Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/HF5K7tzooG4JWghPoRbb07MBtf8.roa
File: HF5K7tzooG4JWghPoRbb07MBtf8.roa (raw, json)
Hash identifier: GrnC6yFlZ85ro5w0SSMgmFehTy+3r3bJa7ZIhewhHdc=
Subject key identifier: 1C:5E:4A:EE:DC:E8:A0:6E:09:5A:08:4F:A1:16:DB:D3:B3:01:B5:FF
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0186E57AAC6AEC50A779A93AA802B104E5D7
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/HF5K7tzooG4JWghPoRbb07MBtf8.roa
Signing time: Wed 15 Mar 2023 13:34:27 +0000
ROA not before: Wed 15 Mar 2023 13:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50986
IP address blocks: 193.34.202.0/24 maxlen: 24
31.170.24.0/24 maxlen: 24
31.170.24.0/21 maxlen: 21
185.27.96.0/22 maxlen: 22
178.236.64.0/22 maxlen: 22
178.236.64.0/20 maxlen: 20
2a02:1610::/32 maxlen: 32
2a02:1610:1:1000::/56 maxlen: 56
Validation: Failed, certificate revoked on Wed 15 Mar 2023 13:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:7a:ac:6a:ec:50:a7:79:a9:3a:a8:02:b1:04:e5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Mar 15 13:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c5e4aeedce8a06e095a084fa116dbd3b301b5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6e:c6:da:41:88:c2:cd:7c:fe:3f:77:53:39:
c1:97:0e:15:3a:ab:54:74:46:f6:62:c2:9d:6f:a3:
87:c6:47:48:cc:a8:0b:6f:29:83:68:bf:46:76:b7:
d2:5c:29:3f:06:08:88:ea:90:1c:4b:96:e4:b2:09:
aa:bf:1b:8b:af:00:d0:15:f6:05:11:24:f6:04:61:
03:18:21:30:42:e0:06:3d:90:6d:4b:7a:7c:ce:65:
ab:80:62:42:c5:b6:cd:e3:6c:4e:a3:3c:44:ee:ce:
3d:ff:95:d3:a8:f9:bd:17:a6:50:c3:f2:f0:8e:e5:
e2:0e:8c:0c:4c:ca:d1:ef:b6:20:de:15:09:09:b9:
8f:7a:24:24:99:d4:44:6d:00:4d:29:f0:e3:59:ec:
a2:99:de:59:47:e9:19:25:b6:7b:31:b3:3a:48:20:
b1:fb:c4:53:ea:f1:ba:c9:eb:3e:a5:b8:76:c4:df:
79:94:54:c1:b8:24:7e:10:28:24:5a:8a:c2:33:9f:
b9:d4:30:0f:f6:79:2c:19:8e:cd:1b:50:35:d5:85:
3f:93:12:93:4b:0d:1d:b9:a9:b5:69:39:25:a0:70:
35:52:12:46:d3:b2:ae:6e:39:5a:c0:48:1b:51:2c:
12:70:5a:69:e0:59:a5:28:ba:fc:31:f6:92:5b:1d:
0a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5E:4A:EE:DC:E8:A0:6E:09:5A:08:4F:A1:16:DB:D3:B3:01:B5:FF
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/HF5K7tzooG4JWghPoRbb07MBtf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.24.0/21
178.236.64.0/20
185.27.96.0/22
193.34.202.0/24
IPv6:
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
93:70:aa:7d:35:45:08:3d:06:05:ee:e6:ab:9b:2a:bd:24:75:
90:88:ef:cc:8c:76:8c:10:62:fe:6a:c7:3e:b4:16:0f:65:5f:
09:10:2d:33:f6:ae:bb:9f:de:14:f6:b5:a9:0d:77:f4:0e:d6:
38:11:1f:a5:2f:51:44:a0:4d:60:64:cc:e5:62:85:35:db:fa:
d5:08:e0:33:76:85:c7:3c:ab:bd:51:dc:e0:ab:0e:7e:a4:1c:
ba:ce:e5:1a:59:fe:e4:11:32:7b:d8:be:12:5d:08:ea:0a:c8:
ca:4d:36:e1:a3:41:e5:0d:df:5d:9e:c4:61:c4:72:4b:dc:35:
dc:3d:03:34:9a:97:ba:f6:32:22:52:c0:23:c3:60:f2:58:6e:
25:86:ec:11:9c:56:2f:22:47:00:07:c7:de:86:c1:4a:61:30:
9b:a9:7c:43:8f:0f:87:b0:4a:96:48:5f:24:d0:52:10:c1:b7:
48:ae:85:f5:b8:d6:8f:26:51:92:cc:6f:dc:06:f3:f2:0a:a8:
f0:9a:9d:b0:c6:34:25:0c:b8:f0:18:a9:b0:6c:c1:83:9a:8b:
3d:60:8d:67:ed:4a:2d:a6:c0:02:bc:03:8b:bb:35:b5:06:cd:
49:41:95:56:a1:57:d1:ef:77:eb:f5:cf:7b:f0:d6:ca:68:d0:
94:a3:fe:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYbleqxq7FCneak6qAKxBOXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwMzE1MTMzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVlNGFlZWRjZThhMDZlMDk1YTA4NGZhMTE2ZGJkM2IzMDFiNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG7G2kGIws18/j93UznBlw4VOqtU
dEb2YsKdb6OHxkdIzKgLbymDaL9GdrfSXCk/BgiI6pAcS5bksgmqvxuLrwDQFfYF
EST2BGEDGCEwQuAGPZBtS3p8zmWrgGJCxbbN42xOozxE7s49/5XTqPm9F6ZQw/Lw
juXiDowMTMrR77Yg3hUJCbmPeiQkmdREbQBNKfDjWeyimd5ZR+kZJbZ7MbM6SCCx
+8RT6vG6yes+pbh2xN95lFTBuCR+ECgkWorCM5+51DAP9nksGY7NG1A11YU/kxKT
Sw0duam1aTkloHA1UhJG07KubjlawEgbUSwScFpp4FmlKLr8MfaSWx0KEQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBxeSu7c6KBuCVoIT6EW29OzAbX/MB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvSEY1Szd0em9vRzRKV2doUG9SYmIwN01CdGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH6oYAwQE
suxAAwQCuRtgAwQAwSLKMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCTcKp9NUUIPQYF7uarmyq9JHWQiO/MjHaMEGL+asc+tBYPZV8JEC0z9q67n94U
9rWpDXf0DtY4ER+lL1FEoE1gZMzlYoU12/rVCOAzdoXHPKu9Udzgqw5+pBy6zuUa
Wf7kETJ72L4SXQjqCsjKTTbho0HlDd9dnsRhxHJL3DXcPQM0mpe69jIiUsAjw2Dy
WG4lhuwRnFYvIkcAB8fehsFKYTCbqXxDjw+HsEqWSF8k0FIQwbdIroX1uNaPJlGS
zG/cBvPyCqjwmp2wxjQlDLjwGKmwbMGDmos9YI1n7UotpsACvAOLuzW1Bs1JQZVW
oVfR73fr9c978NbKaNCUo/4L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:05 2024 by rpki-client on console-ams.rpki-client.org