Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/h8E4uhYJGszV6koWmDDO6sGUWaw.roa
File: h8E4uhYJGszV6koWmDDO6sGUWaw.roa (raw, json)
Hash identifier: o8VdKIxWpmIjGIiLqJEpWegnbnhpbRvlXIWqsE47mcA=
Subject key identifier: 87:C1:38:BA:16:09:1A:CC:D5:EA:4A:16:98:30:CE:EA:C1:94:59:AC
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018A9A280B492023A49AAFC18664EB309532
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/h8E4uhYJGszV6koWmDDO6sGUWaw.roa
Signing time: Fri 15 Sep 2023 18:43:50 +0000
ROA not before: Fri 15 Sep 2023 18:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/24 maxlen: 24
5.102.37.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 19 Oct 2023 19:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:28:0b:49:20:23:a4:9a:af:c1:86:64:eb:30:95:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Sep 15 18:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87c138ba16091accd5ea4a169830ceeac19459ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:e6:1d:ef:09:9a:7b:0d:88:39:88:84:2a:
25:d8:26:ac:f6:52:f7:4e:04:32:2e:6f:ed:5f:c1:
44:55:44:7b:bd:ed:3c:47:dc:e6:f3:65:48:eb:73:
91:7e:d2:62:cb:26:40:3f:8d:82:42:5b:a4:6a:c6:
aa:5f:5c:de:af:ac:5a:99:6f:2a:c3:c3:cf:14:35:
74:5c:67:c9:b7:1f:ee:9f:2d:8a:bc:df:9f:34:ef:
3e:25:db:cf:77:71:3c:e2:e8:fa:af:7f:5f:5e:bf:
6b:c9:32:a3:83:37:3a:d5:5e:ad:5e:25:87:39:e9:
7b:3c:18:63:82:dc:1f:b3:bc:9a:77:b2:41:71:c5:
5f:0c:40:1c:7c:bc:08:fb:85:5e:8c:10:80:b1:05:
5c:4f:6b:c7:5a:82:6f:f4:20:44:e9:df:86:ef:00:
83:76:b5:d3:36:0d:76:8b:6d:23:42:59:91:32:89:
c6:ff:a5:d9:79:63:e5:7a:1a:b3:17:aa:35:01:ec:
33:e4:b0:14:7e:72:66:bb:a5:f2:b2:63:ef:96:77:
6e:75:53:55:9b:07:4e:96:4b:6e:a8:d2:ce:cb:94:
f8:f4:e9:63:74:d2:4d:f6:27:b1:8c:4b:2c:e4:5c:
74:30:d3:f8:fd:49:1d:f9:86:64:bf:a7:6d:d5:81:
86:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C1:38:BA:16:09:1A:CC:D5:EA:4A:16:98:30:CE:EA:C1:94:59:AC
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/h8E4uhYJGszV6koWmDDO6sGUWaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/23
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:aa:78:9b:66:a5:b9:e4:58:14:7a:e6:8e:e7:ff:8b:7a:94:
3a:d4:cc:8a:aa:a8:62:b4:d5:01:75:ea:4a:8b:56:91:20:ef:
4c:0f:03:a9:6b:fc:59:a4:68:f1:ac:60:d8:98:dd:08:3c:7b:
73:d0:8f:2e:3e:51:d4:bd:72:de:d0:2e:79:eb:27:b2:c0:d5:
e4:c0:4c:3e:48:93:5b:34:7d:39:b9:28:73:fd:4c:6d:f7:27:
b7:47:99:9c:de:d2:ba:ba:c5:55:17:9c:3a:9d:ed:f3:5f:94:
ea:2a:55:15:bd:02:3f:10:a4:93:93:3e:b4:1e:f8:91:b3:ff:
60:15:33:68:28:06:04:60:e8:74:75:26:41:5d:16:5c:de:88:
76:4a:e3:a6:e5:94:2e:72:c8:6b:f0:77:32:df:82:8c:cf:c3:
39:8d:28:77:25:df:41:b5:ba:91:66:db:04:67:f3:39:60:27:
d1:4d:0e:da:a8:54:29:bd:82:76:da:59:10:9f:66:be:86:35:
21:85:dc:83:3b:7d:d9:21:28:a6:84:51:98:19:7c:c8:11:17:
6b:e3:4d:d2:46:7f:e1:23:f6:3c:89:76:44:4e:81:42:b8:c8:
f3:8f:14:67:70:1a:6f:8a:08:c4:b8:7d:eb:0c:5e:43:1b:97:
16:af:80:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqaKAtJICOkmq/BhmTrMJUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMwOTE1MTg0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MxMzhiYTE2MDkxYWNjZDVlYTRhMTY5ODMwY2VlYWMxOTQ1OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPXmHe8JmnsNiDmIhCol2Cas9lL3
TgQyLm/tX8FEVUR7ve08R9zm82VI63ORftJiyyZAP42CQlukasaqX1zer6xamW8q
w8PPFDV0XGfJtx/uny2KvN+fNO8+JdvPd3E84uj6r39fXr9ryTKjgzc61V6tXiWH
Oel7PBhjgtwfs7yad7JBccVfDEAcfLwI+4VejBCAsQVcT2vHWoJv9CBE6d+G7wCD
drXTNg12i20jQlmRMonG/6XZeWPlehqzF6o1Aewz5LAUfnJmu6XysmPvlndudVNV
mwdOlktuqNLOy5T49OljdNJN9iexjEss5Fx0MNP4/Ukd+YZkv6dt1YGGBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIfBOLoWCRrM1epKFpgwzurBlFmsMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvaDhFNHVoWUpHc3pWNmtvV21ERE82c0dVV2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBBWYkAwQB
wwV8AwQCw958MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQAfqnib
ZqW55FgUeuaO5/+LepQ61MyKqqhitNUBdepKi1aRIO9MDwOpa/xZpGjxrGDYmN0I
PHtz0I8uPlHUvXLe0C556yeywNXkwEw+SJNbNH05uShz/Uxt9ye3R5mc3tK6usVV
F5w6ne3zX5TqKlUVvQI/EKSTkz60HviRs/9gFTNoKAYEYOh0dSZBXRZc3oh2SuOm
5ZQucshr8Hcy34KMz8M5jSh3Jd9BtbqRZtsEZ/M5YCfRTQ7aqFQpvYJ22lkQn2a+
hjUhhdyDO33ZISimhFGYGXzIERdr403SRn/hI/Y8iXZEToFCuMjzjxRncBpvigjE
uH3rDF5DG5cWr4Bt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org