Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/0eae4b-543f-4d42-a711-360daa324923/1/1RH-hwGKqR9wv7opI-1l-fvQc7g.roa
File: 1RH-hwGKqR9wv7opI-1l-fvQc7g.roa (raw, json)
Hash identifier: wD1rBOXHOZhsDasRuo9H830XVdAB/Gaf6kS+UXT8wdU=
Subject key identifier: D5:11:FE:87:01:8A:A9:1F:70:BF:BA:29:23:ED:65:F9:FB:D0:73:B8
Certificate issuer: /CN=b6e9e00534bf1f4202d02e5684107f03aea460d0
Certificate serial: 0185728C740DF68960D3BAB228489A85ADA1
Authority key identifier: B6:E9:E0:05:34:BF:1F:42:02:D0:2E:56:84:10:7F:03:AE:A4:60:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tungBTS_H0IC0C5WhBB_A66kYNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/0eae4b-543f-4d42-a711-360daa324923/1/1RH-hwGKqR9wv7opI-1l-fvQc7g.roa
Signing time: Mon 02 Jan 2023 12:54:45 +0000
ROA not before: Mon 02 Jan 2023 12:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25471
IP address blocks: 185.104.253.0/24 maxlen: 24
185.104.252.0/24 maxlen: 24
185.104.255.0/24 maxlen: 24
185.104.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:74:0d:f6:89:60:d3:ba:b2:28:48:9a:85:ad:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6e9e00534bf1f4202d02e5684107f03aea460d0
Validity
Not Before: Jan 2 12:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d511fe87018aa91f70bfba2923ed65f9fbd073b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:21:c5:10:ec:b0:79:cc:51:9e:2e:98:2b:cc:
96:dd:7a:7b:b7:ed:4a:6a:a0:0a:e9:8b:f9:7e:36:
b6:18:94:ec:63:36:13:21:42:b0:c0:a4:1e:4d:6e:
32:05:f0:14:e8:f6:e1:99:90:69:bc:6b:30:f0:7f:
99:e3:bb:be:ba:a9:25:76:d7:fc:dc:c9:15:63:61:
39:6a:d1:fa:93:aa:bb:6e:47:3b:95:9e:71:88:b7:
bf:36:27:4d:0b:c4:3c:09:ea:63:b9:d9:33:fd:cd:
4a:f2:02:ee:21:1f:38:90:90:de:96:a5:11:43:70:
b3:e0:93:0b:25:9b:9c:b5:b0:bd:f5:16:10:0f:9e:
39:7f:0e:fe:20:58:a0:3e:0a:e5:85:f8:fd:04:ac:
19:4d:bc:e3:fa:dc:67:57:b9:63:d0:93:a7:dc:43:
2e:fd:22:d5:7f:6c:c2:f6:8a:f3:35:00:71:a1:ea:
18:8c:ec:00:89:ba:aa:7d:93:11:4f:04:ac:e7:47:
ca:8e:52:2b:56:e2:31:00:1a:a6:f8:73:f2:c5:ff:
fe:2f:0e:50:12:45:bf:d0:64:43:25:9b:b4:02:3f:
b4:89:f6:9e:ab:16:b8:3d:4b:80:09:26:6b:f1:1e:
dd:fa:e6:00:fe:ee:67:cf:53:e6:84:76:2f:40:2c:
9e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:11:FE:87:01:8A:A9:1F:70:BF:BA:29:23:ED:65:F9:FB:D0:73:B8
X509v3 Authority Key Identifier:
keyid:B6:E9:E0:05:34:BF:1F:42:02:D0:2E:56:84:10:7F:03:AE:A4:60:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tungBTS_H0IC0C5WhBB_A66kYNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0eae4b-543f-4d42-a711-360daa324923/1/1RH-hwGKqR9wv7opI-1l-fvQc7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0eae4b-543f-4d42-a711-360daa324923/1/tungBTS_H0IC0C5WhBB_A66kYNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:2e:de:53:ec:bb:94:a4:17:a8:f9:7f:ed:dd:22:f7:b0:d0:
