Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/tHJ_6GwXMfrNi8874ztw6Z7MQGk.roa
File: tHJ_6GwXMfrNi8874ztw6Z7MQGk.roa (raw, json)
Hash identifier: n/NSEzK61zDVitEG0b28uAcHoAS3M/lxIrMKHZM4bQQ=
Subject key identifier: B4:72:7F:E8:6C:17:31:FA:CD:8B:CF:3B:E3:3B:70:E9:9E:CC:40:69
Certificate issuer: /CN=1034068b5e9f7314277e2be9726c732131b1756c
Certificate serial: 0190C4EBECDDF132A1965348E22D2456B637
Authority key identifier: 10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/tHJ_6GwXMfrNi8874ztw6Z7MQGk.roa
Signing time: Thu 18 Jul 2024 08:18:34 +0000
ROA not before: Thu 18 Jul 2024 08:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 5.36.0.0/16 maxlen: 24
82.178.144.0/21 maxlen: 24
2001:1670:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 10:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c4:eb:ec:dd:f1:32:a1:96:53:48:e2:2d:24:56:b6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1034068b5e9f7314277e2be9726c732131b1756c
Validity
Not Before: Jul 18 08:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4727fe86c1731facd8bcf3be33b70e99ecc4069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a6:4f:15:7d:06:25:12:93:55:da:bc:25:ca:
f1:fc:39:7b:70:90:5c:9b:cb:0b:be:5f:54:a6:13:
68:51:e2:1c:62:7f:f4:16:bd:43:5a:fc:10:23:e7:
5a:b6:71:02:5b:a1:a1:b0:40:af:20:8c:b5:84:18:
17:17:36:f9:b2:1e:53:0a:28:f9:7e:e5:6e:47:5e:
a7:85:43:99:5b:f8:6d:2d:3d:ac:56:1d:d8:36:a2:
e8:ef:aa:f6:2a:e2:61:b5:0e:bd:e8:a8:c6:be:03:
1d:91:1d:27:08:6e:63:12:f7:df:1f:70:41:67:f2:
7a:39:b7:2e:a4:ed:c2:d8:85:1c:fd:1d:14:b4:99:
57:2a:a6:74:68:c8:50:90:d9:8e:aa:3f:fe:a4:6b:
05:f7:62:cc:9b:fe:fa:f7:7b:5b:15:a7:95:5f:99:
a1:90:0c:bc:a4:f9:c4:56:38:a4:19:9a:68:17:89:
38:68:88:63:56:0b:c0:ee:78:ea:31:8a:b5:74:57:
a9:3b:f2:32:5d:63:0b:8d:1c:4a:8f:ef:89:d8:e1:
37:3e:cf:d9:28:92:3d:07:fe:03:5d:ce:76:32:77:
e3:ca:86:32:47:80:33:2b:4b:04:ee:99:19:f0:3b:
56:48:e9:c7:88:0c:86:1b:07:ce:60:76:bc:ee:99:
a6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:7F:E8:6C:17:31:FA:CD:8B:CF:3B:E3:3B:70:E9:9E:CC:40:69
X509v3 Authority Key Identifier:
keyid:10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/tHJ_6GwXMfrNi8874ztw6Z7MQGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/EDQGi16fcxQnfivpcmxzITGxdWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.36.0.0/16
82.178.144.0/21
IPv6:
2001:1670:2::/48
Signature Algorithm: sha256WithRSAEncryption
4e:56:16:62:ef:a4:72:c2:94:b7:1a:98:c9:63:b2:8a:85:44:
1e:89:eb:c1:5a:0c:fa:dd:49:4b:0b:05:a4:b5:6a:03:a9:9b:
