Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/s0h8lp-VDBEfTlr7Tznzlmt_MHE.roa
File: s0h8lp-VDBEfTlr7Tznzlmt_MHE.roa (raw, json)
Hash identifier: 03LhOGxOiMJJ3Evmpk4NoXkkHBBo5OT3KLfx1o1rL+0=
Subject key identifier: B3:48:7C:96:9F:95:0C:11:1F:4E:5A:FB:4F:39:F3:96:6B:7F:30:71
Certificate issuer: /CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Certificate serial: 01856F79A35EFB5B76DD13A576393F98C3C4
Authority key identifier: 52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/s0h8lp-VDBEfTlr7Tznzlmt_MHE.roa
Signing time: Sun 01 Jan 2023 22:35:20 +0000
ROA not before: Sun 01 Jan 2023 22:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35322
IP address blocks: 193.239.230.0/24 maxlen: 24
193.239.230.0/23 maxlen: 23
91.192.140.0/22 maxlen: 22
91.192.141.0/24 maxlen: 24
91.192.142.0/24 maxlen: 24
91.192.143.0/24 maxlen: 24
91.192.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:a3:5e:fb:5b:76:dd:13:a5:76:39:3f:98:c3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Validity
Not Before: Jan 1 22:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3487c969f950c111f4e5afb4f39f3966b7f3071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:a5:17:0f:52:0d:71:91:7b:1e:96:cc:6d:
4d:9b:1f:16:54:f7:5c:ee:80:03:c6:7e:af:64:fa:
46:32:02:c3:41:37:0b:86:07:9e:da:bd:1e:d8:95:
a7:e6:9f:1f:25:a5:fd:04:57:23:f3:cb:30:51:2c:
e1:6f:4b:df:18:69:a0:6e:a4:b9:1b:89:c1:c6:0e:
1a:d0:ad:61:7e:5d:91:2d:df:30:9f:49:de:41:15:
84:96:f4:95:67:08:5e:03:3f:09:76:63:7e:4b:33:
7a:aa:89:3f:9e:ad:fa:f4:09:2e:77:71:43:c8:d0:
ab:6c:08:a6:f1:69:d8:55:e6:dc:10:33:c4:45:4c:
9d:aa:d0:df:38:3f:68:f4:1c:ce:ad:e6:54:f4:c5:
13:b3:06:64:23:fa:b1:c1:c8:cb:e8:24:ad:a1:e5:
e9:d0:03:ca:69:79:14:64:95:72:88:97:6e:41:c2:
2f:8a:6b:56:fb:67:b1:40:f5:7a:83:eb:71:ee:1c:
d4:cd:e4:b7:3b:16:4b:61:7c:94:a6:42:b2:c7:42:
4b:df:44:59:d5:4a:3a:f5:d0:be:a0:bb:f2:b3:fc:
e0:a3:1d:7e:88:de:3a:c3:51:3e:c3:20:bd:c3:b8:
0d:8d:3c:84:9e:71:ef:26:79:bc:74:ea:9d:ee:c9:
53:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:48:7C:96:9F:95:0C:11:1F:4E:5A:FB:4F:39:F3:96:6B:7F:30:71
X509v3 Authority Key Identifier:
keyid:52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/s0h8lp-VDBEfTlr7Tznzlmt_MHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.140.0/22
193.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:22:3f:77:ff:89:03:cd:88:ab:5e:56:53:5e:f7:08:3d:d5:
ea:37:e6:d5:ba:54:f3:02:97:96:b0:9d:be:4d:17:45:bf:ee:
f1:54:8c:a4:f7:48:eb:21:30:b6:88:29:be:2a:0a:11:5c:13:
38:ca:3d:f9:d4:38:9c:72:7d:b8:27:e8:72:2d:d7:7c:34:4b:
91:0c:a1:61:2d:72:d9:66:5f:27:5d:60:33:61:52:f6:da:19:
6a:87:50:27:fa:a2:87:9e:ed:9a:9d:0d:e6:f8:4d:58:b1:ef:
fa:01:1c:65:b2:db:5a:a3:7d:40:95:53:60:2a:34:26:61:d1:
59:7d:df:4e:dd:0a:84:06:6c:7c:e6:46:ba:32:85:f6:44:04:
b4:7c:5b:38:6b:dd:ab:af:be:73:70:10:b4:75:ea:0c:f7:df:
8e:ff:ee:1e:3e:91:41:85:16:64:60:1a:aa:bf:a5:21:7b:b9:
76:a4:de:b7:6c:ea:23:a6:b1:5c:26:1f:90:9a:9d:1a:67:dd:
b6:8b:e4:34:6c:f2:52:dd:e5:f9:0a:c2:58:32:91:8e:ca:6a:
8c:48:36:58:c0:5a:b3:ec:1b:f8:91:84:6a:8b:1a:cb:40:49:
d3:63:3a:08:15:56:00:e1:9b:0a:d9:5e:5a:6a:16:58:55:43:
f9:b8:87:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveaNe+1t23ROldjk/mMPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmFiNmQzNjBlOTNkOThmY2U5ZTc4ODhlNTY0YmQ0NjRl
ODllOGEwHhcNMjMwMTAxMjIzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ4N2M5NjlmOTUwYzExMWY0ZTVhZmI0ZjM5ZjM5NjZiN2YzMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotKlFw9SDXGRex6WzG1Nmx8WVPdc
7oADxn6vZPpGMgLDQTcLhgee2r0e2JWn5p8fJaX9BFcj88swUSzhb0vfGGmgbqS5
G4nBxg4a0K1hfl2RLd8wn0neQRWElvSVZwheAz8JdmN+SzN6qok/nq369Akud3FD
yNCrbAim8WnYVebcEDPERUydqtDfOD9o9BzOreZU9MUTswZkI/qxwcjL6CStoeXp
0APKaXkUZJVyiJduQcIvimtW+2exQPV6g+tx7hzUzeS3OxZLYXyUpkKyx0JL30RZ
1Uo69dC+oLvys/zgox1+iN46w1E+wyC9w7gNjTyEnnHvJnm8dOqd7slTdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLNIfJaflQwRH05a+08585ZrfzBxMB8GA1UdIwQY
MBaAFFK6ttNg6T2Y/OnniI5WS9Rk6J6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYt
MmZkZmUzNTA3YTJmLzEvczBoOGxwLVZEQkVmVGxyN1R6bnpsbXRfTUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYtMmZkZmUzNTA3YTJm
LzEvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8CMAwQB
we/mMA0GCSqGSIb3DQEBCwUAA4IBAQAuIj93/4kDzYirXlZTXvcIPdXqN+bVulTz
ApeWsJ2+TRdFv+7xVIyk90jrITC2iCm+KgoRXBM4yj351Diccn24J+hyLdd8NEuR
DKFhLXLZZl8nXWAzYVL22hlqh1An+qKHnu2anQ3m+E1Yse/6ARxlsttao31AlVNg
KjQmYdFZfd9O3QqEBmx85ka6MoX2RAS0fFs4a92rr75zcBC0deoM99+O/+4ePpFB
hRZkYBqqv6Uhe7l2pN63bOojprFcJh+Qmp0aZ922i+Q0bPJS3eX5CsJYMpGOymqM
SDZYwFqz7Bv4kYRqixrLQEnTYzoIFVYA4ZsK2V5aahZYVUP5uIef
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org