Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6MAMy_hn3G6PIWvGmL2RpJ22mxU.roa
File: 6MAMy_hn3G6PIWvGmL2RpJ22mxU.roa (raw, json)
Hash identifier: nCd+S3CvEZ9wQiB/JMLNhRsLzhmyLgmZAnNcJtY0e5I=
Subject key identifier: E8:C0:0C:CB:F8:67:DC:6E:8F:21:6B:C6:98:BD:91:A4:9D:B6:9B:15
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018D2D87CF2AD5A1ED3348984703BCA165AA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6MAMy_hn3G6PIWvGmL2RpJ22mxU.roa
Signing time: Sun 21 Jan 2024 19:38:11 +0000
ROA not before: Sun 21 Jan 2024 19:38:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.187.0/24 maxlen: 24
63.246.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 20:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:87:cf:2a:d5:a1:ed:33:48:98:47:03:bc:a1:65:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 21 19:38:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8c00ccbf867dc6e8f216bc698bd91a49db69b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:49:c5:92:d2:40:b1:b0:0f:43:d3:81:b9:c9:
3e:dd:f0:4b:68:58:c2:2c:1d:eb:c1:f1:ba:d7:d2:
1e:13:1d:1d:54:fa:8f:e5:7f:13:e9:62:65:b7:52:
d5:93:4b:3b:aa:0a:89:41:33:57:3e:65:80:71:e1:
bb:cb:60:85:62:99:ef:75:2a:98:df:09:cf:de:3a:
91:3b:29:52:ff:5f:8e:98:8a:b0:27:b1:84:d0:68:
da:a1:c9:9b:f8:a8:0f:4b:fd:e6:e6:73:74:fd:be:
b1:6c:45:7b:9d:38:77:64:41:98:cb:35:86:74:d3:
30:18:76:e7:32:b0:4e:20:e3:65:07:13:43:68:76:
35:c9:7a:8b:ee:c0:3e:af:4a:5c:50:88:79:f0:a5:
31:39:0f:8f:c2:e6:9f:b9:6e:d3:e6:0c:dd:1f:da:
48:97:79:d6:fd:aa:2c:09:0e:20:ef:d9:3b:5f:6f:
71:4f:66:d2:ec:33:a7:7d:f0:25:17:ad:b0:89:7b:
c2:52:28:8e:da:9c:76:c2:d7:c6:02:14:46:a7:56:
55:42:95:4a:fd:b5:84:e5:38:32:19:f2:d4:00:ec:
26:b8:d1:73:58:98:06:b0:76:f9:04:e2:ff:ad:f8:
9a:73:bd:ba:26:be:ee:b1:d8:11:f2:f3:d8:a7:c8:
c3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C0:0C:CB:F8:67:DC:6E:8F:21:6B:C6:98:BD:91:A4:9D:B6:9B:15
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6MAMy_hn3G6PIWvGmL2RpJ22mxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.187.0/24
63.246.144.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:bc:a5:df:4e:ec:93:21:bc:6f:19:bd:12:f1:e4:bb:0f:75:
80:35:e8:84:c3:87:50:8c:29:cc:15:ac:d6:81:1e:08:64:44:
0b:35:a6:cc:b6:fa:b7:9b:cd:d6:9c:64:59:ab:21:53:38:f5:
af:bd:57:4d:5f:1c:6d:35:50:a5:13:c5:a9:1e:29:5b:a7:fa:
82:03:3c:e5:42:e3:af:b4:ef:3f:c2:b9:68:5d:82:47:01:c1:
c0:23:15:a7:b6:8f:77:cd:ef:d1:a7:23:50:39:35:4f:15:29:
ac:53:bb:fd:66:eb:7b:9d:d9:8f:d7:c3:38:04:0c:d5:84:f8:
bd:11:23:e3:56:50:d9:03:3e:2a:1c:3f:76:80:68:63:0a:00:
3a:c6:d0:db:b6:28:c9:c8:22:08:18:7b:51:c9:a3:92:10:bc:
e4:5b:09:93:45:b2:8a:93:29:b1:65:4a:85:3c:59:5d:e8:4c:
19:43:d5:b9:8e:20:31:cf:72:0c:2e:72:57:9b:0f:5d:65:d2:
7e:7c:42:32:ac:2a:c0:aa:e0:23:ae:64:21:c6:be:07:4e:50:
8d:96:f3:06:95:28:53:ce:b3:e6:cf:f4:2f:2f:47:04:61:fe:
af:1e:6f:bd:9c:c6:11:e7:7b:8a:67:5b:60:bb:09:02:ac:ef:
b2:e1:da:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0th88q1aHtM0iYRwO8oWWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTIxMTkzODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGMwMGNjYmY4NjdkYzZlOGYyMTZiYzY5OGJkOTFhNDlkYjY5YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEnFktJAsbAPQ9OBuck+3fBLaFjC
LB3rwfG619IeEx0dVPqP5X8T6WJlt1LVk0s7qgqJQTNXPmWAceG7y2CFYpnvdSqY
3wnP3jqROylS/1+OmIqwJ7GE0Gjaocmb+KgPS/3m5nN0/b6xbEV7nTh3ZEGYyzWG
dNMwGHbnMrBOIONlBxNDaHY1yXqL7sA+r0pcUIh58KUxOQ+PwuafuW7T5gzdH9pI
l3nW/aosCQ4g79k7X29xT2bS7DOnffAlF62wiXvCUiiO2px2wtfGAhRGp1ZVQpVK
/bWE5TgyGfLUAOwmuNFzWJgGsHb5BOL/rfiac726Jr7usdgR8vPYp8jDsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOjADMv4Z9xujyFrxpi9kaSdtpsVMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNk1BTXlfaG4zRzZQSVd2R21MMlJwSjIybXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABba7AwQA
P/aQMA0GCSqGSIb3DQEBCwUAA4IBAQBOvKXfTuyTIbxvGb0S8eS7D3WANeiEw4dQ
jCnMFazWgR4IZEQLNabMtvq3m83WnGRZqyFTOPWvvVdNXxxtNVClE8WpHilbp/qC
AzzlQuOvtO8/wrloXYJHAcHAIxWnto93ze/RpyNQOTVPFSmsU7v9Zut7ndmP18M4
BAzVhPi9ESPjVlDZAz4qHD92gGhjCgA6xtDbtijJyCIIGHtRyaOSELzkWwmTRbKK
kymxZUqFPFld6EwZQ9W5jiAxz3IMLnJXmw9dZdJ+fEIyrCrAquAjrmQhxr4HTlCN
lvMGlShTzrPmz/QvL0cEYf6vHm+9nMYR53uKZ1tguwkCrO+y4drN
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:48:47 2025 by rpki-client