Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hohcRfMREmsEITiQd7VjoSfH-TM.roa
File: hohcRfMREmsEITiQd7VjoSfH-TM.roa (raw, json)
Hash identifier: zrJbmv3H2hY1EjoIW0C+bSlNXuXx+x+XurD1vyIabqk=
Subject key identifier: 86:88:5C:45:F3:11:12:6B:04:21:38:90:77:B5:63:A1:27:C7:F9:33
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EE3368E2CB412D1D0DBA62BC2FB3A8F38
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hohcRfMREmsEITiQd7VjoSfH-TM.roa
Signing time: Mon 15 Apr 2024 19:23:07 +0000
ROA not before: Mon 15 Apr 2024 19:23:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 212.46.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 21:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:36:8e:2c:b4:12:d1:d0:db:a6:2b:c2:fb:3a:8f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 15 19:23:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86885c45f311126b0421389077b563a127c7f933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e7:a8:d4:b7:94:c7:d9:cd:bf:ae:1f:75:39:
a5:53:f8:da:28:e9:ba:b3:53:4a:64:2c:ef:14:b9:
55:0a:75:05:1d:6c:7b:42:4c:7e:9b:58:fb:79:7d:
e1:f6:ac:48:13:b0:24:52:ca:94:ca:15:8d:28:7c:
fc:97:78:36:40:1a:3f:b6:5e:c8:9b:01:c9:76:c7:
7c:38:bf:68:5a:6f:33:c8:8c:33:a1:2f:e4:14:80:
b7:0f:38:d5:f1:66:a4:0f:0e:a9:24:97:27:d7:4f:
b1:98:0e:01:1c:9e:89:d6:42:37:9c:9c:7e:bd:ac:
9b:32:e7:d0:3d:9a:88:ff:43:6f:3f:f1:62:4b:87:
fd:fb:75:6f:27:d4:6e:47:f1:56:3e:74:02:57:89:
ae:b0:b8:97:32:79:bc:43:0e:f6:91:e1:45:0f:1e:
f0:3b:3f:98:d5:5b:7a:c7:10:23:13:5f:19:ce:14:
cb:1f:7f:68:78:e3:07:78:64:a6:2d:d5:23:fe:96:
61:fe:41:79:55:27:8f:2a:d4:0e:b5:36:52:7e:af:
e3:41:8b:ad:c3:a8:6c:30:35:ed:22:09:65:3b:68:
d2:a0:4c:7b:7c:cf:ce:fa:56:a4:e6:b9:d1:ed:76:
d6:c6:af:49:0a:51:0f:80:63:a9:2e:1d:cd:c0:6b:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:88:5C:45:F3:11:12:6B:04:21:38:90:77:B5:63:A1:27:C7:F9:33
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hohcRfMREmsEITiQd7VjoSfH-TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.36.0/24
Signature Algorithm: sha256WithRSAEncryption
04:61:a8:bf:06:d0:fc:7a:ff:22:a4:48:79:3a:f7:cc:dd:98:
82:3c:25:77:f9:e8:5b:e9:2e:69:b8:71:38:58:6c:57:99:b2:
a9:4c:56:ce:f2:a9:f1:5d:22:fb:f3:81:6f:6f:4d:23:1b:e9:
93:7c:78:d8:b0:df:ea:d1:c5:ea:76:09:d3:03:59:14:48:55:
ef:86:dd:80:f0:9c:0f:12:3d:a8:e5:c0:4d:a3:57:77:f2:31:
cd:ea:ac:de:ea:d3:ea:c0:bd:ca:e6:f0:bb:85:5d:81:29:d7:
d2:4a:e3:f9:0f:69:b1:0a:e2:6a:28:d3:54:0d:78:55:74:1c:
96:33:21:9f:6e:32:13:3c:54:c3:02:65:9f:0e:7e:47:ff:e7:
ed:f1:6b:e0:56:4b:1c:c9:75:c8:5a:df:20:d2:21:4e:a3:4e:
b5:8a:bd:1b:7f:60:9a:eb:fb:1a:55:fd:46:45:e2:0e:72:f4:
a8:06:4c:58:65:3d:ff:eb:1f:d2:26:48:35:ff:a2:2f:78:24:
3a:d2:38:95:dd:5f:60:b7:50:59:82:28:28:a2:53:91:bc:c1:
9a:e3:e0:46:8b:b7:79:d8:aa:63:25:be:8d:8e:ad:01:e0:71:
b4:e6:28:3e:08:8c:3f:14:a1:1b:fb:5d:55:95:cb:8c:74:b0:
64:27:f5:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7jNo4stBLR0NumK8L7Oo84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDE1MTkyMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg4NWM0NWYzMTExMjZiMDQyMTM4OTA3N2I1NjNhMTI3YzdmOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheeo1LeUx9nNv64fdTmlU/jaKOm6
s1NKZCzvFLlVCnUFHWx7Qkx+m1j7eX3h9qxIE7AkUsqUyhWNKHz8l3g2QBo/tl7I
mwHJdsd8OL9oWm8zyIwzoS/kFIC3DzjV8WakDw6pJJcn10+xmA4BHJ6J1kI3nJx+
vaybMufQPZqI/0NvP/FiS4f9+3VvJ9RuR/FWPnQCV4musLiXMnm8Qw72keFFDx7w
Oz+Y1Vt6xxAjE18ZzhTLH39oeOMHeGSmLdUj/pZh/kF5VSePKtQOtTZSfq/jQYut
w6hsMDXtIgllO2jSoEx7fM/O+lak5rnR7XbWxq9JClEPgGOpLh3NwGvDOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaIXEXzERJrBCE4kHe1Y6Enx/kzMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaG9oY1JmTVJFbXNFSVRpUWQ3VmpvU2ZILVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C4kMA0G
CSqGSIb3DQEBCwUAA4IBAQAEYai/BtD8ev8ipEh5OvfM3ZiCPCV3+ehb6S5puHE4
WGxXmbKpTFbO8qnxXSL784Fvb00jG+mTfHjYsN/q0cXqdgnTA1kUSFXvht2A8JwP
Ej2o5cBNo1d38jHN6qze6tPqwL3K5vC7hV2BKdfSSuP5D2mxCuJqKNNUDXhVdByW
MyGfbjITPFTDAmWfDn5H/+ft8WvgVkscyXXIWt8g0iFOo061ir0bf2Ca6/saVf1G
ReIOcvSoBkxYZT3/6x/SJkg1/6IveCQ60jiV3V9gt1BZgigoolORvMGa4+BGi7d5
2KpjJb6Njq0B4HG05ig+CIw/FKEb+11VlcuMdLBkJ/WY
-----END CERTIFICATE-----
Generated at Mon Aug 12 23:53:59 2024 by rpki-client on console-ams.rpki-client.org