Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/hpyxGg10qgh6fsIdaZ5T2T_cfFs.roa
File: hpyxGg10qgh6fsIdaZ5T2T_cfFs.roa (raw, json)
Hash identifier: eWaziiMDD0gvpPjVpH4CD465G5Ek3OTCr+F+lu84lkw=
Subject key identifier: 86:9C:B1:1A:0D:74:AA:08:7A:7E:C2:1D:69:9E:53:D9:3F:DC:7C:5B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0187132029F3B232A001C3B28211AB7D0FC8
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/hpyxGg10qgh6fsIdaZ5T2T_cfFs.roa
Signing time: Fri 24 Mar 2023 10:18:07 +0000
ROA not before: Fri 24 Mar 2023 10:18:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206757
IP address blocks: 78.136.68.0/24 maxlen: 24
5.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:20:29:f3:b2:32:a0:01:c3:b2:82:11:ab:7d:0f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 24 10:18:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=869cb11a0d74aa087a7ec21d699e53d93fdc7c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:d4:06:e0:36:cd:3f:3d:eb:ae:78:83:f0:
f2:7c:ef:2b:1e:c8:b8:a9:3e:3f:40:fd:a3:7f:8d:
e3:ed:18:2f:6f:3a:f4:fd:5d:57:56:fd:59:12:2c:
de:a9:ab:e6:9b:b5:f5:5e:fb:21:8a:d3:e9:c4:64:
3f:a6:57:b5:1e:fc:ae:31:4d:56:7e:3d:d1:d5:9c:
5d:a2:d6:9d:06:83:d2:2a:8d:1d:0f:f2:b4:1b:47:
54:e6:a8:26:c8:32:e3:7b:da:31:ba:05:ed:e1:9c:
c5:03:40:db:e0:cf:88:a6:ec:0e:7f:06:92:f4:fa:
12:7d:75:27:15:51:55:cb:b2:19:ab:f0:ce:f7:78:
d8:b6:38:10:f3:56:da:ff:d1:2a:a7:1f:5a:f8:8b:
a0:31:e5:8c:e7:dc:5e:0a:2c:2a:d8:b9:8a:b9:ff:
be:86:0c:02:28:49:7e:f9:b3:b9:0a:67:48:96:c5:
1b:8e:41:35:d6:5c:de:e4:79:21:fc:ff:ac:65:38:
bd:8b:ec:0c:da:be:e8:ae:ec:6f:01:5e:4f:7b:c1:
0a:71:31:86:bf:f4:0b:b1:ce:29:9b:76:6c:0b:23:
1f:26:52:36:ec:ce:5a:61:1d:d9:bc:66:1a:09:14:
d2:3a:f8:7f:6a:2a:6e:5c:3f:7f:80:7d:e9:5d:ee:
c6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9C:B1:1A:0D:74:AA:08:7A:7E:C2:1D:69:9E:53:D9:3F:DC:7C:5B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/hpyxGg10qgh6fsIdaZ5T2T_cfFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.37.0/24
78.136.68.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:21:40:ed:c3:e2:fa:aa:cd:16:29:9c:8f:8e:08:f4:a4:49:
f2:21:7f:96:1b:77:27:98:c7:2c:75:4b:14:e2:24:d7:c1:1e:
b2:5a:57:6e:e7:32:54:06:02:62:2c:e7:b6:30:68:59:ad:5a:
fb:db:3e:45:6f:8f:24:5d:b3:b7:90:a6:e6:8d:d6:a1:40:d8:
a7:f7:a3:91:8a:20:a6:b5:9c:4f:aa:a5:9a:ab:02:2e:18:90:
f0:6a:e6:f8:29:eb:20:85:9d:16:5c:9a:ca:5e:2b:bc:e9:26:
3f:9c:70:ec:94:47:2f:ea:76:3e:1a:7a:42:8e:af:11:b2:56:
55:5e:d7:13:2a:3a:91:f8:e4:12:25:bb:a0:7f:33:9e:fd:c2:
a7:b0:2e:97:18:df:27:4f:26:0a:df:63:09:9b:e5:d5:e3:6f:
41:b5:da:ed:1e:9a:d7:41:ef:83:f9:c6:ac:7f:2c:2f:f9:69:
50:ca:9d:02:05:51:90:7c:d6:27:19:36:cf:68:3d:97:4d:5e:
6a:37:ef:52:57:08:93:57:40:5c:37:e9:02:c8:58:b1:7e:e0:
14:5d:e3:35:74:d0:df:95:01:65:2b:8b:43:ca:89:25:9d:4d:
6e:5e:5c:37:61:9d:d2:d8:38:2a:3b:e8:54:ee:41:30:1c:ea:
94:dd:8c:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcTICnzsjKgAcOyghGrfQ/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMzI0MTAxODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjljYjExYTBkNzRhYTA4N2E3ZWMyMWQ2OTllNTNkOTNmZGM3YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8bUBuA2zT896654g/DyfO8rHsi4
qT4/QP2jf43j7Rgvbzr0/V1XVv1ZEizeqavmm7X1XvshitPpxGQ/ple1HvyuMU1W
fj3R1ZxdotadBoPSKo0dD/K0G0dU5qgmyDLje9oxugXt4ZzFA0Db4M+IpuwOfwaS
9PoSfXUnFVFVy7IZq/DO93jYtjgQ81ba/9Eqpx9a+IugMeWM59xeCiwq2LmKuf++
hgwCKEl++bO5CmdIlsUbjkE11lze5Hkh/P+sZTi9i+wM2r7oruxvAV5Pe8EKcTGG
v/QLsc4pm3ZsCyMfJlI27M5aYR3ZvGYaCRTSOvh/aipuXD9/gH3pXe7GyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIacsRoNdKoIen7CHWmeU9k/3HxbMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvaHB5eEdnMTBxZ2g2ZnNJZGFaNVQyVF9jZkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZolAwQA
TohEMA0GCSqGSIb3DQEBCwUAA4IBAQCcIUDtw+L6qs0WKZyPjgj0pEnyIX+WG3cn
mMcsdUsU4iTXwR6yWldu5zJUBgJiLOe2MGhZrVr72z5Fb48kXbO3kKbmjdahQNin
96ORiiCmtZxPqqWaqwIuGJDwaub4KesghZ0WXJrKXiu86SY/nHDslEcv6nY+GnpC
jq8RslZVXtcTKjqR+OQSJbugfzOe/cKnsC6XGN8nTyYK32MJm+XV429BtdrtHprX
Qe+D+casfywv+WlQyp0CBVGQfNYnGTbPaD2XTV5qN+9SVwiTV0BcN+kCyFixfuAU
XeM1dNDflQFlK4tDyoklnU1uXlw3YZ3S2DgqO+hU7kEwHOqU3Ywz
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org