Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/QHxAQ7aLzBCeTNpoj6-ZeWEPb2A.roa
File: QHxAQ7aLzBCeTNpoj6-ZeWEPb2A.roa (raw, json)
Hash identifier: xiH0NYV5fvvdz5zx4nPeAo47qIyLklhsn0uRR2PYBi4=
Subject key identifier: 40:7C:40:43:B6:8B:CC:10:9E:4C:DA:68:8F:AF:99:79:61:0F:6F:60
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018F54440BC2462D5F5BBBC90A296C86A591
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/QHxAQ7aLzBCeTNpoj6-ZeWEPb2A.roa
Signing time: Tue 07 May 2024 18:14:56 +0000
ROA not before: Tue 07 May 2024 18:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
79.135.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 28 May 2024 16:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:44:0b:c2:46:2d:5f:5b:bb:c9:0a:29:6c:86:a5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: May 7 18:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=407c4043b68bcc109e4cda688faf9979610f6f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:e7:19:b8:00:41:0f:ea:23:b4:14:ba:21:
4e:21:49:69:79:95:a9:9b:0a:26:1c:c7:71:6c:3c:
bd:d6:fb:5b:24:ce:0e:ac:50:af:e9:aa:c5:30:e8:
7a:aa:72:6d:82:df:43:89:58:d7:fb:ea:76:b7:c9:
57:1f:31:06:63:ca:e2:4a:f4:41:3f:b9:ea:e5:bc:
c8:73:be:81:0c:4a:58:32:e6:82:2f:6b:07:03:87:
d0:dc:98:a1:86:c9:08:a3:a6:f9:9a:46:09:48:36:
f9:cc:80:61:68:d5:c4:38:6b:1e:be:cb:77:29:9a:
e5:76:16:6a:a9:e4:eb:eb:ad:af:d8:c6:09:49:d9:
4f:0f:b1:d3:6e:85:7a:59:e0:6d:11:db:bb:eb:40:
e5:57:92:3f:b9:91:52:74:c7:bd:0c:ad:e6:f1:a5:
3c:8a:22:d6:e6:2e:da:e3:a4:10:72:0c:fd:5d:7d:
41:b7:ac:96:15:5f:6b:80:fb:62:47:00:6b:34:e0:
2c:87:5c:bd:3f:4c:9b:c1:b4:36:15:98:12:71:12:
26:2f:de:8e:7b:ea:48:33:82:0b:82:57:ae:39:06:
04:22:8d:ad:b1:c2:bb:d3:60:df:0a:47:4c:8f:06:
2d:25:76:e0:fc:76:5e:b8:01:87:15:f8:b5:f3:69:
94:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7C:40:43:B6:8B:CC:10:9E:4C:DA:68:8F:AF:99:79:61:0F:6F:60
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/QHxAQ7aLzBCeTNpoj6-ZeWEPb2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/24
79.135.102.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:43:54:d1:e5:94:d6:e2:86:d5:56:92:ef:c0:cc:88:ec:5a:
64:81:f3:e0:87:bf:f0:ed:92:9d:78:d0:8b:fa:51:e9:6c:79:
2b:4e:df:ca:a0:a9:01:c9:30:51:70:ef:2a:00:d4:08:33:d3:
d9:2c:fc:46:b8:2f:da:19:5b:bf:ff:c9:99:6c:67:4b:4b:31:
81:a1:be:b7:fb:c3:92:34:d5:11:50:10:0a:35:d2:31:42:bd:
ce:a3:59:82:e8:41:f5:6a:0b:fb:b9:15:b1:0b:7e:54:33:15:
0a:55:10:a2:2e:71:ed:50:cb:03:35:41:64:3f:c8:f1:37:fa:
0c:c4:0f:61:d3:4e:0d:4b:86:c1:91:7b:2b:d1:2b:d7:8d:86:
97:75:b8:c6:e9:f4:20:70:4f:33:6e:fb:14:12:3b:b5:73:1d:
7e:2a:0e:f6:af:13:93:3d:8a:10:b3:0a:18:96:e5:5d:d7:70:
a7:ed:30:63:24:32:e8:67:62:7e:ea:e7:45:f7:71:3d:b1:3a:
91:19:ea:e4:2c:bf:63:7a:7a:62:da:9e:48:eb:2a:22:1b:fc:
e5:72:cb:11:e4:f0:c4:f4:a3:19:20:5a:e9:99:73:1f:54:e2:
89:2b:7d:60:ae:0a:3e:3c:1e:1f:50:1d:44:a9:05:56:06:bc:
c3:3d:5d:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9URAvCRi1fW7vJCilshqWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwNTA3MTgxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdjNDA0M2I2OGJjYzEwOWU0Y2RhNjg4ZmFmOTk3OTYxMGY2ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd7nGbgAQQ/qI7QUuiFOIUlpeZWp
mwomHMdxbDy91vtbJM4OrFCv6arFMOh6qnJtgt9DiVjX++p2t8lXHzEGY8riSvRB
P7nq5bzIc76BDEpYMuaCL2sHA4fQ3JihhskIo6b5mkYJSDb5zIBhaNXEOGsevst3
KZrldhZqqeTr662v2MYJSdlPD7HTboV6WeBtEdu760DlV5I/uZFSdMe9DK3m8aU8
iiLW5i7a46QQcgz9XX1Bt6yWFV9rgPtiRwBrNOAsh1y9P0ybwbQ2FZgScRImL96O
e+pIM4ILgleuOQYEIo2tscK702DfCkdMjwYtJXbg/HZeuAGHFfi182mUPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEB8QEO2i8wQnkzaaI+vmXlhD29gMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvUUh4QVE3YUx6QkNlVE5wb2o2LVplV0VQYjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZCaAwQB
T4dmMA0GCSqGSIb3DQEBCwUAA4IBAQAcQ1TR5ZTW4obVVpLvwMyI7FpkgfPgh7/w
7ZKdeNCL+lHpbHkrTt/KoKkByTBRcO8qANQIM9PZLPxGuC/aGVu//8mZbGdLSzGB
ob63+8OSNNURUBAKNdIxQr3Oo1mC6EH1agv7uRWxC35UMxUKVRCiLnHtUMsDNUFk
P8jxN/oMxA9h004NS4bBkXsr0SvXjYaXdbjG6fQgcE8zbvsUEju1cx1+Kg72rxOT
PYoQswoYluVd13Cn7TBjJDLoZ2J+6udF93E9sTqRGerkLL9jenpi2p5I6yoiG/zl
cssR5PDE9KMZIFrpmXMfVOKJK31grgo+PB4fUB1EqQVWBrzDPV3f
-----END CERTIFICATE-----
Generated at Tue May 28 19:13:11 2024 by rpki-client on console-fra.rpki-client.org