Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/1-QUM4hGdXD-vys6vdw3MpAldN6g.roa
File: 1-QUM4hGdXD-vys6vdw3MpAldN6g.roa (raw, json)
Hash identifier: nxNduVRwTGTEXA0H8be5DWdRF9GbUE1Mc3isgD5JUJ0=
Subject key identifier: F9:05:0C:E2:11:9D:5C:3F:AF:CA:CE:AF:77:0D:CC:A4:09:5D:37:A8
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 018E0EFAB1DD5208D207283F607D9DB31DFF
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/1-QUM4hGdXD-vys6vdw3MpAldN6g.roa
Signing time: Tue 05 Mar 2024 14:18:14 +0000
ROA not before: Tue 05 Mar 2024 14:18:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58202
IP address blocks: 5.180.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 16:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:fa:b1:dd:52:08:d2:07:28:3f:60:7d:9d:b3:1d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Mar 5 14:18:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9050ce2119d5c3fafcaceaf770dcca4095d37a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:2d:3a:5c:cc:d5:d2:8b:f6:50:34:2e:cb:
b3:91:93:db:89:f7:cd:6c:6d:e6:b8:a8:01:55:4c:
1e:a7:c7:24:30:d2:93:88:08:e0:b6:50:9d:48:c6:
df:c3:b0:a9:fe:07:97:6e:fc:34:fe:8c:bc:0d:5e:
ca:31:ec:a6:34:a6:42:14:12:36:47:db:d6:6c:7f:
6f:60:2c:87:4c:a5:5c:8e:1d:4d:c3:aa:3d:b3:7d:
db:b3:6e:8a:d5:51:4d:8e:aa:09:68:21:44:5b:0c:
04:6f:17:85:6c:5c:6c:a9:6d:4f:52:31:78:81:57:
da:ad:f7:b4:fd:89:ec:f7:b9:20:dd:ff:fa:f1:a4:
46:47:99:c7:c2:bf:c8:29:10:29:b8:fe:9c:17:f1:
94:4c:1b:09:39:0d:a9:23:9a:1a:39:17:29:b4:82:
4d:f0:fa:7a:f7:c5:59:19:2e:58:9e:df:9c:56:dd:
bf:d1:a1:3f:53:8b:72:1c:30:32:cb:7d:31:d9:b4:
a9:a7:dc:ad:b5:93:35:f0:40:fa:15:4c:13:24:ad:
e6:f8:2b:e5:f0:62:75:f2:52:be:18:49:21:d4:a9:
b9:a8:31:b7:0d:79:90:fc:a0:16:7f:4f:82:23:86:
37:8f:34:2a:9c:69:d7:a9:0d:9a:b0:3f:d9:66:2a:
de:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:05:0C:E2:11:9D:5C:3F:AF:CA:CE:AF:77:0D:CC:A4:09:5D:37:A8
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/1-QUM4hGdXD-vys6vdw3MpAldN6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.153.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:96:c7:df:3a:3a:35:a5:75:88:9c:4a:98:27:0a:ac:cf:57:
9c:39:6d:35:f3:84:ce:33:4d:ec:51:57:11:d4:52:f4:84:67:
d6:32:07:f4:9f:e8:9d:fc:f3:42:87:19:8f:b2:f9:1e:c2:ca:
65:16:a6:21:3d:f0:25:80:d8:31:fe:61:80:39:a0:8d:f1:db:
35:3b:41:51:f4:8f:dc:03:2e:bc:42:30:74:38:88:bb:31:c9:
10:74:42:71:8a:12:2e:8a:0e:03:1b:f0:02:2f:87:5b:be:ed:
0a:2f:ae:f5:23:d9:e7:d9:89:ad:4f:a6:ee:35:b5:b0:b3:42:
b0:35:52:67:62:56:49:ce:41:d5:9e:5b:a0:f8:4e:03:79:fb:
a5:ec:c9:6c:eb:d5:e8:5d:96:7d:fe:43:e6:a3:01:a1:01:66:
81:6f:23:77:92:c9:af:69:d6:a4:e8:21:2e:e6:3c:59:89:a0:
d7:b9:0a:73:f0:d2:b4:7c:76:65:34:35:59:82:18:4b:fc:f5:
e2:7c:fb:74:9e:e1:cf:f0:06:c6:e0:ed:6a:72:ad:8d:72:ee:
74:a7:7e:1f:56:41:bf:49:06:69:c7:1c:56:99:0c:eb:bc:15:
39:35:8e:eb:b7:3e:e5:6c:f3:6f:c1:d2:31:56:a0:aa:40:c4:
4a:19:75:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4O+rHdUgjSByg/YH2dsx3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjQwMzA1MTQxODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA1MGNlMjExOWQ1YzNmYWZjYWNlYWY3NzBkY2NhNDA5NWQzN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ctOlzM1dKL9lA0LsuzkZPbiffN
bG3muKgBVUwep8ckMNKTiAjgtlCdSMbfw7Cp/geXbvw0/oy8DV7KMeymNKZCFBI2
R9vWbH9vYCyHTKVcjh1Nw6o9s33bs26K1VFNjqoJaCFEWwwEbxeFbFxsqW1PUjF4
gVfarfe0/Yns97kg3f/68aRGR5nHwr/IKRApuP6cF/GUTBsJOQ2pI5oaORcptIJN
8Pp698VZGS5Ynt+cVt2/0aE/U4tyHDAyy30x2bSpp9yttZM18ED6FUwTJK3m+Cvl
8GJ18lK+GEkh1Km5qDG3DXmQ/KAWf0+CI4Y3jzQqnGnXqQ2asD/ZZireBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkFDOIRnVw/r8rOr3cNzKQJXTeoMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvMS1RVU00aEdkWEQtdnlzNnZkdzNNcEFsZE42Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGIvZjcwYzZhLTgxNGItNDYxYS04NTQxLWI0ZGQyMjc1ODk1
MS8xL2VhaEQwNlo3OGdMUXJpUGZsZUZPcUhIWThWMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW0mTAN
BgkqhkiG9w0BAQsFAAOCAQEAP5bH3zo6NaV1iJxKmCcKrM9XnDltNfOEzjNN7FFX
EdRS9IRn1jIH9J/onfzzQocZj7L5HsLKZRamIT3wJYDYMf5hgDmgjfHbNTtBUfSP
3AMuvEIwdDiIuzHJEHRCcYoSLooOAxvwAi+HW77tCi+u9SPZ59mJrU+m7jW1sLNC
sDVSZ2JWSc5B1Z5boPhOA3n7pezJbOvV6F2Wff5D5qMBoQFmgW8jd5LJr2nWpOgh
LuY8WYmg17kKc/DStHx2ZTQ1WYIYS/z14nz7dJ7hz/AGxuDtanKtjXLudKd+H1ZB
v0kGacccVpkM67wVOTWO67c+5Wzzb8HSMVagqkDEShl11A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org