Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/9fHh_0nOf9_bOZV9Jqpkwmc3xhw.roa
File: 9fHh_0nOf9_bOZV9Jqpkwmc3xhw.roa (raw, json)
Hash identifier: nxfcd7SeXh8WRBDmDfMdrilNWYMKer1blRLJU3Vi7Ak=
Subject key identifier: F5:F1:E1:FF:49:CE:7F:DF:DB:39:95:7D:26:AA:64:C2:67:37:C6:1C
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 0188711F3AD4DAE4D7B4CDEB3384837EC8C5
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/9fHh_0nOf9_bOZV9Jqpkwmc3xhw.roa
Signing time: Wed 31 May 2023 09:24:12 +0000
ROA not before: Wed 31 May 2023 09:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 83.136.104.0/21 maxlen: 24
95.141.32.0/20 maxlen: 24
95.141.36.0/23 maxlen: 24
94.198.101.0/24 maxlen: 24
158.58.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 10:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:1f:3a:d4:da:e4:d7:b4:cd:eb:33:84:83:7e:c8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: May 31 09:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5f1e1ff49ce7fdfdb39957d26aa64c26737c61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:78:c8:13:3d:dc:34:84:f4:52:b1:03:e3:cf:
e2:4b:15:19:c1:bc:93:15:10:31:0c:ce:81:18:fe:
8b:2d:07:24:86:df:51:2d:08:68:06:06:4f:03:18:
7d:66:00:db:d7:15:0c:99:b0:5c:f7:e2:a9:ee:2f:
e4:e9:0e:48:05:44:94:1d:fb:0f:be:46:58:e5:e0:
e7:df:ee:a0:1e:03:e4:2c:aa:46:e8:45:c1:84:e5:
a4:26:2e:62:4b:f5:65:8a:53:c2:ca:ad:2e:a3:04:
da:41:f0:62:be:6a:23:ce:ee:77:d8:6d:e7:ce:27:
6f:11:63:d9:bf:43:e4:61:3e:0a:4c:c9:94:89:dd:
6b:41:cd:ce:96:81:40:f6:8e:6b:0f:39:38:6f:5d:
80:f8:f7:0c:13:67:2f:a1:fe:5a:42:b4:5e:cc:9c:
72:d4:09:92:b6:d5:bc:6c:ba:aa:7e:c9:b8:46:5a:
9b:6e:88:0f:9f:d0:65:cd:dc:cf:c9:9e:8c:22:b4:
f6:c4:4b:23:d0:64:d6:b1:c2:49:de:21:af:d6:4e:
77:3e:cd:df:3c:56:f0:46:fd:bf:3e:9e:67:f0:f7:
ea:0a:3f:c0:95:bb:0a:05:0b:a3:59:88:11:b1:de:
54:27:cb:13:f5:24:35:ca:6a:a3:b5:e8:5f:e0:5c:
29:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F1:E1:FF:49:CE:7F:DF:DB:39:95:7D:26:AA:64:C2:67:37:C6:1C
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/9fHh_0nOf9_bOZV9Jqpkwmc3xhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.101.0/24
95.141.32.0/20
158.58.172.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:92:c8:ef:0a:08:69:95:1a:04:a6:92:99:bf:67:d4:4d:aa:
f9:00:9b:4d:8c:7a:13:5d:51:05:b7:29:01:a2:37:88:f1:ef:
db:e2:c7:e4:a5:b5:f3:49:98:3d:3d:af:42:67:83:98:20:a9:
6c:f0:f7:5c:d7:5c:83:6c:43:c8:b5:db:fa:49:73:f8:ca:20:
f2:91:19:a1:00:d2:08:c7:11:0f:1b:15:7e:72:f0:5d:ea:7c:
3c:ed:f6:14:6e:b9:d5:8d:86:bc:60:7c:19:1e:95:53:4d:95:
4b:1e:35:7c:7f:87:ac:b3:f9:10:c2:90:d0:8d:2d:02:d0:10:
49:a5:a7:bc:bd:69:d0:97:a1:4d:a3:fb:b0:c8:dc:a5:92:6c:
46:ce:cf:e5:8a:c5:c6:87:71:a7:c4:44:02:63:06:49:c2:c6:
11:da:b7:2e:c6:e1:84:80:7b:03:89:c8:cc:ae:7f:4f:b5:6e:
02:85:b9:16:fa:f1:c5:f7:e3:80:7c:2d:6d:59:39:46:0c:90:
58:6c:08:1a:8c:e1:0d:a7:cc:99:c7:ed:b7:3a:8b:a3:c6:d1:
dd:e7:db:56:fa:a1:22:f9:3b:c0:bc:cd:e0:13:47:12:96:63:
90:a5:d2:a0:75:01:54:2c:1e:52:ec:88:12:47:12:39:91:c3:
5b:62:bb:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhxHzrU2uTXtM3rM4SDfsjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMwNTMxMDkyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWYxZTFmZjQ5Y2U3ZmRmZGIzOTk1N2QyNmFhNjRjMjY3MzdjNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnjIEz3cNIT0UrED48/iSxUZwbyT
FRAxDM6BGP6LLQckht9RLQhoBgZPAxh9ZgDb1xUMmbBc9+Kp7i/k6Q5IBUSUHfsP
vkZY5eDn3+6gHgPkLKpG6EXBhOWkJi5iS/VlilPCyq0uowTaQfBivmojzu532G3n
zidvEWPZv0PkYT4KTMmUid1rQc3OloFA9o5rDzk4b12A+PcME2cvof5aQrRezJxy
1AmSttW8bLqqfsm4RlqbbogPn9BlzdzPyZ6MIrT2xEsj0GTWscJJ3iGv1k53Ps3f
PFbwRv2/Pp5n8PfqCj/AlbsKBQujWYgRsd5UJ8sT9SQ1ymqjtehf4FwpAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPXx4f9Jzn/f2zmVfSaqZMJnN8YcMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvOWZIaF8wbk9mOV9iT1pWOUpxcGt3bWMzeGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4hoAwQA
XsZlAwQEX40gAwQBnjqsMA0GCSqGSIb3DQEBCwUAA4IBAQAOksjvCghplRoEppKZ
v2fUTar5AJtNjHoTXVEFtykBojeI8e/b4sfkpbXzSZg9Pa9CZ4OYIKls8Pdc11yD
bEPItdv6SXP4yiDykRmhANIIxxEPGxV+cvBd6nw87fYUbrnVjYa8YHwZHpVTTZVL
HjV8f4ess/kQwpDQjS0C0BBJpae8vWnQl6FNo/uwyNylkmxGzs/lisXGh3GnxEQC
YwZJwsYR2rcuxuGEgHsDicjMrn9PtW4ChbkW+vHF9+OAfC1tWTlGDJBYbAgajOEN
p8yZx+23OoujxtHd59tW+qEi+TvAvM3gE0cSlmOQpdKgdQFULB5S7IgSRxI5kcNb
Yrt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:26 2024 by rpki-client on console-ams.rpki-client.org