Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/hj5epFTIu-z15iFi6Qeagoi1lq0.roa
File: hj5epFTIu-z15iFi6Qeagoi1lq0.roa (raw, json)
Hash identifier: GuowRR16qSouhOPXO88navPlttlboPNyluH/fA34Zjs=
Subject key identifier: 86:3E:5E:A4:54:C8:BB:EC:F5:E6:21:62:E9:07:9A:82:88:B5:96:AD
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 01856F0B5B8BCDC3515AD02B6466ADD0EA1C
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/hj5epFTIu-z15iFi6Qeagoi1lq0.roa
Signing time: Sun 01 Jan 2023 20:34:53 +0000
ROA not before: Sun 01 Jan 2023 20:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 378
IP address blocks: 132.70.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Wed 05 Apr 2023 13:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:5b:8b:cd:c3:51:5a:d0:2b:64:66:ad:d0:ea:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Jan 1 20:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=863e5ea454c8bbecf5e62162e9079a8288b596ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:79:82:88:38:00:06:05:ca:e0:1f:72:63:88:
fb:81:53:f5:4a:2d:72:bf:77:e5:29:9e:13:e1:d2:
08:85:e3:94:34:94:3c:64:f1:28:23:20:2d:ee:38:
09:b8:56:08:8b:4a:93:0b:54:63:0d:4d:21:d3:66:
98:51:1e:81:9d:c3:85:da:77:c7:75:d3:49:99:42:
d9:a5:5f:e0:57:a8:46:1f:29:fe:31:27:0a:c8:4b:
6c:2b:03:d6:0d:ff:e4:0d:77:b3:cf:b8:23:1d:4a:
b8:3a:42:b9:d5:56:7f:46:20:c9:0a:14:bb:21:b5:
ff:e1:1e:87:e4:dc:6e:24:b1:42:ce:f3:81:b0:18:
ef:a0:35:9d:c9:28:9d:aa:38:c7:25:c5:45:9b:77:
27:b8:93:78:a2:1c:5d:e8:f7:da:31:ee:fc:df:23:
aa:95:37:7a:67:40:19:47:bc:f7:b3:d9:e7:fd:fe:
36:fe:99:04:8b:cb:b4:59:f6:68:23:cf:63:36:34:
71:35:e7:3a:af:6e:9a:16:12:c3:a8:5a:73:a2:32:
e1:e0:c3:97:04:4b:3c:09:c9:e0:c7:57:3a:dc:fb:
e4:4c:aa:f1:b3:96:b2:da:a5:cb:08:e8:10:3a:69:
e4:65:4b:2c:e6:cf:1c:9a:b3:3a:d6:9e:0a:2c:1c:
1e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3E:5E:A4:54:C8:BB:EC:F5:E6:21:62:E9:07:9A:82:88:B5:96:AD
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/hj5epFTIu-z15iFi6Qeagoi1lq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c5:58:99:00:9c:97:10:d0:e9:2d:4f:0d:36:03:e9:fe:4d:4f:
02:0c:53:2a:9f:9e:8e:64:e2:8c:7d:9f:f5:e3:9e:85:5b:97:
81:94:fc:3c:48:06:29:80:af:fc:66:50:0e:75:ea:bf:a5:81:
61:d7:aa:5f:9b:00:75:c9:09:bf:b1:8b:bc:cf:6a:8f:1c:55:
12:fe:a8:65:25:1b:5c:4f:af:32:d7:4a:e3:a4:64:36:5c:55:
62:d0:e2:68:2e:bd:27:a9:77:a8:48:2a:59:5b:ad:57:a7:25:
ac:8b:b0:13:21:57:b1:71:7e:b9:38:69:41:73:aa:eb:fb:a8:
73:d0:55:ce:33:82:d1:a3:74:7c:4e:7e:22:07:fd:c9:ae:a5:
b3:63:66:55:d0:55:76:36:c9:98:8a:24:11:72:0c:5f:21:85:
25:f2:92:dc:ef:b8:c8:e8:65:fd:06:b2:55:f5:c2:fb:b6:00:
21:fc:0e:63:f7:0a:65:4c:18:98:75:8e:a7:fa:f2:77:d2:fe:
06:3a:07:e1:a9:fa:2e:04:dd:b0:b7:a4:21:c2:8a:9e:7b:0d:
44:0f:66:c6:8c:22:cc:c0:d5:73:7a:9f:20:fb:b6:f7:b5:d0:
b8:f3:28:7d:95:40:11:3e:ae:66:25:6d:2e:ae:7e:36:0e:f7:
0b:4c:07:38
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvC1uLzcNRWtArZGat0OocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNlNWVhNDU0YzhiYmVjZjVlNjIxNjJlOTA3OWE4Mjg4YjU5NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HmCiDgABgXK4B9yY4j7gVP1Si1y
v3flKZ4T4dIIheOUNJQ8ZPEoIyAt7jgJuFYIi0qTC1RjDU0h02aYUR6BncOF2nfH
ddNJmULZpV/gV6hGHyn+MScKyEtsKwPWDf/kDXezz7gjHUq4OkK51VZ/RiDJChS7
IbX/4R6H5NxuJLFCzvOBsBjvoDWdySidqjjHJcVFm3cnuJN4ohxd6PfaMe783yOq
lTd6Z0AZR7z3s9nn/f42/pkEi8u0WfZoI89jNjRxNec6r26aFhLDqFpzojLh4MOX
BEs8Ccngx1c63PvkTKrxs5ay2qXLCOgQOmnkZUss5s8cmrM61p4KLBweXQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIY+XqRUyLvs9eYhYukHmoKItZatMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvaGo1ZXBGVEl1LXoxNWlGaTZRZWFnb2kxbHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAMVYmQCclxDQ6S1PDTYD6f5NTwIMUyqfno5k4ox9n/Xj
noVbl4GU/DxIBimAr/xmUA516r+lgWHXql+bAHXJCb+xi7zPao8cVRL+qGUlG1xP
rzLXSuOkZDZcVWLQ4mguvSepd6hIKllbrVenJayLsBMhV7Fxfrk4aUFzquv7qHPQ
Vc4zgtGjdHxOfiIH/cmupbNjZlXQVXY2yZiKJBFyDF8hhSXyktzvuMjoZf0GslX1
wvu2ACH8DmP3CmVMGJh1jqf68nfS/gY6B+Gp+i4E3bC3pCHCip57DUQPZsaMIszA
1XN6nyD7tve10LjzKH2VQBE+rmYlbS6ufjYO9wtMBzg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:34 2024 by rpki-client on console-fra.rpki-client.org