Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/NQ235AfJYG9iE1brXZzGF6DOCFY.roa
File: NQ235AfJYG9iE1brXZzGF6DOCFY.roa (raw, json)
Hash identifier: EbTjGLu2oQgb8XDtZePrD7+oR1EkWtHRV5qUNeLel94=
Subject key identifier: 35:0D:B7:E4:07:C9:60:6F:62:13:56:EB:5D:9C:C6:17:A0:CE:08:56
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 018CC6B8C25FDB4B3688FD8D323988E25DA7
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/NQ235AfJYG9iE1brXZzGF6DOCFY.roa
Signing time: Mon 01 Jan 2024 20:30:46 +0000
ROA not before: Mon 01 Jan 2024 20:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 5.180.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 21:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c2:5f:db:4b:36:88:fd:8d:32:39:88:e2:5d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Jan 1 20:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=350db7e407c9606f621356eb5d9cc617a0ce0856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4b:e2:a0:c2:f6:9c:97:4a:6d:e1:6e:8e:2e:
a7:53:ef:80:da:fb:2e:5e:bc:a0:06:e0:49:d6:d9:
26:d9:01:26:90:26:38:42:4a:c1:0f:bd:ce:e3:f3:
06:c3:48:f7:54:f7:82:63:96:16:74:62:c3:b6:43:
99:f8:c5:12:8f:04:b6:c2:ff:7c:8e:54:70:08:cb:
12:bd:31:25:d6:31:ab:1b:0d:2e:d6:8b:b1:31:56:
f3:1a:1a:bf:a3:41:96:97:14:85:be:ed:a7:90:58:
7e:03:39:f7:f8:6a:9a:9e:8d:8b:4a:2a:b3:b9:c2:
8b:e3:ce:0f:8e:5c:81:9c:28:f1:c0:b5:5f:99:b3:
cf:df:0e:96:3c:4c:4c:21:8d:cf:7a:bc:e1:a8:97:
99:01:3f:36:0f:93:91:c5:c4:bd:85:57:07:28:ba:
38:2b:8c:6e:c2:99:0c:fa:ea:06:f0:7a:5e:f6:5f:
bc:af:22:97:3a:fb:ba:b1:0f:38:75:45:00:60:c9:
af:83:c1:25:3f:50:9e:16:25:a2:94:64:17:fb:ef:
50:d0:b8:9a:43:12:47:83:21:02:b1:99:f2:fc:1e:
be:34:73:37:e4:14:ec:14:ec:60:d8:9d:5d:37:e7:
49:43:3f:52:92:ad:0e:9f:f8:20:c3:d8:99:05:44:
0b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:B7:E4:07:C9:60:6F:62:13:56:EB:5D:9C:C6:17:A0:CE:08:56
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/NQ235AfJYG9iE1brXZzGF6DOCFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.153.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2b:c1:66:74:69:c0:22:66:1b:e1:1c:47:5a:04:cd:96:6e:
d2:d6:ed:f7:42:9c:ad:cf:03:2b:f2:ee:79:e9:17:f0:0c:0b:
e3:bb:e3:36:67:27:f7:cf:25:5a:0b:48:62:94:ab:7f:2b:d5:
08:15:9b:c7:2a:f9:4b:5a:ea:07:11:79:3e:09:be:a8:c6:41:
60:f6:99:ad:56:3e:3e:d3:ae:1e:68:10:22:86:d2:f6:dd:63:
c2:1a:ee:e2:c7:d0:b7:36:6b:ec:2f:e8:06:02:59:e4:ef:c2:
04:e6:ff:05:00:e3:4a:13:05:84:16:7c:40:4f:f1:36:db:c8:
44:99:23:ca:c2:fd:c2:2f:f5:bd:d8:91:f6:b3:77:3f:9e:1f:
8e:59:f6:19:41:e5:29:48:68:66:c6:fc:c7:fc:6c:41:ff:88:
c1:0f:bc:f2:c7:05:2c:56:c3:80:ce:de:fd:19:b3:ec:c5:e0:
0b:62:5f:06:c6:d5:f5:22:37:e7:6a:4d:54:f5:98:e8:cc:ff:
bf:ec:75:cc:86:b9:e0:aa:ed:87:7b:36:6f:63:b3:85:52:99:
73:7c:3b:53:aa:50:e9:10:15:52:a6:42:89:c5:5b:c4:73:41:
e1:20:3e:fa:64:53:4e:23:ce:93:c4:8d:b3:c8:07:f7:87:fd:
2c:ac:8f:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuMJf20s2iP2NMjmI4l2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjQwMTAxMjAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkYjdlNDA3Yzk2MDZmNjIxMzU2ZWI1ZDljYzYxN2EwY2UwODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kvioML2nJdKbeFuji6nU++A2vsu
XrygBuBJ1tkm2QEmkCY4QkrBD73O4/MGw0j3VPeCY5YWdGLDtkOZ+MUSjwS2wv98
jlRwCMsSvTEl1jGrGw0u1ouxMVbzGhq/o0GWlxSFvu2nkFh+Azn3+Gqano2LSiqz
ucKL484PjlyBnCjxwLVfmbPP3w6WPExMIY3PerzhqJeZAT82D5ORxcS9hVcHKLo4
K4xuwpkM+uoG8Hpe9l+8ryKXOvu6sQ84dUUAYMmvg8ElP1CeFiWilGQX++9Q0Lia
QxJHgyECsZny/B6+NHM35BTsFOxg2J1dN+dJQz9Skq0On/ggw9iZBUQLFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUNt+QHyWBvYhNW612cxhegzghWMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvTlEyMzVBZkpZRzlpRTFiclhaekdGNkRPQ0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbSZMA0G
CSqGSIb3DQEBCwUAA4IBAQCFK8FmdGnAImYb4RxHWgTNlm7S1u33QpytzwMr8u55
6RfwDAvju+M2Zyf3zyVaC0hilKt/K9UIFZvHKvlLWuoHEXk+Cb6oxkFg9pmtVj4+
064eaBAihtL23WPCGu7ix9C3NmvsL+gGAlnk78IE5v8FAONKEwWEFnxAT/E228hE
mSPKwv3CL/W92JH2s3c/nh+OWfYZQeUpSGhmxvzH/GxB/4jBD7zyxwUsVsOAzt79
GbPsxeALYl8GxtX1Ijfnak1U9ZjozP+/7HXMhrngqu2HezZvY7OFUplzfDtTqlDp
EBVSpkKJxVvEc0HhID76ZFNOI86TxI2zyAf3h/0srI99
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:15 2024 by rpki-client on console-fra.rpki-client.org