Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_-4VIgGoA2mB79HMk2IW_jHNJY.roa
File: H_-4VIgGoA2mB79HMk2IW_jHNJY.roa (raw, json)
Hash identifier: 37QrIYwwfSKJyfsirmOCk+2GXgjqPno4U7mDVNN+HWQ=
Subject key identifier: 1F:FF:B8:54:88:06:A0:0D:A6:07:BF:47:32:4D:88:5B:F8:C7:34:96
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CF560D8BCD796A810E59468F4986E3BBD
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_-4VIgGoA2mB79HMk2IW_jHNJY.roa
Signing time: Wed 10 Jan 2024 21:56:53 +0000
ROA not before: Wed 10 Jan 2024 21:56:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 20:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:60:d8:bc:d7:96:a8:10:e5:94:68:f4:98:6e:3b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 10 21:56:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fffb8548806a00da607bf47324d885bf8c73496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1d:71:e0:c5:c0:aa:3c:7f:39:f2:62:49:f8:
ae:60:fb:b6:99:64:84:18:f3:13:c2:b3:24:29:ef:
4f:fd:f9:10:56:ee:e9:0b:38:1c:9f:b0:43:3a:e0:
e7:74:c6:17:89:51:87:92:fa:7a:5a:a6:2c:21:21:
d2:b8:ab:aa:e4:6b:13:00:e9:44:67:2b:bc:d8:d4:
07:a5:6a:21:31:1e:79:6e:91:7d:2a:51:67:ad:5f:
08:f1:48:25:f4:eb:6b:e5:d5:1c:ec:93:3f:c6:69:
39:63:8e:0c:bc:c4:1b:b3:c0:7d:d1:8a:8a:c1:51:
52:31:b6:55:54:08:28:f1:2f:2e:d1:3f:e7:cb:d9:
ae:1a:85:9e:8a:3f:ab:c8:61:af:5a:de:f6:10:1f:
d2:3d:79:4e:53:9c:d8:2e:57:31:ee:fb:78:15:28:
67:4c:a3:3b:4a:70:a0:eb:b3:de:a7:b1:d7:2b:86:
f0:bc:3b:ef:6b:23:f5:34:c5:b7:8b:c1:53:6d:7a:
68:02:b9:82:ed:72:6d:69:a4:c2:72:31:53:ce:c5:
4f:88:0b:dc:f1:85:cb:ee:b7:bf:83:7c:13:bd:03:
b8:33:c1:43:91:f0:9d:ee:d2:e6:ba:14:0c:d8:e2:
4d:9b:2a:53:a5:49:9b:c7:2a:24:09:10:98:5a:60:
27:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FF:B8:54:88:06:A0:0D:A6:07:BF:47:32:4D:88:5B:F8:C7:34:96
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_-4VIgGoA2mB79HMk2IW_jHNJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:f1:1e:6a:6e:02:1a:98:9b:18:88:89:e1:a7:68:01:22:ba:
98:8b:fb:e8:91:2d:9f:c9:3a:90:18:ef:6f:59:6f:9c:e0:8f:
3c:e6:20:25:94:35:d5:34:95:77:7e:e2:f0:34:e5:60:5c:c4:
57:58:17:0b:e7:38:a2:7e:04:ad:c5:80:2b:4d:cb:c7:99:71:
32:01:f3:76:f5:09:a2:d2:d0:6c:85:4c:9f:3b:48:e3:2b:d7:
2a:f3:2d:f8:cd:db:f6:59:23:6b:33:da:83:34:24:6c:69:94:
1d:20:da:8a:ee:b0:30:8e:9e:98:56:e9:0c:7f:0c:f9:6e:4b:
e7:e2:6d:eb:48:3a:9e:60:8d:c7:7b:22:42:8f:a9:b1:78:50:
bc:1a:11:7f:f6:cf:59:8b:e8:f8:4b:44:8e:e7:90:13:1d:c5:
61:6a:41:eb:e1:d5:52:0c:95:37:54:92:fa:cf:55:89:8d:70:
ba:8e:84:3b:d5:9e:26:ae:7d:85:56:4f:c4:85:20:f5:26:93:
f2:94:8e:7b:62:80:f4:20:aa:31:3a:2b:9d:bb:4d:a4:af:cf:
da:5e:40:df:76:d7:10:bc:57:55:63:08:e8:c5:32:ab:0a:29:
56:d2:4a:3c:ff:43:4d:37:8f:3c:38:d3:93:bf:4c:68:b3:8a:
3e:7a:45:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYz1YNi815aoEOWUaPSYbju9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTEwMjE1NjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZmYjg1NDg4MDZhMDBkYTYwN2JmNDczMjRkODg1YmY4YzczNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB1x4MXAqjx/OfJiSfiuYPu2mWSE
GPMTwrMkKe9P/fkQVu7pCzgcn7BDOuDndMYXiVGHkvp6WqYsISHSuKuq5GsTAOlE
Zyu82NQHpWohMR55bpF9KlFnrV8I8Ugl9Otr5dUc7JM/xmk5Y44MvMQbs8B90YqK
wVFSMbZVVAgo8S8u0T/ny9muGoWeij+ryGGvWt72EB/SPXlOU5zYLlcx7vt4FShn
TKM7SnCg67Pep7HXK4bwvDvvayP1NMW3i8FTbXpoArmC7XJtaaTCcjFTzsVPiAvc
8YXL7re/g3wTvQO4M8FDkfCd7tLmuhQM2OJNmypTpUmbxyokCRCYWmAnsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB//uFSIBqANpge/RzJNiFv4xzSWMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSF8tNFZJZ0dvQTJtQjc5SE1rMklXX2pITkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjimAwQA
uepKAwQAwh+MAwQAwjjhMA0GCSqGSIb3DQEBCwUAA4IBAQCr8R5qbgIamJsYiInh
p2gBIrqYi/vokS2fyTqQGO9vWW+c4I885iAllDXVNJV3fuLwNOVgXMRXWBcL5zii
fgStxYArTcvHmXEyAfN29Qmi0tBshUyfO0jjK9cq8y34zdv2WSNrM9qDNCRsaZQd
INqK7rAwjp6YVukMfwz5bkvn4m3rSDqeYI3HeyJCj6mxeFC8GhF/9s9Zi+j4S0SO
55ATHcVhakHr4dVSDJU3VJL6z1WJjXC6joQ71Z4mrn2FVk/EhSD1JpPylI57YoD0
IKoxOiudu02kr8/aXkDfdtcQvFdVYwjoxTKrCilW0ko8/0NNN488ONOTv0xos4o+
ekXA
-----END CERTIFICATE-----
Generated at Tue Jan 16 01:36:23 2024 by rpki-client on console-ams.rpki-client.org