a:e0:23:ec:06:da:ef:34:f2:f5:52:9c:70:73:4b:
84:12:2b:ad:2e:ec:ff:38:c3:d4:70:3b:cb:f7:6e:
82:97:c5:9e:96:40:ab:e0:16:98:9c:ee:d5:d1:53:
cd:a4:e7:c0:96:44:1e:bc:32:71:bf:20:6a:ac:22:
3e:4d:a5:10:a6:3f:5c:c2:e7:40:67:ab:f6:3e:f5:
43:e4:0d:e5:07:77:e6:bd:fc:94:f4:c5:68:b5:5f:
bf:76:3a:0e:36:22:4f:1a:d5:66:22:9d:ae:2c:2c:
e7:a2:e9:a9:09:6f:f1:b9:42:ca:5d:70:f5:83:9a:
83:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:77:4B:64:3C:05:40:5B:F0:A9:1A:DD:8A:EE:C9:DC:76:23:86:5E
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/VHdLZDwFQFvwqRrdiu7J3HYjhl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.204.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:26:65:ed:e5:ef:d4:5e:5e:37:6c:fc:d8:e7:dd:46:1b:55:
b6:d6:76:0e:e4:7f:f1:dc:21:f3:61:4f:dd:df:f5:61:70:41:
2c:fe:0c:9b:da:ff:df:8f:6b:eb:66:28:eb:9f:55:13:a8:e4:
04:17:1e:6b:03:1f:95:36:f0:2f:99:21:66:9a:9f:e4:e5:73:
f2:c2:13:21:3e:fa:53:58:72:7a:59:c1:2e:69:e3:b3:aa:70:
38:7e:f0:83:40:06:08:a0:aa:b8:87:62:d3:44:7f:0c:25:be:
f4:b6:f7:82:63:b8:84:66:21:81:a8:61:8e:2d:49:ad:b1:93:
81:7f:01:2b:ba:95:bf:36:5d:75:62:1b:31:19:64:9c:13:93:
b0:94:44:d8:85:91:4b:c4:16:63:d7:3f:82:41:fd:d2:89:0a:
0c:fe:8a:74:62:7c:87:44:19:a4:88:64:bd:58:a2:ca:04:94:
ca:9b:90:d3:6c:6a:a2:6c:bf:8b:48:37:f1:48:42:12:57:62:
e7:90:61:be:1a:79:38:ba:88:f2:fa:0e:61:1f:35:84:ae:52:
76:c7:e6:ab:ea:b7:65:64:7d:ac:76:1f:e5:35:74:f3:c9:93:
85:c0:dd:92:32:fb:77:a4:b8:bd:e2:0e:f5:68:48:fa:29:a7:
42:46:c0:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZyS7VtAOxgoUq/KFzF5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc3NGI2NDNjMDU0MDViZjBhOTFhZGQ4YWVlYzlkYzc2MjM4NjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+mVSknwSQm2XlsFZTQiQBCm/p44
rMLyHowC3lj0tvDUdKhGef+cex4IhNGE/bWXlVL1HBLPOD7kXXGT8T52eCqNqeF2
FxwWicbCRN2Vwb4xG6HfhjsgECucgfJEIgXSyzsXYPcEPB6fOszEEwfaKf5dBPQV
yG8UBNO2OduAOUoJe8D80TR64CPsBtrvNPL1Upxwc0uEEiutLuz/OMPUcDvL926C
l8WelkCr4BaYnO7V0VPNpOfAlkQevDJxvyBqrCI+TaUQpj9cwudAZ6v2PvVD5A3l
B3fmvfyU9MVotV+/djoONiJPGtVmIp2uLCznoumpCW/xuULKXXD1g5qDZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFR3S2Q8BUBb8Kka3Yruydx2I4ZeMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvVkhkTFpEd0ZRRnZ3cVJyZGl1N0ozSFlqaGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBcrMMA0G
CSqGSIb3DQEBCwUAA4IBAQBaJmXt5e/UXl43bPzY591GG1W21nYO5H/x3CHzYU/d
3/VhcEEs/gyb2v/fj2vrZijrn1UTqOQEFx5rAx+VNvAvmSFmmp/k5XPywhMhPvpT
WHJ6WcEuaeOzqnA4fvCDQAYIoKq4h2LTRH8MJb70tveCY7iEZiGBqGGOLUmtsZOB
fwErupW/Nl11YhsxGWScE5OwlETYhZFLxBZj1z+CQf3SiQoM/op0YnyHRBmkiGS9
WKLKBJTKm5DTbGqibL+LSDfxSEISV2LnkGG+Gnk4uojy+g5hHzWErlJ2x+ar6rdl
ZH2sdh/lNXTzyZOFwN2SMvt3pLi94g71aEj6KadCRsDH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org