c8:04:e0:cd:7c:a9:43:99:93:6e:0b:17:c3:2a:35:95:96:63:
ec:86:b2:40:f3:e8:29:64:98:d5:35:31:08:23:9b:1c:2d:94:
61:40:e5:db:2a:3a:11:b7:c2:e2:a0:07:70:27:b2:2a:80:ef:
82:d3:10:09:37:07:5f:28:11:6f:7f:86:51:59:d2:9a:6e:e7:
4a:32:e0:28:7f:6a:14:20:e0:09:b6:77:02:4e:45:15:5a:b2:
d0:f4:af:f8:11:6c:5b:a0:5c:a2:78:c0:f0:db:fd:ae:13:8e:
9e:5a:26:05:85:c4:29:54:97:21:0d:f1:03:b6:7a:5b:f7:6b:
07:1a:9e:a5:2e:dc:34:19:e8:38:8e:fe:35:6d:4e:17:0d:8a:
bd:a2:a8:19:70:04:66:73:de:15:62:9c:b1:ee:32:e4:3a:11:
3c:d7:1f:7f:dd:f6:59:99:7f:fc:10:2d:a3:eb:bd:bb:26:87:
68:84:d7:42:4d:50:10:29:9a:e7:8f:e5:5f:0b:57:f4:3a:18:
5c:e9:1b:1a:49:d7:2c:c4:8a:d8:5e:d1:83:b8:ca:0f:96:7e:
6d:bb:0c:ef:e7:d7:0a:c4:e3:e3:fb:7b:a9:3c:4d:9a:c9:95:
c0:cb:7e:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjHQN9olg07qyKEiaha2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZTllMDA1MzRiZjFmNDIwMmQwMmU1Njg0MTA3ZjAzYWVh
NDYwZDAwHhcNMjMwMTAyMTI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTExZmU4NzAxOGFhOTFmNzBiZmJhMjkyM2VkNjVmOWZiZDA3M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCHFEOywecxRni6YK8yW3Xp7t+1K
aqAK6Yv5fja2GJTsYzYTIUKwwKQeTW4yBfAU6PbhmZBpvGsw8H+Z47u+uqkldtf8
3MkVY2E5atH6k6q7bkc7lZ5xiLe/NidNC8Q8Cepjudkz/c1K8gLuIR84kJDelqUR
Q3Cz4JMLJZuctbC99RYQD545fw7+IFigPgrlhfj9BKwZTbzj+txnV7lj0JOn3EMu
/SLVf2zC9orzNQBxoeoYjOwAibqqfZMRTwSs50fKjlIrVuIxABqm+HPyxf/+Lw5Q
EkW/0GRDJZu0Aj+0ifaeqxa4PUuACSZr8R7d+uYA/u5nz1PmhHYvQCyegQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUR/ocBiqkfcL+6KSPtZfn70HO4MB8GA1UdIwQY
MBaAFLbp4AU0vx9CAtAuVoQQfwOupGDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHVuZ0JUU19IMElDMEM1V2hCQl9BNjZrWU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8wZWFlNGItNTQzZi00ZDQyLWE3MTEt
MzYwZGFhMzI0OTIzLzEvMVJILWh3R0txUjl3djdvcEktMWwtZnZRYzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8wZWFlNGItNTQzZi00ZDQyLWE3MTEtMzYwZGFhMzI0OTIz
LzEvdHVuZ0JUU19IMElDMEM1V2hCQl9BNjZrWU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWj8MA0G
CSqGSIb3DQEBCwUAA4IBAQC6Lt5T7LuUpBeo+X/t3SL3sNDIBODNfKlDmZNuCxfD
KjWVlmPshrJA8+gpZJjVNTEII5scLZRhQOXbKjoRt8LioAdwJ7IqgO+C0xAJNwdf
KBFvf4ZRWdKabudKMuAof2oUIOAJtncCTkUVWrLQ9K/4EWxboFyieMDw2/2uE46e
WiYFhcQpVJchDfEDtnpb92sHGp6lLtw0Geg4jv41bU4XDYq9oqgZcARmc94VYpyx
7jLkOhE81x9/3fZZmX/8EC2j6727JodohNdCTVAQKZrnj+VfC1f0Ohhc6RsaSdcs
xIrYXtGDuMoPln5tuwzv59cKxOPj+3upPE2ayZXAy36V
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:07 2024 by rpki-client on console-fra.rpki-client.org