Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_5Exwp3wbGN-duI8ggPlr761d0.roa
File: H_5Exwp3wbGN-duI8ggPlr761d0.roa (raw, json)
Hash identifier: 8SDomWZtNzD5RvQxMC+TLdD+/EquBsjyO5DHJkwyEOA=
Subject key identifier: 1F:FE:44:C7:0A:77:C1:B1:8D:F9:DB:88:F2:08:0F:96:BE:FA:D5:DD
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01865503B9FF5E20BBFA12B3D548A5EB0AD0
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_5Exwp3wbGN-duI8ggPlr761d0.roa
Signing time: Wed 15 Feb 2023 12:19:12 +0000
ROA not before: Wed 15 Feb 2023 12:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Mar 2023 19:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:03:b9:ff:5e:20:bb:fa:12:b3:d5:48:a5:eb:0a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 15 12:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ffe44c70a77c1b18df9db88f2080f96befad5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:2c:9b:6b:b5:ee:e6:4f:59:26:0c:1b:e8:
ec:07:89:b0:a3:6e:5f:df:ba:08:c2:36:09:9f:04:
7e:f5:d7:cc:93:4d:03:89:27:e7:a7:3f:85:0b:4e:
8b:84:17:5b:17:eb:ba:5c:74:a9:15:02:07:14:8d:
b9:34:db:e7:8e:db:b3:98:56:c1:82:99:c5:38:ea:
a5:70:98:2c:b3:32:32:b3:e5:33:fe:de:ed:eb:62:
72:57:a0:e4:41:d1:06:80:5e:1a:14:c8:28:d4:f2:
be:82:ff:1f:63:38:7b:a8:1a:6e:b8:00:33:df:fe:
5e:0d:1c:d0:9c:b3:ce:db:63:d9:86:55:8d:97:7b:
f8:c0:c8:a4:8f:45:d2:29:f9:d3:2f:d3:01:25:c1:
33:fc:f7:bf:f6:30:77:cc:d4:a1:b2:aa:b8:15:66:
df:c9:41:54:6a:47:3b:d4:1c:31:81:9b:ea:c9:a6:
8f:1f:e7:49:11:96:51:27:6c:a4:3c:0b:d6:f5:16:
ed:58:18:54:6c:7c:37:49:c1:b1:15:32:c3:b0:38:
ce:e0:7e:17:f0:31:43:e3:44:49:01:7b:12:1c:44:
cf:27:96:3b:c5:ce:c2:19:e2:ba:a6:da:c3:1f:b9:
9c:ab:7c:e8:e3:d9:5e:5e:49:58:c8:c5:8a:98:ba:
f1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FE:44:C7:0A:77:C1:B1:8D:F9:DB:88:F2:08:0F:96:BE:FA:D5:DD
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H_5Exwp3wbGN-duI8ggPlr761d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
194.31.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:79:48:77:d5:d1:1b:43:fa:f1:25:bb:a6:b7:3e:8b:99:31:
2d:c5:1e:24:d1:73:fc:63:40:ee:e4:86:1c:b6:2d:2b:39:cd:
77:46:12:b8:be:99:78:09:62:9c:fa:42:13:35:52:d6:89:e3:
b7:c8:dd:db:34:51:30:f4:98:a7:57:3a:47:35:21:71:a4:03:
35:d3:5f:bb:dc:14:1e:15:b0:56:46:72:69:92:ad:93:cc:5f:
b7:af:03:aa:27:4d:1b:bd:e5:b3:96:e1:d0:11:54:f2:0f:99:
be:eb:57:6b:08:41:c5:3e:b5:32:44:0f:65:15:57:2d:79:05:
eb:8b:b0:68:a7:1c:32:2e:48:6a:ad:24:be:ff:88:b7:00:27:
5f:a4:0d:8b:44:06:3c:c4:1c:a0:29:87:e8:25:df:ed:30:f9:
a6:99:8c:48:bd:02:6c:aa:c1:da:14:4b:f5:cc:fc:4c:cb:58:
70:7c:7e:19:77:33:fd:e1:83:a7:27:b8:4e:64:fa:65:05:b9:
dc:92:68:61:a3:4b:6e:a8:3a:ea:1d:c8:24:70:8b:2d:f0:6f:
dc:f0:ba:7c:24:bc:07:6e:f6:b4:6c:c4:1d:6f:fb:0f:70:24:
0c:36:3e:94:76:31:5f:98:33:70:d4:3f:d8:72:08:a3:17:6c:
81:1e:ff:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZVA7n/XiC7+hKz1Uil6wrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMjE1MTIxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZlNDRjNzBhNzdjMWIxOGRmOWRiODhmMjA4MGY5NmJlZmFkNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTosm2u17uZPWSYMG+jsB4mwo25f
37oIwjYJnwR+9dfMk00DiSfnpz+FC06LhBdbF+u6XHSpFQIHFI25NNvnjtuzmFbB
gpnFOOqlcJgsszIys+Uz/t7t62JyV6DkQdEGgF4aFMgo1PK+gv8fYzh7qBpuuAAz
3/5eDRzQnLPO22PZhlWNl3v4wMikj0XSKfnTL9MBJcEz/Pe/9jB3zNShsqq4FWbf
yUFUakc71BwxgZvqyaaPH+dJEZZRJ2ykPAvW9RbtWBhUbHw3ScGxFTLDsDjO4H4X
8DFD40RJAXsSHETPJ5Y7xc7CGeK6ptrDH7mcq3zo49leXklYyMWKmLrxJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB/+RMcKd8GxjfnbiPIID5a++tXdMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSF81RXh3cDN3YkdOLWR1SThnZ1Bscjc2MWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjilAwQA
TVPyAwQAwh+MMA0GCSqGSIb3DQEBCwUAA4IBAQA7eUh31dEbQ/rxJbumtz6LmTEt
xR4k0XP8Y0Du5IYcti0rOc13RhK4vpl4CWKc+kITNVLWieO3yN3bNFEw9JinVzpH
NSFxpAM101+73BQeFbBWRnJpkq2TzF+3rwOqJ00bveWzluHQEVTyD5m+61drCEHF
PrUyRA9lFVcteQXri7BopxwyLkhqrSS+/4i3ACdfpA2LRAY8xBygKYfoJd/tMPmm
mYxIvQJsqsHaFEv1zPxMy1hwfH4ZdzP94YOnJ7hOZPplBbnckmhho0tuqDrqHcgk
cIst8G/c8Lp8JLwHbva0bMQdb/sPcCQMNj6UdjFfmDNw1D/YcgijF2yBHv9z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org