Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/EDiyaoHpq-TbtdBDm_O8ueT75b0.roa
File: EDiyaoHpq-TbtdBDm_O8ueT75b0.roa (raw, json)
Hash identifier: OVd88KVhfL5/9qcVjsZRHStUbkpevlw0hPHVSrxpsXQ=
Subject key identifier: 10:38:B2:6A:81:E9:AB:E4:DB:B5:D0:43:9B:F3:BC:B9:E4:FB:E5:BD
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01856F547E10FFB49AD9D14DE96C22D41892
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/EDiyaoHpq-TbtdBDm_O8ueT75b0.roa
Signing time: Sun 01 Jan 2023 21:54:46 +0000
ROA not before: Sun 01 Jan 2023 21:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56995
IP address blocks: 188.161.104.0/24 maxlen: 24
188.161.104.0/21 maxlen: 21
188.161.105.0/24 maxlen: 24
188.161.110.0/24 maxlen: 24
188.161.106.0/24 maxlen: 24
188.161.108.0/24 maxlen: 24
188.161.111.0/24 maxlen: 24
188.161.107.0/24 maxlen: 24
188.161.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:7e:10:ff:b4:9a:d9:d1:4d:e9:6c:22:d4:18:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 21:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1038b26a81e9abe4dbb5d0439bf3bcb9e4fbe5bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:43:8b:ec:b8:79:69:b7:36:60:3c:c1:a3:e8:
11:c7:22:d0:45:a0:a4:e6:b2:d4:cb:ab:c8:f5:de:
f6:ef:e8:87:04:2f:e2:2d:00:64:17:3d:21:52:11:
c9:0a:bb:87:d7:95:fb:c5:62:71:be:f1:16:fc:88:
80:01:3f:f2:e3:e4:55:09:8e:57:05:d8:6d:84:32:
c6:eb:27:05:f5:df:5a:b7:16:95:ed:1b:52:03:f5:
1e:18:a8:1f:c5:f4:2d:5f:99:fa:aa:a8:ce:30:2f:
e0:9a:77:c6:15:f5:1b:03:db:4d:9c:fb:35:1e:ac:
0c:67:8e:9e:fe:3c:01:aa:3f:86:c0:05:b5:f2:a8:
16:6e:a5:ff:e3:4a:37:00:5f:f0:8f:e4:63:ba:67:
8a:c6:eb:74:7e:41:fb:4b:06:c0:07:87:f5:28:7e:
a1:83:bd:8c:ad:79:2b:f4:19:b0:db:be:68:19:03:
2b:4e:33:98:8d:88:04:16:ac:d0:30:5a:ce:8e:51:
71:ee:6e:51:bf:68:10:e5:fc:a5:fd:3a:30:66:a1:
90:2b:0f:d1:0e:3d:bc:1f:d5:89:0c:c2:93:13:e7:
7b:03:79:f8:a9:32:96:bb:c5:27:0a:c3:b8:a5:b1:
f0:32:cb:43:b7:6a:b7:08:3d:6d:19:27:2c:f9:27:
82:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:38:B2:6A:81:E9:AB:E4:DB:B5:D0:43:9B:F3:BC:B9:E4:FB:E5:BD
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/EDiyaoHpq-TbtdBDm_O8ueT75b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.161.104.0/21
Signature Algorithm: sha256WithRSAEncryption
89:1e:42:8d:3a:3f:b0:fd:07:60:ac:dd:f6:01:94:43:7b:a9:
6b:57:6f:81:d2:8d:2c:71:51:00:de:81:08:d7:90:e2:42:c8:
b2:ec:22:e0:99:09:3d:fc:10:ed:8d:34:19:c2:0d:2f:92:ca:
f7:0c:af:0c:d1:84:49:86:57:18:71:0a:cb:53:07:9f:c9:2e:
8b:36:54:c1:2e:7d:14:10:95:b8:7b:1f:44:26:5f:8f:26:d8:
08:f8:8d:5f:b0:cf:e0:45:81:3f:11:17:bf:f3:4f:11:ed:55:
85:bb:a8:6e:59:89:f7:b7:85:3b:9d:1b:61:76:0f:d8:20:6a:
f7:46:fe:69:5b:c8:d1:01:dc:27:92:bc:10:69:8b:00:19:e9:
d0:74:be:70:af:07:1e:46:22:60:69:15:38:03:ec:23:1e:53:
f1:9c:c7:d5:fb:44:d3:d0:7e:d2:17:ad:09:3a:e8:e2:19:4e:
21:d1:01:cf:77:7f:ee:a4:a0:27:21:48:73:41:fb:21:bb:77:
bf:49:fd:d4:5c:6d:1b:10:7d:75:37:7b:51:f3:77:0e:e1:60:
56:2c:d4:b2:d8:07:ed:33:0a:5f:17:17:5b:7a:3a:9c:4a:6e:
f0:ac:26:3a:90:02:b9:c9:ee:93:5a:b1:55:fe:75:76:a6:02:
4a:90:10:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVH4Q/7Sa2dFN6Wwi1BiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjMwMTAxMjE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM4YjI2YTgxZTlhYmU0ZGJiNWQwNDM5YmYzYmNiOWU0ZmJlNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUOL7Lh5abc2YDzBo+gRxyLQRaCk
5rLUy6vI9d727+iHBC/iLQBkFz0hUhHJCruH15X7xWJxvvEW/IiAAT/y4+RVCY5X
BdhthDLG6ycF9d9atxaV7RtSA/UeGKgfxfQtX5n6qqjOMC/gmnfGFfUbA9tNnPs1
HqwMZ46e/jwBqj+GwAW18qgWbqX/40o3AF/wj+RjumeKxut0fkH7SwbAB4f1KH6h
g72MrXkr9Bmw275oGQMrTjOYjYgEFqzQMFrOjlFx7m5Rv2gQ5fyl/TowZqGQKw/R
Dj28H9WJDMKTE+d7A3n4qTKWu8UnCsO4pbHwMstDt2q3CD1tGScs+SeCMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBA4smqB6avk27XQQ5vzvLnk++W9MB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvRURpeWFvSHBxLVRidGRCRG1fTzh1ZVQ3NWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvKFoMA0G
CSqGSIb3DQEBCwUAA4IBAQCJHkKNOj+w/QdgrN32AZRDe6lrV2+B0o0scVEA3oEI
15DiQsiy7CLgmQk9/BDtjTQZwg0vksr3DK8M0YRJhlcYcQrLUwefyS6LNlTBLn0U
EJW4ex9EJl+PJtgI+I1fsM/gRYE/ERe/808R7VWFu6huWYn3t4U7nRthdg/YIGr3
Rv5pW8jRAdwnkrwQaYsAGenQdL5wrwceRiJgaRU4A+wjHlPxnMfV+0TT0H7SF60J
OujiGU4h0QHPd3/upKAnIUhzQfshu3e/Sf3UXG0bEH11N3tR83cO4WBWLNSy2Aft
MwpfFxdbejqcSm7wrCY6kAK5ye6TWrFV/nV2pgJKkBAl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org