Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lA3NRFoVmsUilaCg0JUvuAse6dg.roa
File: lA3NRFoVmsUilaCg0JUvuAse6dg.roa (raw, json)
Hash identifier: V67e6vWkJWszpuccs7UuV9CYawIdpPhhFX1rp9+e0FM=
Subject key identifier: 94:0D:CD:44:5A:15:9A:C5:22:95:A0:A0:D0:95:2F:B8:0B:1E:E9:D8
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C78683D0FBD5EE73D68C974DA0B7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lA3NRFoVmsUilaCg0JUvuAse6dg.roa
Signing time: Mon 01 Jan 2024 04:29:35 +0000
ROA not before: Mon 01 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201150
IP address blocks: 5.202.96.0/22 maxlen: 22
5.202.132.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
5.202.29.0/24 maxlen: 24
5.202.28.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.64.0/23 maxlen: 23
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
5.202.0.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
5.202.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 25 Sep 2024 11:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c7:86:83:d0:fb:d5:ee:73:d6:8c:97:4d:a0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=940dcd445a159ac52295a0a0d0952fb80b1ee9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:23:35:da:40:0f:be:9b:2e:1f:61:69:f0:
fd:8f:82:19:d9:fd:bf:ad:65:6e:92:8c:00:26:a9:
eb:af:ba:c3:e7:ac:a6:65:57:f9:3b:44:24:ad:c0:
3e:65:a9:b7:1b:d8:93:74:37:cf:35:45:f6:eb:4d:
72:cf:dd:c0:38:d3:58:63:82:64:55:69:16:4c:01:
a8:3a:54:8c:29:2e:cc:be:bb:33:4e:f1:68:04:71:
fa:42:55:83:3c:a8:83:56:15:fb:10:4a:51:1d:ad:
52:6e:46:d1:45:11:08:0e:ae:76:85:31:35:66:48:
4f:1b:3b:00:bd:cf:ab:ed:52:c5:12:cc:43:ca:29:
60:ca:1f:c7:65:69:c8:da:d3:a9:a3:1a:60:d4:33:
26:2a:ce:fd:c8:55:6d:48:f0:bf:7b:43:e4:13:30:
8c:df:a8:5c:74:d3:ba:66:84:6b:e6:87:7a:08:2e:
33:b3:4d:17:ec:08:11:6b:0e:b2:d8:66:4e:b8:6b:
8f:d4:72:31:4a:59:59:be:bc:3d:26:22:19:3f:2a:
ca:dd:0f:1b:60:d6:a3:9e:91:ae:cd:9e:92:5f:8f:
db:ab:d2:2b:02:9c:29:c5:e7:de:29:fd:dc:bb:c1:
2f:e7:6c:e8:35:82:84:7e:3d:38:6d:ce:37:f0:2b:
6a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0D:CD:44:5A:15:9A:C5:22:95:A0:A0:D0:95:2F:B8:0B:1E:E9:D8
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lA3NRFoVmsUilaCg0JUvuAse6dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.169.20.0/22
185.169.36.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
77:4c:aa:19:26:58:6f:74:98:e7:0b:68:43:19:5c:a5:77:83:
f0:85:7d:09:7d:ae:bb:af:91:c4:29:99:69:37:d5:c7:91:24:
61:72:b0:67:16:35:42:ca:bc:25:51:06:34:ef:24:3e:99:8d:
36:1c:2f:a9:49:ac:00:8a:32:5e:25:0a:cf:8e:44:61:24:fe:
a8:f3:4c:6e:b7:c3:2f:d8:ef:b2:47:c0:d4:69:fa:28:2b:50:
58:c6:73:bd:e0:79:90:ea:28:59:ae:f0:ba:9e:da:49:f0:4c:
ab:59:91:64:c3:e5:27:68:39:af:37:df:d8:11:7d:71:66:9e:
e9:88:6d:a7:30:06:e6:d5:75:1f:0b:b0:14:26:83:0e:0f:20:
c1:ab:b7:f8:b7:a2:6a:e8:22:4d:cf:8a:b4:08:10:12:58:dc:
7b:7c:c3:9a:df:5d:cd:3a:7a:bd:d0:ec:b6:3c:a0:fd:a9:c0:
f5:bb:df:79:6c:44:c6:2f:0f:fd:86:fe:68:66:bc:86:c9:a1:
36:68:f0:32:a2:f8:5d:30:52:57:3a:7e:68:36:35:c5:b7:bd:
5b:32:08:74:13:e3:46:84:7e:cc:06:f8:17:0b:b7:03:19:85:
08:07:1c:65:d6:ff:da:0a:51:b0:02:c1:b4:49:a4:64:ff:1b:
85:1d:40:19
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzDSMeGg9D71e5z1oyXTaC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBkY2Q0NDVhMTU5YWM1MjI5NWEwYTBkMDk1MmZiODBiMWVlOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEYjNdpAD76bLh9hafD9j4IZ2f2/
rWVukowAJqnrr7rD56ymZVf5O0QkrcA+Zam3G9iTdDfPNUX2601yz93AONNYY4Jk
VWkWTAGoOlSMKS7MvrszTvFoBHH6QlWDPKiDVhX7EEpRHa1SbkbRRREIDq52hTE1
ZkhPGzsAvc+r7VLFEsxDyilgyh/HZWnI2tOpoxpg1DMmKs79yFVtSPC/e0PkEzCM
36hcdNO6ZoRr5od6CC4zs00X7AgRaw6y2GZOuGuP1HIxSllZvrw9JiIZPyrK3Q8b
YNajnpGuzZ6SX4/bq9IrApwpxefeKf3cu8Ev52zoNYKEfj04bc438CtqtQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJQNzURaFZrFIpWgoNCVL7gLHunYMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbEEzTlJGb1Ztc1VpbGFDZzBKVXZ1QXNlNmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5tDQw
DQYJKoZIhvcNAQELBQADggEBAHdMqhkmWG90mOcLaEMZXKV3g/CFfQl9rruvkcQp
mWk31ceRJGFysGcWNULKvCVRBjTvJD6ZjTYcL6lJrACKMl4lCs+ORGEk/qjzTG63
wy/Y77JHwNRp+igrUFjGc73geZDqKFmu8Lqe2knwTKtZkWTD5SdoOa8339gRfXFm
numIbacwBubVdR8LsBQmgw4PIMGrt/i3omroIk3PirQIEBJY3Ht8w5rfXc06er3Q
7LY8oP2pwPW733lsRMYvD/2G/mhmvIbJoTZo8DKi+F0wUlc6fmg2NcW3vVsyCHQT
40aEfswG+BcLtwMZhQgHHGXW/9oKUbACwbRJpGT/G4UdQBk=
-----END CERTIFICATE-----
Generated at Wed Sep 25 16:29:52 2024 by rpki-client on console-ams.rpki-client.org