Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/hqQoXcxGkpy4QLMQ8r7mfEaEJsY.roa
File: hqQoXcxGkpy4QLMQ8r7mfEaEJsY.roa (raw, json)
Hash identifier: odPbFp3796WBz1JcBs5jv6W4y4dCqKrapNbBvSGc80o=
Subject key identifier: 86:A4:28:5D:CC:46:92:9C:B8:40:B3:10:F2:BE:E6:7C:46:84:26:C6
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019038B4DAB7E46EA24D21C172F060E60047
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/hqQoXcxGkpy4QLMQ8r7mfEaEJsY.roa
Signing time: Fri 21 Jun 2024 02:51:34 +0000
ROA not before: Fri 21 Jun 2024 02:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 10:08:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:38:b4:da:b7:e4:6e:a2:4d:21:c1:72:f0:60:e6:00:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jun 21 02:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a4285dcc46929cb840b310f2bee67c468426c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:a0:d7:75:f2:24:0e:59:b3:c3:bd:14:93:
db:3c:60:fa:82:7b:29:54:4a:6f:97:b2:ac:d1:53:
6f:03:1e:f2:af:56:33:af:4c:0c:05:43:47:10:c5:
5f:cf:95:60:6c:15:0f:a2:0e:ac:4f:a4:b1:b1:5b:
53:5d:4b:41:e1:17:bc:4c:80:0f:6e:89:09:62:21:
71:05:56:01:84:cc:66:89:d6:42:e2:4f:35:5f:5f:
12:9f:77:76:e1:aa:91:8b:43:4d:26:c7:8f:06:68:
1b:1d:1c:e0:ba:33:00:25:9d:9b:0f:a5:97:89:61:
52:5f:98:d9:ef:85:a4:5d:14:2c:a1:8c:ff:48:ee:
7c:b7:2c:b6:86:ea:9e:5a:ea:df:ba:ee:25:18:ba:
90:9f:2c:75:f1:43:10:ca:da:c5:43:d5:87:8c:7f:
32:a4:0d:f6:16:3f:15:86:ff:cf:98:07:85:31:02:
b3:94:76:95:39:f6:e9:7f:1b:be:15:cc:04:fd:40:
2b:8a:00:13:87:fc:35:4c:21:62:ab:5e:d1:5f:af:
35:e0:b4:a0:38:62:f7:99:a5:63:4b:7f:7c:e5:2f:
e0:04:7b:7c:dc:7e:aa:f6:99:e7:1a:b2:25:e9:cf:
84:22:76:70:06:9b:45:97:82:2a:eb:1a:1a:31:06:
20:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A4:28:5D:CC:46:92:9C:B8:40:B3:10:F2:BE:E6:7C:46:84:26:C6
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/hqQoXcxGkpy4QLMQ8r7mfEaEJsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
78.143.252.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
00:05:b0:df:6f:03:4d:31:9e:13:15:88:c7:db:27:78:4b:bf:
da:d8:84:94:04:2a:6f:e8:4e:d0:ed:b5:00:bf:84:1d:42:e9:
e7:56:33:e6:7e:f2:da:0a:2f:39:55:be:d4:b8:ce:b4:7a:e6:
ec:5c:bd:9c:8a:99:78:9b:e8:e0:9e:2b:ce:03:d5:96:db:5c:
cb:48:ac:23:9c:d7:e5:1b:be:7d:79:8a:25:96:84:f3:4d:ba:
d5:41:aa:fc:c1:77:11:b7:82:8a:47:57:70:fc:cd:f8:db:e6:
44:23:a3:63:9e:ff:e4:8a:6c:b9:05:1d:71:30:f8:0b:18:c0:
14:b7:78:d0:08:0b:55:ad:5f:af:f8:b8:f1:f8:0e:c2:b1:bf:
a4:f1:8d:76:f8:e2:bd:06:a1:1d:50:33:11:78:92:d6:69:bf:
a1:10:9c:4c:cc:e4:2f:f6:17:22:ec:c5:c7:d4:ad:0c:00:db:
a2:c8:43:13:08:4d:4c:b7:5a:71:0e:d5:3d:25:67:f7:51:72:
0b:bf:f3:b2:f8:77:a3:b9:36:bf:34:d7:d4:97:f6:2b:80:4b:
09:c0:4f:ee:1b:d1:63:6b:91:6b:04:62:e9:90:40:93:8b:3e:
fa:f8:dd:74:d5:a5:dc:a6:31:56:c8:4b:95:ed:2a:aa:97:ef:
f0:16:fc:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA4tNq35G6iTSHBcvBg5gBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwNjIxMDI1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE0Mjg1ZGNjNDY5MjljYjg0MGIzMTBmMmJlZTY3YzQ2ODQyNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri+g13XyJA5Zs8O9FJPbPGD6gnsp
VEpvl7Ks0VNvAx7yr1Yzr0wMBUNHEMVfz5VgbBUPog6sT6SxsVtTXUtB4Re8TIAP
bokJYiFxBVYBhMxmidZC4k81X18Sn3d24aqRi0NNJsePBmgbHRzgujMAJZ2bD6WX
iWFSX5jZ74WkXRQsoYz/SO58tyy2huqeWurfuu4lGLqQnyx18UMQytrFQ9WHjH8y
pA32Fj8Vhv/PmAeFMQKzlHaVOfbpfxu+FcwE/UArigATh/w1TCFiq17RX6814LSg
OGL3maVjS3985S/gBHt83H6q9pnnGrIl6c+EInZwBptFl4Iq6xoaMQYgYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIakKF3MRpKcuECzEPK+5nxGhCbGMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvaHFRb1hjeEdrcHk0UUxNUThyN21mRWFFSnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBZCaAwQB
To/8AwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQAABbDfbwNNMZ4TFYjH2yd4S7/a
2ISUBCpv6E7Q7bUAv4QdQunnVjPmfvLaCi85Vb7UuM60eubsXL2cipl4m+jgnivO
A9WW21zLSKwjnNflG759eYolloTzTbrVQar8wXcRt4KKR1dw/M342+ZEI6Njnv/k
imy5BR1xMPgLGMAUt3jQCAtVrV+v+Ljx+A7Csb+k8Y12+OK9BqEdUDMReJLWab+h
EJxMzOQv9hci7MXH1K0MANuiyEMTCE1Mt1pxDtU9JWf3UXILv/Oy+HejuTa/NNfU
l/YrgEsJwE/uG9Fja5FrBGLpkECTiz76+N101aXcpjFWyEuV7Sqql+/wFvwn
-----END CERTIFICATE-----
Generated at Sun Jul 21 12:56:37 2024 by rpki-client on console-fra.rpki-client.org