Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/PxPok5RIeXe569pcvDf_YY7X0pA.roa
File: PxPok5RIeXe569pcvDf_YY7X0pA.roa (raw, json)
Hash identifier: XPqpKX9kzYIM7mzfH/pAu1xjHCRpLGUW1EI49F/mlYc=
Subject key identifier: 3F:13:E8:93:94:48:79:77:B9:EB:DA:5C:BC:37:FF:61:8E:D7:D2:90
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 018EE6A0E1EFD0BD5E294F595C776E56CF87
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/PxPok5RIeXe569pcvDf_YY7X0pA.roa
Signing time: Tue 16 Apr 2024 11:18:07 +0000
ROA not before: Tue 16 Apr 2024 11:18:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.180.153.0/24 maxlen: 24
2a10:4bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Apr 2024 10:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:a0:e1:ef:d0:bd:5e:29:4f:59:5c:77:6e:56:cf:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Apr 16 11:18:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f13e89394487977b9ebda5cbc37ff618ed7d290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:8f:dd:9c:7f:ce:c2:6c:49:73:2b:d8:72:
ea:6a:14:a5:ac:cd:d4:39:d7:7e:24:9d:7e:f0:da:
c7:30:5e:c5:36:2b:47:b5:6e:4c:fb:37:11:b8:c5:
48:9b:02:9f:3c:c3:93:ce:9d:73:4c:21:01:43:dc:
fb:2b:8d:43:69:58:cc:f4:5b:2d:b6:68:0d:65:92:
c1:1a:2b:45:43:fd:80:f4:09:a5:65:81:91:e0:f9:
82:69:18:2d:72:75:9e:fa:ea:f2:28:f2:a7:82:ec:
ea:23:7f:9a:f7:5f:80:4d:21:2a:b3:dc:64:92:fa:
9e:29:90:e1:a5:b5:73:c2:78:9a:c3:7a:10:2d:11:
a3:ad:4b:93:03:bd:a6:44:20:27:6d:72:07:01:d3:
1b:62:88:f9:fa:73:ad:5a:c7:bc:42:a6:d3:52:30:
7a:9c:26:4e:ed:e9:b8:07:1e:28:67:0d:60:79:d3:
12:fd:ed:e6:79:81:c2:28:93:00:c6:45:8c:99:1c:
26:33:78:1a:f3:1c:04:6c:9b:9f:4d:aa:53:b1:ab:
ce:ee:18:e3:71:b9:cf:b1:ae:38:05:ff:a0:d6:ee:
98:44:78:5d:9b:68:42:43:df:70:04:79:88:be:7c:
18:0b:d3:47:4f:bd:40:eb:67:e3:b0:92:db:08:a9:
3c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:13:E8:93:94:48:79:77:B9:EB:DA:5C:BC:37:FF:61:8E:D7:D2:90
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/PxPok5RIeXe569pcvDf_YY7X0pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.153.0/24
IPv6:
2a10:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:d7:66:b2:a8:f7:dc:18:b7:8a:79:df:85:ce:1e:f8:4c:61:
85:0e:5a:04:43:ba:b9:b0:ec:66:67:10:ad:a4:8b:2c:f1:9b:
6f:98:37:71:71:59:b7:56:a4:27:82:f2:d6:4e:54:50:5f:47:
70:9d:36:24:24:66:0a:1b:e4:ee:08:b7:4f:d0:7c:00:c8:7c:
f2:10:5f:53:c6:40:14:8b:28:82:9b:6f:e4:2a:f7:76:d3:fb:
79:96:41:ac:bd:9e:20:55:9f:cd:7a:ba:34:21:e3:bb:0a:3b:
ef:0c:e4:60:7c:88:31:3d:61:46:ad:5c:72:17:44:ed:af:1e:
ee:03:e8:1a:f5:7c:e2:b2:af:b0:69:21:2c:0f:0d:8e:b0:88:
38:72:d1:59:b3:1d:73:89:58:a6:4e:f2:42:df:6c:fb:6d:e9:
2b:47:f6:d4:24:02:95:6a:e2:d1:9e:84:51:37:a7:e8:d9:4f:
a0:3e:72:66:4b:d7:42:4e:db:33:0b:02:e3:80:05:65:a2:76:
ba:34:40:a6:c2:96:7b:2d:28:48:81:7e:fd:6a:9f:75:15:82:
2f:dc:45:38:21:3c:c3:b1:3e:22:f8:52:84:24:af:63:a4:1d:
f0:f0:96:39:1b:d9:d2:2d:60:bd:09:e0:9a:b4:8b:4f:44:77:
78:5e:f1:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7moOHv0L1eKU9ZXHduVs+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjQwNDE2MTExODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjEzZTg5Mzk0NDg3OTc3YjllYmRhNWNiYzM3ZmY2MThlZDdkMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ6P3Zx/zsJsSXMr2HLqahSlrM3U
Odd+JJ1+8NrHMF7FNitHtW5M+zcRuMVImwKfPMOTzp1zTCEBQ9z7K41DaVjM9Fst
tmgNZZLBGitFQ/2A9AmlZYGR4PmCaRgtcnWe+uryKPKnguzqI3+a91+ATSEqs9xk
kvqeKZDhpbVzwniaw3oQLRGjrUuTA72mRCAnbXIHAdMbYoj5+nOtWse8QqbTUjB6
nCZO7em4Bx4oZw1gedMS/e3meYHCKJMAxkWMmRwmM3ga8xwEbJufTapTsavO7hjj
cbnPsa44Bf+g1u6YRHhdm2hCQ99wBHmIvnwYC9NHT71A62fjsJLbCKk8twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD8T6JOUSHl3uevaXLw3/2GO19KQMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvUHhQb2s1UkllWGU1NjlwY3ZEZl9ZWTdYMHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABbSZMA0E
AgACMAcDBQMqEEvAMA0GCSqGSIb3DQEBCwUAA4IBAQAq12ayqPfcGLeKed+Fzh74
TGGFDloEQ7q5sOxmZxCtpIss8ZtvmDdxcVm3VqQngvLWTlRQX0dwnTYkJGYKG+Tu
CLdP0HwAyHzyEF9TxkAUiyiCm2/kKvd20/t5lkGsvZ4gVZ/Nero0IeO7CjvvDORg
fIgxPWFGrVxyF0Ttrx7uA+ga9Xzisq+waSEsDw2OsIg4ctFZsx1ziVimTvJC32z7
bekrR/bUJAKVauLRnoRRN6fo2U+gPnJmS9dCTtszCwLjgAVlona6NECmwpZ7LShI
gX79ap91FYIv3EU4ITzDsT4i+FKEJK9jpB3w8JY5G9nSLWC9CeCatItPRHd4XvGk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org