Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1EhUfdtv1B0TRFPVU5W_hi3hwK4.roa
File: 1EhUfdtv1B0TRFPVU5W_hi3hwK4.roa (raw, json)
Hash identifier: XU8uREqtdibpn7Lb0C4qDqrZcO0C+2fgAd/qARnR1rY=
Subject key identifier: D4:48:54:7D:DB:6F:D4:1D:13:44:53:D5:53:95:BF:86:2D:E1:C0:AE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D115552665975AFC833A37CBD71E808F6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1EhUfdtv1B0TRFPVU5W_hi3hwK4.roa
Signing time: Tue 16 Jan 2024 08:13:40 +0000
ROA not before: Tue 16 Jan 2024 08:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 149.126.88.0/22 maxlen: 22
5.102.96.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
31.186.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:55:52:66:59:75:af:c8:33:a3:7c:bd:71:e8:08:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 16 08:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d448547ddb6fd41d134453d55395bf862de1c0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:cb:a0:67:f7:1e:c9:44:08:3d:00:b0:a4:
da:19:de:1c:2c:c1:5b:dd:89:bf:2a:19:86:db:de:
ee:04:70:8a:c5:75:e5:97:37:38:2a:7e:47:37:18:
ee:a2:1d:9a:80:e3:93:b4:8a:53:c6:a1:25:c6:52:
59:9c:c6:89:e9:6f:bb:22:f1:74:54:3c:79:b0:ca:
8c:a0:16:71:ff:18:06:3e:80:ee:8d:ae:13:07:4e:
28:58:9f:84:c5:15:d8:3e:a9:91:39:10:21:44:46:
ba:e3:62:cd:9c:24:d5:8b:8b:08:58:a1:4f:d0:0b:
46:3b:27:07:0c:09:df:e9:9b:b3:69:5d:28:3e:88:
15:2f:4a:8b:0e:e9:08:8a:4e:f8:f3:e6:25:e0:79:
44:47:39:6d:3f:9d:e7:c0:5a:4b:c4:67:b9:dc:9e:
3a:41:b6:56:44:0e:f9:25:b0:8e:53:1c:63:1b:5c:
9e:b7:5d:fe:7a:c6:72:9a:95:5e:3e:76:03:67:c3:
d9:85:36:f3:97:78:aa:4c:a9:a4:69:63:42:d8:69:
78:b4:de:fe:60:ec:ec:35:e0:83:cd:df:e9:a7:d7:
b2:6c:09:3a:ac:67:52:c3:54:07:6e:8c:30:30:d4:
46:e0:fe:06:b5:64:6c:92:88:09:b5:74:fb:53:c7:
9f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:48:54:7D:DB:6F:D4:1D:13:44:53:D5:53:95:BF:86:2D:E1:C0:AE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1EhUfdtv1B0TRFPVU5W_hi3hwK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
5.102.120.0/22
31.186.180.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:da:e4:e8:3d:25:e2:c9:08:6b:a7:8b:39:08:b4:40:fe:05:
5d:02:01:d5:bb:5d:7c:3c:1e:2a:56:0a:1d:07:69:e4:b5:d8:
83:79:67:7e:44:d5:4f:fb:73:d9:79:5b:c1:22:7d:93:0d:5a:
9c:f0:3a:aa:e8:e6:49:4c:62:48:98:e1:c2:2c:36:11:86:2c:
5b:59:1d:9d:1f:99:62:3c:74:79:04:08:72:f9:7e:a6:1a:42:
de:cf:03:84:6e:15:d5:57:1b:a1:03:91:35:06:58:51:96:b3:
bf:e2:e6:73:89:0e:6c:3e:2d:f9:c0:6f:2d:8e:77:f1:dd:05:
12:df:fd:ab:0e:59:fd:6e:02:9d:3c:ae:54:48:75:ab:eb:be:
95:67:9a:4d:3c:c6:3f:f4:20:77:af:62:80:7a:b6:5e:11:cc:
78:38:9d:3d:17:36:f3:1e:a3:d9:19:48:3f:2c:9f:d1:9a:25:
57:ad:a0:40:06:a7:f4:b7:03:be:ab:38:c5:d5:88:1c:eb:b9:
54:60:89:86:d9:a3:ad:53:d7:d8:92:4d:36:da:0d:ad:04:e5:
7e:7d:8d:f3:62:99:84:ad:7e:57:ce:8e:60:79:bc:b5:16:be:
56:07:97:fe:e8:c2:66:5b:24:cd:6f:5b:0d:3b:4e:f7:0d:f3:
d0:db:ec:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0RVVJmWXWvyDOjfL1x6Aj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTE2MDgxMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ4NTQ3ZGRiNmZkNDFkMTM0NDUzZDU1Mzk1YmY4NjJkZTFjMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRnLoGf3HslECD0AsKTaGd4cLMFb
3Ym/KhmG297uBHCKxXXllzc4Kn5HNxjuoh2agOOTtIpTxqElxlJZnMaJ6W+7IvF0
VDx5sMqMoBZx/xgGPoDuja4TB04oWJ+ExRXYPqmRORAhREa642LNnCTVi4sIWKFP
0AtGOycHDAnf6ZuzaV0oPogVL0qLDukIik748+Yl4HlERzltP53nwFpLxGe53J46
QbZWRA75JbCOUxxjG1yet13+esZympVePnYDZ8PZhTbzl3iqTKmkaWNC2Gl4tN7+
YOzsNeCDzd/pp9eybAk6rGdSw1QHbowwMNRG4P4GtWRskogJtXT7U8efBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNRIVH3bb9QdE0RT1VOVv4Yt4cCuMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMUVoVWZkdHYxQjBUUkZQVlU1V19oaTNod0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWZgAwQC
BWZ4AwQCH7q0AwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQCc2uToPSXiyQhrp4s5
CLRA/gVdAgHVu118PB4qVgodB2nktdiDeWd+RNVP+3PZeVvBIn2TDVqc8Dqq6OZJ
TGJImOHCLDYRhixbWR2dH5liPHR5BAhy+X6mGkLezwOEbhXVVxuhA5E1BlhRlrO/
4uZziQ5sPi35wG8tjnfx3QUS3/2rDln9bgKdPK5USHWr676VZ5pNPMY/9CB3r2KA
erZeEcx4OJ09FzbzHqPZGUg/LJ/RmiVXraBABqf0twO+qzjF1Ygc67lUYImG2aOt
U9fYkk022g2tBOV+fY3zYpmErX5Xzo5geby1Fr5WB5f+6MJmWyTNb1sNO073DfPQ
2+xr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org