Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/E0OIsE4aPkMPpNVh_GvYrbPkwr4.roa
File: E0OIsE4aPkMPpNVh_GvYrbPkwr4.roa (raw, json)
Hash identifier: akr2pzxbrIpMOP3HuJhRo6QI6zNYKH1h2Fr8kPefUmA=
Subject key identifier: 13:43:88:B0:4E:1A:3E:43:0F:A4:D5:61:FC:6B:D8:AD:B3:E4:C2:BE
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 018BF62D3C52C2E5CE4B9F7674CD44A7E6A8
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/E0OIsE4aPkMPpNVh_GvYrbPkwr4.roa
Signing time: Wed 22 Nov 2023 08:37:21 +0000
ROA not before: Wed 22 Nov 2023 08:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.12.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Dec 2023 08:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:2d:3c:52:c2:e5:ce:4b:9f:76:74:cd:44:a7:e6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Nov 22 08:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=134388b04e1a3e430fa4d561fc6bd8adb3e4c2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ff:31:fa:51:c2:99:01:17:93:50:85:d9:63:
06:ad:9b:33:cb:34:b1:9c:8b:e0:7e:63:e3:58:a7:
23:90:9f:e9:63:7e:89:70:9c:f5:f6:ae:21:4c:91:
67:e3:05:a5:0b:0a:57:d4:87:27:69:84:8f:05:cd:
7e:55:36:ab:6c:94:ba:b5:33:4d:68:34:d7:a1:56:
cf:2f:a7:94:02:86:8f:49:f1:e2:6d:57:e3:3c:5c:
a6:76:01:1b:e9:c9:27:c1:ed:42:9b:d0:6c:9d:23:
16:ca:f4:1b:a6:bf:0f:fe:c3:57:37:8a:0f:c5:ef:
04:6c:f9:38:cd:d7:26:3c:0e:f3:4d:fa:e2:ac:e0:
bd:c9:e9:37:81:33:c6:c8:c1:52:c3:b3:40:ae:c0:
16:29:d8:b5:11:5a:cd:12:02:a9:5e:15:d4:9e:3a:
98:23:ea:2f:f7:74:b1:dd:7f:d8:84:fe:79:2d:33:
34:01:45:42:b7:19:79:41:82:98:e9:38:fc:cb:27:
f9:02:cf:91:33:64:85:f5:8d:08:db:46:38:03:3c:
5b:5a:1d:5a:1f:6d:70:8d:a8:d0:9a:16:21:29:3f:
d3:01:35:99:e7:bf:74:1d:6b:02:76:5e:d5:76:de:
ff:4f:df:69:d8:ed:b9:2a:e9:11:c1:99:51:50:8a:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:43:88:B0:4E:1A:3E:43:0F:A4:D5:61:FC:6B:D8:AD:B3:E4:C2:BE
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/E0OIsE4aPkMPpNVh_GvYrbPkwr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.12.0/22
5.83.120.0/22
185.29.248.0/22
Signature Algorithm: sha256WithRSAEncryption
39:c5:b2:c5:ed:c1:fd:60:59:0a:9c:54:68:23:79:d7:0d:e5:
bd:40:eb:ce:0d:31:8a:5c:00:e7:01:2f:b2:a2:62:31:83:bb:
3f:86:66:a5:f1:50:ac:02:cc:77:85:68:62:10:fb:d9:97:01:
f6:59:48:a0:9e:f0:a5:d6:fd:af:8b:2d:eb:c4:29:e1:ea:a9:
85:a7:19:69:cd:66:27:aa:6b:38:b4:cc:ce:4e:fb:1b:3e:95:
3f:5d:fc:5e:78:a6:31:91:4e:ab:15:db:67:b2:33:29:72:0a:
a0:c2:63:f0:7e:b3:0a:77:9b:8d:09:a5:7d:d3:40:ad:4a:b0:
e3:3f:45:9c:b1:d0:a5:43:87:82:de:83:cb:5e:7b:04:91:d2:
10:8a:25:37:8a:bd:92:14:ce:77:61:e6:83:0e:18:4c:a1:7d:
df:ec:f5:b6:53:1d:20:2a:f2:9e:12:10:ac:c6:8b:98:64:2b:
a9:4c:38:0e:f1:a2:02:4b:1d:57:d9:72:9e:19:a2:0e:06:0a:
90:0a:31:9c:9e:51:3e:7f:f3:e9:2c:8f:a0:c5:30:50:2d:61:
22:de:cf:b0:66:d1:8e:5e:b7:91:a2:f8:55:90:ed:14:5a:4f:
3c:e9:c9:8c:dc:bd:6d:bc:b9:37:26:15:5c:e7:c9:81:31:35:
f0:ad:54:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv2LTxSwuXOS592dM1Ep+aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjMxMTIyMDgzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQzODhiMDRlMWEzZTQzMGZhNGQ1NjFmYzZiZDhhZGIzZTRjMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/8x+lHCmQEXk1CF2WMGrZszyzSx
nIvgfmPjWKcjkJ/pY36JcJz19q4hTJFn4wWlCwpX1IcnaYSPBc1+VTarbJS6tTNN
aDTXoVbPL6eUAoaPSfHibVfjPFymdgEb6cknwe1Cm9BsnSMWyvQbpr8P/sNXN4oP
xe8EbPk4zdcmPA7zTfrirOC9yek3gTPGyMFSw7NArsAWKdi1EVrNEgKpXhXUnjqY
I+ov93Sx3X/YhP55LTM0AUVCtxl5QYKY6Tj8yyf5As+RM2SF9Y0I20Y4AzxbWh1a
H21wjajQmhYhKT/TATWZ5790HWsCdl7Vdt7/T99p2O25KukRwZlRUIq9dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBNDiLBOGj5DD6TVYfxr2K2z5MK+MB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvRTBPSXNFNGFQa01QcE5WaF9HdllyYlBrd3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBTgMAwQC
BVN4AwQCuR34MA0GCSqGSIb3DQEBCwUAA4IBAQA5xbLF7cH9YFkKnFRoI3nXDeW9
QOvODTGKXADnAS+yomIxg7s/hmal8VCsAsx3hWhiEPvZlwH2WUignvCl1v2viy3r
xCnh6qmFpxlpzWYnqms4tMzOTvsbPpU/XfxeeKYxkU6rFdtnsjMpcgqgwmPwfrMK
d5uNCaV900CtSrDjP0WcsdClQ4eC3oPLXnsEkdIQiiU3ir2SFM53YeaDDhhMoX3f
7PW2Ux0gKvKeEhCsxouYZCupTDgO8aICSx1X2XKeGaIOBgqQCjGcnlE+f/PpLI+g
xTBQLWEi3s+wZtGOXreRovhVkO0UWk886cmM3L1tvLk3JhVc58mBMTXwrVTS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:20 2024 by rpki-client on console-fra.rpki-client.org