Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/hx5Ae64H5lxaCA_fiw3_HSWDBIA.roa
File: hx5Ae64H5lxaCA_fiw3_HSWDBIA.roa (raw, json)
Hash identifier: eLQfkJVsOuMaBw/mIGhKbhHPo8yMPXFvSfwLktvXan8=
Subject key identifier: 87:1E:40:7B:AE:07:E6:5C:5A:08:0F:DF:8B:0D:FF:1D:25:83:04:80
Certificate issuer: /CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Certificate serial: 018A3B7BBC2EBB1667896EF9477DB1B74F05
Authority key identifier: E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/hx5Ae64H5lxaCA_fiw3_HSWDBIA.roa
Signing time: Mon 28 Aug 2023 09:31:19 +0000
ROA not before: Mon 28 Aug 2023 09:31:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.238.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:7b:bc:2e:bb:16:67:89:6e:f9:47:7d:b1:b7:4f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Validity
Not Before: Aug 28 09:31:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=871e407bae07e65c5a080fdf8b0dff1d25830480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:64:93:3b:ee:58:3b:e7:fd:5c:68:57:5b:6d:
1c:76:34:a3:b9:58:27:59:bf:17:1d:e0:23:11:ce:
eb:cd:d1:3b:35:0a:ad:05:f0:03:f8:fb:81:5b:36:
51:96:9b:62:8e:e4:e8:e1:97:06:c5:89:db:1e:f5:
84:47:73:3c:b4:c1:ad:8a:04:b0:3e:fd:96:a8:03:
40:03:96:ce:f0:2a:01:35:38:0c:66:47:6b:53:c1:
19:d2:7d:08:c7:a2:b0:cf:50:f6:0a:ff:88:7a:7a:
ff:d3:77:fc:de:cc:30:a4:c1:81:d3:d8:1c:63:4f:
c6:97:2c:da:24:b0:92:c3:cf:ab:ca:fb:22:74:b1:
df:ba:90:c5:e0:2c:9c:e4:fc:6c:ce:01:1e:27:71:
89:fd:56:6c:3e:ce:25:7e:6b:4d:39:22:40:93:fa:
2a:9f:a8:08:3b:3f:7a:25:f2:9c:23:26:c2:a6:58:
06:48:75:e5:00:25:fc:86:ad:e8:43:b3:7c:06:6a:
5a:39:57:ea:2b:b4:af:db:15:c7:3d:ec:4e:fd:ef:
31:40:ac:f7:72:6d:cc:2a:2a:48:e9:17:b9:96:db:
8e:6c:7b:75:52:fc:64:1a:ed:04:8d:42:72:de:5e:
c0:7d:30:0a:7c:0f:35:e7:6b:20:88:a1:a0:3b:1a:
79:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1E:40:7B:AE:07:E6:5C:5A:08:0F:DF:8B:0D:FF:1D:25:83:04:80
X509v3 Authority Key Identifier:
keyid:E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/hx5Ae64H5lxaCA_fiw3_HSWDBIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/49CoS6s970HWqqkCjeekddMtEr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.141.0/24
Signature Algorithm: sha256WithRSAEncryption
28:e2:8c:ba:12:66:b3:ed:78:3b:cc:e8:38:53:b7:ff:1f:40:
69:40:f1:ed:9f:0d:de:0c:a1:bf:10:dd:a6:24:dc:dd:ef:ad:
2d:b7:50:4b:cf:7e:fc:a5:40:f9:de:b3:34:e8:5a:73:e3:b1:
d8:14:a8:42:49:e2:84:d4:ea:03:88:84:ae:0a:0e:8e:0b:9f:
33:5d:82:4f:fa:80:9d:8f:7d:06:53:7f:85:ce:d2:5a:0b:25:
f5:97:1a:47:46:06:e9:4d:c6:1f:d2:08:2a:4f:90:6d:ac:a6:
f6:bb:fc:4f:d8:03:52:4d:86:d5:ff:10:61:3c:ec:e4:26:27:
57:a7:ff:1d:3f:6b:6f:81:22:26:79:40:1b:11:3c:7c:3c:c1:
21:3f:ed:d3:68:22:4f:d5:25:40:92:b1:93:49:f3:65:cb:44:
6f:9c:7a:c1:31:3d:7b:f8:39:de:dc:3c:86:e3:89:5f:66:2d:
c7:a4:76:7a:72:b2:95:ad:51:49:a4:63:59:37:59:7a:f1:93:
4a:7e:4c:fc:12:d1:a7:0d:da:68:d6:4c:86:d3:a4:3d:d1:af:
ed:a0:fd:ec:40:7a:38:5f:36:5b:ba:78:04:fe:c0:a0:d9:d9:
bf:a7:3b:da:64:26:0b:49:de:e7:77:ac:2c:04:30:f8:53:17:
f2:d5:b0:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo7e7wuuxZniW75R32xt08FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDBhODRiYWIzZGVmNDFkNmFhYTkwMjhkZTdhNDc1ZDMy
ZDEyYmQwHhcNMjMwODI4MDkzMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFlNDA3YmFlMDdlNjVjNWEwODBmZGY4YjBkZmYxZDI1ODMwNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWSTO+5YO+f9XGhXW20cdjSjuVgn
Wb8XHeAjEc7rzdE7NQqtBfAD+PuBWzZRlptijuTo4ZcGxYnbHvWER3M8tMGtigSw
Pv2WqANAA5bO8CoBNTgMZkdrU8EZ0n0Ix6Kwz1D2Cv+Ienr/03f83swwpMGB09gc
Y0/GlyzaJLCSw8+ryvsidLHfupDF4Cyc5PxszgEeJ3GJ/VZsPs4lfmtNOSJAk/oq
n6gIOz96JfKcIybCplgGSHXlACX8hq3oQ7N8BmpaOVfqK7Sv2xXHPexO/e8xQKz3
cm3MKipI6Re5ltuObHt1UvxkGu0EjUJy3l7AfTAKfA8152sgiKGgOxp5XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIceQHuuB+ZcWggP34sN/x0lgwSAMB8GA1UdIwQY
MBaAFOPQqEurPe9B1qqpAo3npHXTLRK9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTkt
MTBlYjhhZGZlYTdlLzEvaHg1QWU2NEg1bHhhQ0FfZml3M19IU1dEQklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTktMTBlYjhhZGZlYTdl
LzEvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6NMA0G
CSqGSIb3DQEBCwUAA4IBAQAo4oy6Emaz7Xg7zOg4U7f/H0BpQPHtnw3eDKG/EN2m
JNzd760tt1BLz378pUD53rM06Fpz47HYFKhCSeKE1OoDiISuCg6OC58zXYJP+oCd
j30GU3+FztJaCyX1lxpHRgbpTcYf0ggqT5BtrKb2u/xP2ANSTYbV/xBhPOzkJidX
p/8dP2tvgSImeUAbETx8PMEhP+3TaCJP1SVAkrGTSfNly0RvnHrBMT17+Dne3DyG
44lfZi3HpHZ6crKVrVFJpGNZN1l68ZNKfkz8EtGnDdpo1kyG06Q90a/toP3sQHo4
XzZbungE/sCg2dm/pzvaZCYLSd7nd6wsBDD4Uxfy1bDB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:04 2024 by rpki-client on console-ams.rpki-client.org