f8:9a:bc:c1:e1:75:b8:1c:62:3e:65:c8:96:3b:91:46:38:02:
7a:74:70:2c:bc:68:3d:c5:06:0f:96:60:47:e8:ba:92:13:01:
ae:5e:e5:17:c8:cf:3b:25:85:ae:3b:20:1b:33:fb:b7:07:aa:
bb:b1:de:b3:59:16:3b:82:a1:f7:8a:d4:f7:9a:b6:af:bf:aa:
e2:87:af:c1:1e:8f:c4:ef:75:6d:55:17:55:bf:8a:22:54:7e:
33:c8:d5:24:38:f3:5c:19:de:2a:41:ba:0c:3b:1c:88:6b:a5:
a3:4f:e9:b9:30:47:d1:a4:b4:39:86:86:d4:b4:2b:8e:5c:90:
dc:f2:12:c4:cc:58:42:44:d3:e9:ce:25:89:29:f4:60:f1:32:
5a:04:b4:35:fc:c5:e9:eb:ac:7f:e3:34:0d:fd:be:c9:43:71:
80:08:56:2a:ec:aa:b3:1d:e4:53:fe:36:d5:b0:cd:9b:75:73:
7f:df:58:94:bf:c7:75:7c:4b:95:3d:d3:96:24:15:e2:95:2a:
e7:92:f3:4f:58:8e:47:db:96:38:75:e5:3e:6e:a2:ec:b1:eb:
ae:42:82:8f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZDE6+zd8TKhllNI4i0kVrY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzQwNjhiNWU5ZjczMTQyNzdlMmJlOTcyNmM3MzIxMzFi
MTc1NmMwHhcNMjQwNzE4MDgxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcyN2ZlODZjMTczMWZhY2Q4YmNmM2JlMzNiNzBlOTllY2M0MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaZPFX0GJRKTVdq8Jcrx/Dl7cJBc
m8sLvl9UphNoUeIcYn/0Fr1DWvwQI+datnECW6GhsECvIIy1hBgXFzb5sh5TCij5
fuVuR16nhUOZW/htLT2sVh3YNqLo76r2KuJhtQ696KjGvgMdkR0nCG5jEvffH3BB
Z/J6ObcupO3C2IUc/R0UtJlXKqZ0aMhQkNmOqj/+pGsF92LMm/7693tbFaeVX5mh
kAy8pPnEVjikGZpoF4k4aIhjVgvA7njqMYq1dFepO/IyXWMLjRxKj++J2OE3Ps/Z
KJI9B/4DXc52MnfjyoYyR4AzK0sE7pkZ8DtWSOnHiAyGGwfOYHa87pmm4wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLRyf+hsFzH6zYvPO+M7cOmezEBpMB8GA1UdIwQY
MBaAFBA0Boten3MUJ34r6XJscyExsXVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURRR2kxNmZjeFFuZml2cGNteHpJVEd4ZFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hMDQ1MGUtNTYzNC00NThkLTkxOGYt
MTAzZDkzZDI1MWFiLzEvdEhKXzZHd1hNZnJOaTg4NzR6dHc2WjdNUUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hMDQ1MGUtNTYzNC00NThkLTkxOGYtMTAzZDkzZDI1MWFi
LzEvRURRR2kxNmZjeFFuZml2cGNteHpJVEd4ZFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDARBAIAATALAwMABSQDBANS
spAwDwQCAAIwCQMHACABFnAAAjANBgkqhkiG9w0BAQsFAAOCAQEATlYWYu+kcsKU
txqYyWOyioVEHonrwVoM+t1JSwsFpLVqA6mb+Jq8weF1uBxiPmXIljuRRjgCenRw
LLxoPcUGD5ZgR+i6khMBrl7lF8jPOyWFrjsgGzP7twequ7Hes1kWO4Kh94rU95q2
r7+q4oevwR6PxO91bVUXVb+KIlR+M8jVJDjzXBneKkG6DDsciGulo0/puTBH0aS0
OYaG1LQrjlyQ3PISxMxYQkTT6c4liSn0YPEyWgS0NfzF6eusf+M0Df2+yUNxgAhW
Kuyqsx3kU/421bDNm3Vzf99YlL/HdXxLlT3TliQV4pUq55LzT1iOR9uWOHXlPm6i
7LHrrkKCjw==
-----END CERTIFICATE-----
Generated at Thu Aug 1 12:22:17 2024 by rpki-client on console-fra.rpki-client.org