Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cHjv56Wr7MbUqmox1jU45YQve2U.roa
File: cHjv56Wr7MbUqmox1jU45YQve2U.roa (raw, json)
Hash identifier: 2MN/TD9rkCcjSFthWuhHcpVhC3t9yhRINatYzwnUcLg=
Subject key identifier: 70:78:EF:E7:A5:AB:EC:C6:D4:AA:6A:31:D6:35:38:E5:84:2F:7B:65
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01927AB06023A007E1B7413D369639C1A261
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cHjv56Wr7MbUqmox1jU45YQve2U.roa
Signing time: Fri 11 Oct 2024 08:27:12 +0000
ROA not before: Fri 11 Oct 2024 08:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 13:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:b0:60:23:a0:07:e1:b7:41:3d:36:96:39:c1:a2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 11 08:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7078efe7a5abecc6d4aa6a31d63538e5842f7b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:74:3a:d8:d8:95:6f:9f:36:a5:ff:68:46:
af:1f:d1:1f:0c:21:50:1a:6e:4a:5c:86:d5:93:64:
cf:04:74:85:2b:a2:97:f1:08:98:f4:2b:9e:e6:2b:
e1:c8:13:51:45:e9:10:d3:1b:74:1f:b9:2b:a5:7f:
de:55:9b:e5:4e:0b:c7:d4:ff:46:f4:34:42:4e:66:
55:14:b1:4c:59:81:8a:2c:a1:22:d9:fb:cf:a1:64:
1c:43:e6:fd:41:b7:e2:6c:61:00:fb:dd:01:ea:0b:
5a:e6:b6:c5:39:ea:65:0a:f4:2e:81:dd:43:e1:97:
9b:59:2c:0f:ad:7f:17:87:12:2c:57:c9:61:40:db:
1d:08:b6:b0:27:4a:5d:80:b9:a8:21:af:c2:7b:ce:
f9:2e:cf:5f:be:04:35:f9:55:65:b1:3f:aa:a7:d2:
ff:4d:3c:14:15:ab:f3:c4:21:69:1d:f0:e9:26:3c:
d6:40:8d:07:03:74:89:43:c0:bf:3b:fe:ad:30:60:
e0:97:c8:b8:4b:e4:26:b0:c4:61:4b:d9:79:3e:1d:
b1:13:5f:fd:15:71:8f:46:0c:d5:e8:9a:45:f3:5e:
c3:4d:3e:e7:f7:44:54:ee:16:fe:84:39:7a:f4:dc:
7d:e0:e1:d9:01:74:3e:9f:b4:76:81:a2:b5:04:b0:
9f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:78:EF:E7:A5:AB:EC:C6:D4:AA:6A:31:D6:35:38:E5:84:2F:7B:65
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cHjv56Wr7MbUqmox1jU45YQve2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.188.51.0/24
5.188.200.0/24
5.188.203.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
73:19:da:3e:45:17:b0:d6:4d:27:a3:27:20:ca:53:5f:69:08:
88:ad:cd:e3:0a:c0:a1:a8:77:8f:99:cf:8d:66:31:6b:85:90:
fa:6f:91:c9:c8:d8:5a:7f:be:c7:9f:61:44:63:3e:19:32:f4:
2b:96:d4:e7:82:d1:42:2a:06:1c:3b:b3:c3:af:ca:88:96:a0:
59:c0:33:ff:f5:e2:8a:92:72:93:95:fa:31:c0:93:a4:bc:6c:
00:4a:a5:8c:71:1f:f8:e3:00:62:4f:82:d8:7e:dc:16:7c:ae:
de:21:d3:5e:d8:d6:ba:89:86:9a:8f:8b:cd:68:a2:de:6b:ab:
00:48:11:84:71:a9:11:4a:16:66:2e:39:98:ce:e8:c0:84:dd:
6b:3d:d2:1e:d9:b6:d3:9f:16:a2:5a:1c:ca:93:2e:9b:0e:4d:
e3:d7:d9:3c:6f:54:cd:a1:e9:9b:68:b9:63:fd:45:4b:68:0b:
96:cc:ac:53:4b:fb:b4:04:40:e4:ee:92:58:27:23:58:4a:57:
09:96:2e:7b:0a:37:18:c6:9a:f2:67:ea:54:48:15:77:a8:6c:
93:a7:0c:99:f0:e7:d7:2b:f6:31:9b:09:ad:6c:df:8d:25:50:
3f:d3:e0:95:ca:3d:2d:11:39:e8:96:1a:15:c5:a3:15:76:41:
3d:46:a6:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJ6sGAjoAfht0E9NpY5waJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMDExMDgyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc4ZWZlN2E1YWJlY2M2ZDRhYTZhMzFkNjM1MzhlNTg0MmY3YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLt0OtjYlW+fNqX/aEavH9EfDCFQ
Gm5KXIbVk2TPBHSFK6KX8QiY9Cue5ivhyBNRRekQ0xt0H7krpX/eVZvlTgvH1P9G
9DRCTmZVFLFMWYGKLKEi2fvPoWQcQ+b9QbfibGEA+90B6gta5rbFOeplCvQugd1D
4ZebWSwPrX8XhxIsV8lhQNsdCLawJ0pdgLmoIa/Ce875Ls9fvgQ1+VVlsT+qp9L/
TTwUFavzxCFpHfDpJjzWQI0HA3SJQ8C/O/6tMGDgl8i4S+QmsMRhS9l5Ph2xE1/9
FXGPRgzV6JpF817DTT7n90RU7hb+hDl69Nx94OHZAXQ+n7R2gaK1BLCf8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHB47+elq+zG1KpqMdY1OOWEL3tlMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvY0hqdjU2V3I3TWJVcW1veDFqVTQ1WVF2ZTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABQgsAwQA
BbwzAwQABbzIAwQABbzLAwQABb3+MA0GCSqGSIb3DQEBCwUAA4IBAQBzGdo+RRew
1k0noycgylNfaQiIrc3jCsChqHePmc+NZjFrhZD6b5HJyNhaf77Hn2FEYz4ZMvQr
ltTngtFCKgYcO7PDr8qIlqBZwDP/9eKKknKTlfoxwJOkvGwASqWMcR/44wBiT4LY
ftwWfK7eIdNe2Na6iYaaj4vNaKLea6sASBGEcakRShZmLjmYzujAhN1rPdIe2bbT
nxaiWhzKky6bDk3j19k8b1TNoembaLlj/UVLaAuWzKxTS/u0BEDk7pJYJyNYSlcJ
li57CjcYxpryZ+pUSBV3qGyTpwyZ8OfXK/YxmwmtbN+NJVA/0+CVyj0tETnolhoV
xaMVdkE9RqY5
-----END CERTIFICATE-----
Generated at Mon Oct 28 16:44:24 2024 by rpki-client on console-fra.rpki-client.org