Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h0EVoJ0ha6uwqs6SgO8V0bQJJJk.roa
File: h0EVoJ0ha6uwqs6SgO8V0bQJJJk.roa (raw, json)
Hash identifier: akpMT3s3jLsJgC3HpMuZ8T+poZxsNjZwl3Tvtss7NZg=
Subject key identifier: 87:41:15:A0:9D:21:6B:AB:B0:AA:CE:92:80:EF:15:D1:B4:09:24:99
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BB98CD8A04ACF4555198B8AC3765AFA34
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h0EVoJ0ha6uwqs6SgO8V0bQJJJk.roa
Signing time: Fri 10 Nov 2023 14:04:57 +0000
ROA not before: Fri 10 Nov 2023 14:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.4.0/22 maxlen: 24
5.226.48.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 08:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:8c:d8:a0:4a:cf:45:55:19:8b:8a:c3:76:5a:fa:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 10 14:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=874115a09d216babb0aace9280ef15d1b4092499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f0:1d:2f:f1:7c:39:ac:17:25:65:fd:20:43:
ac:ba:ad:78:dc:8d:84:96:ee:3c:0f:d6:1c:13:6a:
ba:88:78:56:07:72:d0:94:29:a2:40:b1:04:a8:c7:
9f:b2:93:8b:1b:1c:6a:ff:4e:24:61:a5:95:a2:5f:
64:5b:5a:1f:0d:89:63:bd:a9:93:6e:9a:5d:93:62:
6d:33:80:49:aa:83:af:3c:0f:99:e5:78:d4:98:07:
6f:fa:e5:0b:b0:e9:cb:de:10:b9:4c:81:86:37:fc:
eb:cb:2a:c5:ac:d9:74:e7:c1:f4:9d:b5:54:e3:a9:
64:a7:1f:e1:16:4b:2c:c4:f9:93:fa:72:ed:19:bf:
ac:35:b8:f4:c4:1e:0b:6c:cf:19:e3:39:69:02:77:
ff:af:de:a1:da:a1:4a:96:97:69:7d:a7:56:9a:64:
f9:59:9e:43:ab:46:40:ec:dd:76:09:00:35:64:41:
8a:c9:b1:ba:19:8f:43:46:ce:a8:41:e1:eb:dd:70:
fd:00:ef:f2:21:14:77:32:92:7b:e9:cb:c5:d1:96:
37:d0:50:58:70:8d:32:93:9f:2d:89:b3:80:fa:30:
fe:29:21:ae:8e:b6:f7:3a:6e:2c:d4:14:9d:3a:c9:
31:af:c9:ac:ae:32:65:04:3e:e4:2b:9a:a5:d5:09:
d5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:41:15:A0:9D:21:6B:AB:B0:AA:CE:92:80:EF:15:D1:B4:09:24:99
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/h0EVoJ0ha6uwqs6SgO8V0bQJJJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.48.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
188.253.4.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
16:26:0f:34:97:66:e8:ef:b8:31:d4:5f:1a:67:27:31:a4:4b:
35:6b:9c:25:a8:bc:8c:bf:9b:78:85:45:bd:a8:7e:11:50:73:
f5:3c:43:60:4a:2d:5a:95:bb:b9:6f:c4:0b:66:c4:d7:e6:01:
d7:de:01:a0:e8:a4:34:91:f8:2e:66:1d:67:4f:f8:7c:c4:45:
4f:b5:38:00:6d:0e:cb:57:b9:fd:44:87:40:9d:2f:22:52:b0:
e9:0c:3a:3b:ab:16:05:e5:80:8e:06:8a:d2:91:ba:fe:4d:e0:
1f:f4:93:96:9f:31:f7:02:98:bd:6a:3c:c5:46:c8:0f:55:ce:
95:05:76:05:71:5a:34:4c:98:02:9e:db:6d:ab:1c:be:c1:f2:
f2:2e:54:74:0d:f2:cf:b6:71:56:41:c4:3e:30:c5:5f:22:31:
14:a8:03:ce:5a:4d:a3:e4:c9:74:00:5f:80:cc:cf:94:78:5e:
d6:6b:7c:f9:2a:93:22:e0:d2:12:3a:ec:65:93:6a:5e:b9:c2:
e7:f2:52:58:fa:f3:3c:ca:64:6f:4c:6a:3b:06:1b:9e:d0:c8:
54:b6:dc:7a:94:aa:0e:b9:dd:21:8f:5d:13:f8:f0:fe:7e:5a:
87:2f:3c:06:31:fa:ee:9d:ae:9f:03:ea:ef:7a:76:91:c6:38:
39:8c:89:4f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYu5jNigSs9FVRmLisN2Wvo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTEwMTQwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQxMTVhMDlkMjE2YmFiYjBhYWNlOTI4MGVmMTVkMWI0MDkyNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/AdL/F8OawXJWX9IEOsuq143I2E
lu48D9YcE2q6iHhWB3LQlCmiQLEEqMefspOLGxxq/04kYaWVol9kW1ofDYljvamT
bppdk2JtM4BJqoOvPA+Z5XjUmAdv+uULsOnL3hC5TIGGN/zryyrFrNl058H0nbVU
46lkpx/hFkssxPmT+nLtGb+sNbj0xB4LbM8Z4zlpAnf/r96h2qFKlpdpfadWmmT5
WZ5Dq0ZA7N12CQA1ZEGKybG6GY9DRs6oQeHr3XD9AO/yIRR3MpJ76cvF0ZY30FBY
cI0yk58tibOA+jD+KSGujrb3Om4s1BSdOskxr8msrjJlBD7kK5ql1QnVUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIdBFaCdIWursKrOkoDvFdG0CSSZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaDBFVm9KMGhhNnV3cXM2U2dPOFYwYlFKSkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBeIwAwQC
uSTAAwQCudzsAwQCufi4AwQCvP0EAwQC1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQAW
Jg80l2bo77gx1F8aZycxpEs1a5wlqLyMv5t4hUW9qH4RUHP1PENgSi1albu5b8QL
ZsTX5gHX3gGg6KQ0kfguZh1nT/h8xEVPtTgAbQ7LV7n9RIdAnS8iUrDpDDo7qxYF
5YCOBorSkbr+TeAf9JOWnzH3Api9ajzFRsgPVc6VBXYFcVo0TJgCntttqxy+wfLy
LlR0DfLPtnFWQcQ+MMVfIjEUqAPOWk2j5Ml0AF+AzM+UeF7Wa3z5KpMi4NISOuxl
k2peucLn8lJY+vM8ymRvTGo7Bhue0MhUttx6lKoOud0hj10T+PD+flqHLzwGMfru
na6fA+rvenaRxjg5jIlP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org