Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/hlR08bj5QfyFcLTVlQreVVZqrEU.roa
File: hlR08bj5QfyFcLTVlQreVVZqrEU.roa (raw, json)
Hash identifier: EQeW6z+7rmcCg7Ta2pfU2GdyIUSIFMncjT4N9J2hcmg=
Subject key identifier: 86:54:74:F1:B8:F9:41:FC:85:70:B4:D5:95:0A:DE:55:56:6A:AC:45
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018B19F9FEA987D269542906E1D166230842
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/hlR08bj5QfyFcLTVlQreVVZqrEU.roa
Signing time: Tue 10 Oct 2023 14:24:55 +0000
ROA not before: Tue 10 Oct 2023 14:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212602
IP address blocks: 5.180.113.0/24 maxlen: 24
5.133.114.0/24 maxlen: 24
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 Nov 2023 14:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:f9:fe:a9:87:d2:69:54:29:06:e1:d1:66:23:08:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Oct 10 14:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=865474f1b8f941fc8570b4d5950ade55566aac45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:dc:a0:f5:76:6f:0b:d7:6f:dd:72:ab:50:
90:de:4d:50:c1:21:7c:60:75:a6:49:80:a5:20:2b:
88:4d:e4:45:99:95:c5:60:90:99:4f:b4:31:c3:9a:
df:51:49:d3:e5:b0:47:ee:f6:02:12:30:57:5a:ac:
ab:c0:2a:bf:61:02:c7:1e:c5:dc:53:d4:c4:e0:c0:
da:76:38:ce:44:c1:e8:c2:2e:d2:31:6c:c5:45:f7:
80:85:17:1d:74:94:0f:38:f6:75:54:96:e3:a4:14:
3b:04:a6:f3:ba:f3:bf:d8:be:4a:f1:0e:fb:b3:85:
eb:97:a2:94:28:4d:29:19:9c:75:a6:e2:0d:64:bc:
ba:e6:e5:9d:71:6f:35:53:37:c9:83:f1:8a:c5:4f:
1d:01:96:6a:cd:03:b8:24:fd:9a:0a:32:80:01:82:
28:4b:0f:69:91:5c:f2:5a:68:cf:ab:ac:53:51:35:
29:0d:5f:af:e4:a2:f2:b2:4f:1e:b7:32:cb:56:6c:
9e:25:ff:ea:59:8f:d7:14:b9:1c:d1:b4:de:fb:91:
86:24:78:5b:9d:be:16:ef:a7:2d:8f:1f:00:93:46:
e9:30:36:d2:22:d5:ec:0b:d0:0a:de:ac:ae:ad:6b:
89:1e:15:88:89:b9:b0:75:34:29:f8:68:50:6b:b6:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:54:74:F1:B8:F9:41:FC:85:70:B4:D5:95:0A:DE:55:56:6A:AC:45
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/hlR08bj5QfyFcLTVlQreVVZqrEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.113.0/24
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
b2:0a:27:66:a4:bb:c9:80:66:d0:bc:a6:86:21:8a:b4:ce:c1:
d1:6e:f1:05:b9:8e:b6:f6:a1:3e:10:9f:24:08:c8:12:a4:d9:
9c:45:31:e4:e6:e3:99:45:db:c7:56:ae:dd:c1:37:57:9e:0c:
6c:30:92:aa:2a:bf:10:dc:53:32:5b:af:6b:2b:da:1f:25:99:
02:61:1d:7f:70:66:63:d7:e7:6c:b7:aa:fe:11:f3:3d:67:f1:
ce:aa:bd:99:08:69:36:dc:bc:21:a1:30:c7:b6:f6:bd:2a:35:
c3:e8:a2:18:a3:c6:09:fe:73:52:51:33:06:c5:e4:79:54:4d:
c4:b0:85:9b:07:e3:c4:b1:97:fa:00:90:34:da:23:0c:d2:c4:
10:ad:06:17:a4:0f:2b:cb:7e:0d:a5:16:4a:a2:34:f8:22:ba:
c5:9b:a5:d7:be:d6:da:a8:7c:97:45:d8:fd:8c:7a:3d:7c:1a:
3d:40:ea:21:74:c2:01:4a:0e:4a:8a:23:bb:d8:04:d1:82:3b:
eb:70:1f:e1:2b:c6:6c:f1:56:3a:7f:a9:5a:74:c2:f7:4e:ca:
32:f1:2e:fc:f9:51:57:6b:91:3b:81:3e:6c:56:10:44:53:85:
87:c8:11:1c:87:b0:ec:86:b3:e3:45:42:c5:4a:25:31:d2:a3:
3a:45:fb:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYsZ+f6ph9JpVCkG4dFmIwhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjMxMDEwMTQyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU0NzRmMWI4Zjk0MWZjODU3MGI0ZDU5NTBhZGU1NTU2NmFhYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjcoPV2bwvXb91yq1CQ3k1QwSF8
YHWmSYClICuITeRFmZXFYJCZT7Qxw5rfUUnT5bBH7vYCEjBXWqyrwCq/YQLHHsXc
U9TE4MDadjjORMHowi7SMWzFRfeAhRcddJQPOPZ1VJbjpBQ7BKbzuvO/2L5K8Q77
s4Xrl6KUKE0pGZx1puINZLy65uWdcW81UzfJg/GKxU8dAZZqzQO4JP2aCjKAAYIo
Sw9pkVzyWmjPq6xTUTUpDV+v5KLysk8etzLLVmyeJf/qWY/XFLkc0bTe+5GGJHhb
nb4W76ctjx8Ak0bpMDbSItXsC9AK3qyurWuJHhWIibmwdTQp+GhQa7YXMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIZUdPG4+UH8hXC01ZUK3lVWaqxFMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvaGxSMDhiajVRZnlGY0xUVmxRcmVWVlpxckVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABYVyAwQA
BbRxMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCyCidmpLvJgGbQ
vKaGIYq0zsHRbvEFuY629qE+EJ8kCMgSpNmcRTHk5uOZRdvHVq7dwTdXngxsMJKq
Kr8Q3FMyW69rK9ofJZkCYR1/cGZj1+dst6r+EfM9Z/HOqr2ZCGk23LwhoTDHtva9
KjXD6KIYo8YJ/nNSUTMGxeR5VE3EsIWbB+PEsZf6AJA02iMM0sQQrQYXpA8ry34N
pRZKojT4IrrFm6XXvtbaqHyXRdj9jHo9fBo9QOohdMIBSg5KiiO72ATRgjvrcB/h
K8Zs8VY6f6ladML3Tsoy8S78+VFXa5E7gT5sVhBEU4WHyBEch7DshrPjRULFSiUx
0qM6RftI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:39 2024 by rpki-client on console-ams.rpki-client.org