Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/r1geh5XjYozCB3Z8djrRjaJb4jI.roa
File: r1geh5XjYozCB3Z8djrRjaJb4jI.roa (raw, json)
Hash identifier: 3tl5jar2Thlo6VepBVgdNngmj6Cx9JoF8eWV0pY+E+I=
Subject key identifier: AF:58:1E:87:95:E3:62:8C:C2:07:76:7C:76:3A:D1:8D:A2:5B:E2:32
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 018AC37804F7D3E65293CB8D1D2B5E8A88F6
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/r1geh5XjYozCB3Z8djrRjaJb4jI.roa
Signing time: Sat 23 Sep 2023 19:15:37 +0000
ROA not before: Sat 23 Sep 2023 19:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.76.131.0/24 maxlen: 24
88.218.40.0/24 maxlen: 24
88.218.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c3:78:04:f7:d3:e6:52:93:cb:8d:1d:2b:5e:8a:88:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Sep 23 19:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af581e8795e3628cc207767c763ad18da25be232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:45:29:e6:21:bb:98:0f:af:f2:ff:7d:99:97:
58:17:9f:c8:8c:82:68:30:c3:1d:28:1e:50:15:74:
ac:62:f1:a1:37:e7:dd:df:a4:cf:73:a3:f9:cb:eb:
88:1e:71:8f:81:6e:43:53:02:c2:ee:ac:de:ea:be:
ff:ab:e5:7e:41:1d:36:5b:f8:41:23:1e:a5:3d:23:
d9:48:00:a1:f6:61:35:63:ae:7b:25:78:1c:e3:15:
b0:ae:17:fb:e5:fe:cb:17:ca:54:ea:b2:fe:4f:a5:
ba:96:d2:2c:8e:35:50:d0:ff:63:f0:30:90:02:3f:
0a:e3:af:f2:45:fb:0f:5e:8e:26:55:9f:8d:14:89:
20:f0:f7:82:10:10:f1:a3:7f:26:ef:02:ab:dd:98:
fc:24:2c:a7:ef:c8:ca:e0:f5:17:4f:cf:0a:41:b9:
53:36:45:47:8c:0c:60:fe:72:7e:0c:b8:69:9b:30:
af:f2:3d:c9:b4:4d:d1:95:c2:67:f7:c9:ff:cd:61:
46:96:16:60:48:92:95:6a:23:02:fc:71:26:19:54:
e2:4d:41:2b:f6:f4:5f:25:83:91:b8:3d:96:a9:02:
0a:e4:6e:9b:d8:e0:55:ae:ce:ae:d0:52:6f:00:d3:
dc:2b:24:5c:31:fb:a5:10:65:61:02:ba:e0:04:c1:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:58:1E:87:95:E3:62:8C:C2:07:76:7C:76:3A:D1:8D:A2:5B:E2:32
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/r1geh5XjYozCB3Z8djrRjaJb4jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.40.0/24
88.218.42.0/24
103.76.131.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:18:97:f0:ba:e3:20:28:50:1a:e7:d9:e6:69:77:32:04:8e:
d6:70:83:67:48:29:59:0a:18:33:5b:34:b5:42:0c:11:7e:0d:
2a:2e:de:7a:b9:94:82:af:15:a4:ad:cb:f1:fd:91:9d:bf:89:
a9:db:ed:1a:8b:bd:0a:ca:8d:34:31:88:b4:7d:53:95:35:bb:
56:ed:29:bd:2b:b0:9a:9e:32:e5:08:3a:89:0c:a2:4f:5e:b6:
f7:31:28:10:19:9a:7a:80:18:e3:23:be:fc:81:f8:ea:5d:66:
a8:a9:12:ec:09:b1:d8:54:29:a5:fe:82:57:f4:91:13:75:58:
3e:55:b3:f8:bf:70:63:56:e8:55:98:e1:42:7e:5a:5c:7c:1e:
02:fc:79:d1:23:b8:12:e1:dc:c7:15:d7:4a:bb:00:a9:2c:b1:
4d:38:de:63:96:14:b2:ea:ec:2b:e5:2f:e5:ba:30:be:93:d2:
f1:3d:3e:0b:4a:4c:69:f4:20:5d:0b:d6:82:78:62:ae:20:b3:
d2:c8:0d:cc:6f:d5:a7:e6:11:a6:4e:b5:3a:4f:58:7b:1e:eb:
99:08:a4:53:fe:73:1f:33:a1:13:08:45:99:3b:f0:b7:97:17:
08:6b:d4:67:83:68:e7:1d:86:bb:a8:e5:81:8c:61:b1:dc:d3:
da:57:85:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrDeAT30+ZSk8uNHSteioj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwOTIzMTkxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU4MWU4Nzk1ZTM2MjhjYzIwNzc2N2M3NjNhZDE4ZGEyNWJlMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEUp5iG7mA+v8v99mZdYF5/IjIJo
MMMdKB5QFXSsYvGhN+fd36TPc6P5y+uIHnGPgW5DUwLC7qze6r7/q+V+QR02W/hB
Ix6lPSPZSACh9mE1Y657JXgc4xWwrhf75f7LF8pU6rL+T6W6ltIsjjVQ0P9j8DCQ
Aj8K46/yRfsPXo4mVZ+NFIkg8PeCEBDxo38m7wKr3Zj8JCyn78jK4PUXT88KQblT
NkVHjAxg/nJ+DLhpmzCv8j3JtE3RlcJn98n/zWFGlhZgSJKVaiMC/HEmGVTiTUEr
9vRfJYORuD2WqQIK5G6b2OBVrs6u0FJvANPcKyRcMfulEGVhArrgBMFpHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK9YHoeV42KMwgd2fHY60Y2iW+IyMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvcjFnZWg1WGpZb3pDQjNaOGRqclJqYUpiNGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNooAwQA
WNoqAwQAZ0yDMA0GCSqGSIb3DQEBCwUAA4IBAQDSGJfwuuMgKFAa59nmaXcyBI7W
cINnSClZChgzWzS1QgwRfg0qLt56uZSCrxWkrcvx/ZGdv4mp2+0ai70Kyo00MYi0
fVOVNbtW7Sm9K7CanjLlCDqJDKJPXrb3MSgQGZp6gBjjI778gfjqXWaoqRLsCbHY
VCml/oJX9JETdVg+VbP4v3BjVuhVmOFCflpcfB4C/HnRI7gS4dzHFddKuwCpLLFN
ON5jlhSy6uwr5S/lujC+k9LxPT4LSkxp9CBdC9aCeGKuILPSyA3Mb9Wn5hGmTrU6
T1h7HuuZCKRT/nMfM6ETCEWZO/C3lxcIa9Rng2jnHYa7qOWBjGGx3NPaV4Xf
-----END CERTIFICATE-----
Generated at Wed Oct 4 22:38:53 2023 by rpki-client on console-ams.rpki-client.org