Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hwN5Y-MswfQ_OGVOR6Z5msPL0GI.roa
File: hwN5Y-MswfQ_OGVOR6Z5msPL0GI.roa (raw, json)
Hash identifier: meIIqw1ZrWX8vjOiMz7myqrdeT75k7TLOxpwa83nR2g=
Subject key identifier: 87:03:79:63:E3:2C:C1:F4:3F:38:65:4E:47:A6:79:9A:C3:CB:D0:62
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 018D3C1258A32514B0A525BF0732D3530CC5
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hwN5Y-MswfQ_OGVOR6Z5msPL0GI.roa
Signing time: Wed 24 Jan 2024 15:24:11 +0000
ROA not before: Wed 24 Jan 2024 15:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50986
IP address blocks: 31.170.24.0/21 maxlen: 21
31.170.24.0/24 maxlen: 24
178.236.64.0/20 maxlen: 20
178.236.64.0/22 maxlen: 22
178.236.70.0/23 maxlen: 23
178.236.76.0/22 maxlen: 22
185.27.96.0/22 maxlen: 22
2a02:1610::/32 maxlen: 32
2a02:1610::/56 maxlen: 56
2a02:1610:1:1000::/56 maxlen: 56
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:12:58:a3:25:14:b0:a5:25:bf:07:32:d3:53:0c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Jan 24 15:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87037963e32cc1f43f38654e47a6799ac3cbd062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:da:8c:d8:99:97:4b:2b:37:e4:b4:c0:d5:5c:
2b:05:bb:ac:fc:7a:ea:0b:c4:6e:01:22:88:02:b9:
59:de:fe:af:4e:2e:5b:2c:0c:14:84:08:9e:d6:be:
4e:92:ed:38:26:32:9e:40:91:d2:f8:a2:1a:5e:a0:
5e:bb:e6:e8:a6:13:12:4a:cb:09:bb:e2:b5:9e:c5:
32:47:0c:43:a0:cd:50:ae:0f:fd:69:99:78:ad:ae:
f4:1a:80:ed:15:2b:a4:5b:e4:4c:ae:3d:48:71:c8:
e2:87:32:80:52:92:9c:dd:9d:9c:65:7a:d0:ec:78:
e6:94:c5:db:56:97:c6:06:e4:89:f5:14:a1:f3:23:
dc:4b:32:ac:46:ae:74:43:6a:f3:7b:50:c0:06:a9:
6d:f1:41:9f:62:88:4b:ad:7a:7a:3b:3b:a0:a5:6b:
9b:93:58:2c:a2:9d:be:23:01:b1:ed:f8:ae:15:e9:
d9:2e:76:6c:ee:04:a9:f5:e7:91:fc:39:75:9d:80:
40:64:d4:cf:d8:3e:78:61:6d:86:ef:48:82:c5:8b:
f0:83:4d:fd:07:59:0e:c2:81:04:cd:f5:e5:77:10:
74:52:3d:5f:9d:a1:5f:98:dc:50:d1:11:18:eb:7d:
91:cf:c7:b5:55:1a:05:42:b3:15:9b:90:35:5e:2e:
cd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:03:79:63:E3:2C:C1:F4:3F:38:65:4E:47:A6:79:9A:C3:CB:D0:62
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hwN5Y-MswfQ_OGVOR6Z5msPL0GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.24.0/21
178.236.64.0/20
185.27.96.0/22
IPv6:
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
46:72:4a:f1:e4:cc:c7:1b:99:17:16:22:1f:2c:c8:44:2a:3f:
47:5a:ed:20:29:14:a6:c1:65:cc:af:40:f3:65:8d:14:23:d1:
53:c7:e5:c1:ce:fc:1a:43:5b:ba:a5:79:90:5b:e1:6d:c4:4a:
3f:2f:af:ad:78:3b:8b:d1:1d:52:a0:5a:ab:9d:63:54:50:a2:
cc:1b:5d:5b:8f:75:7d:3e:dd:fb:ed:74:bb:07:81:8f:aa:e6:
69:c7:f7:c8:56:44:7b:b3:8b:3e:24:f2:48:00:a3:cb:bf:9b:
39:75:fa:9b:fa:83:0e:c3:88:c5:63:48:3c:3c:af:46:ba:65:
5b:da:68:7f:46:ec:66:1f:85:99:c3:ce:eb:6b:9c:0b:bd:1b:
47:40:f9:af:ab:9d:d0:59:70:35:6c:f0:ba:fb:64:78:29:17:
2d:0b:60:1c:3a:00:73:ee:a4:e2:3d:dc:8c:b8:ff:d5:a5:1c:
85:8e:48:00:4e:92:a4:8c:23:67:b5:8e:44:1e:1e:16:2c:02:
c2:22:81:3f:1e:e4:13:cf:0f:a8:68:02:22:3f:4e:f0:ad:77:
ef:a8:05:44:03:f9:44:a0:ec:6b:a7:29:51:39:22:88:6e:e2:
21:2b:2a:35:e3:d5:dc:a7:31:fd:63:f0:54:6d:a1:39:78:0c:
71:93:16:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY08ElijJRSwpSW/BzLTUwzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjQwMTI0MTUyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAzNzk2M2UzMmNjMWY0M2YzODY1NGU0N2E2Nzk5YWMzY2JkMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9qM2JmXSys35LTA1VwrBbus/Hrq
C8RuASKIArlZ3v6vTi5bLAwUhAie1r5Oku04JjKeQJHS+KIaXqBeu+bophMSSssJ
u+K1nsUyRwxDoM1Qrg/9aZl4ra70GoDtFSukW+RMrj1IccjihzKAUpKc3Z2cZXrQ
7HjmlMXbVpfGBuSJ9RSh8yPcSzKsRq50Q2rze1DABqlt8UGfYohLrXp6OzugpWub
k1gsop2+IwGx7fiuFenZLnZs7gSp9eeR/Dl1nYBAZNTP2D54YW2G70iCxYvwg039
B1kOwoEEzfXldxB0Uj1fnaFfmNxQ0REY632Rz8e1VRoFQrMVm5A1Xi7NIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIcDeWPjLMH0PzhlTkemeZrDy9BiMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvaHdONVktTXN3ZlFfT0dWT1I2WjVtc1BMMEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6oYAwQE
suxAAwQCuRtgMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IBAQBGckrx
5MzHG5kXFiIfLMhEKj9HWu0gKRSmwWXMr0DzZY0UI9FTx+XBzvwaQ1u6pXmQW+Ft
xEo/L6+teDuL0R1SoFqrnWNUUKLMG11bj3V9Pt377XS7B4GPquZpx/fIVkR7s4s+
JPJIAKPLv5s5dfqb+oMOw4jFY0g8PK9GumVb2mh/RuxmH4WZw87ra5wLvRtHQPmv
q53QWXA1bPC6+2R4KRctC2AcOgBz7qTiPdyMuP/VpRyFjkgATpKkjCNntY5EHh4W
LALCIoE/HuQTzw+oaAIiP07wrXfvqAVEA/lEoOxrpylROSKIbuIhKyo149XcpzH9
Y/BUbaE5eAxxkxbc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org