Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/hOTK7xboGVdi2iLJ66zMFiyWOcQ.roa
File: hOTK7xboGVdi2iLJ66zMFiyWOcQ.roa (raw, json)
Hash identifier: n2UDuUkVE4zs17XNX5j4GYPArrweh1HHXNI46LmC2X8=
Subject key identifier: 84:E4:CA:EF:16:E8:19:57:62:DA:22:C9:EB:AC:CC:16:2C:96:39:C4
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01856E1454DC7B0BF5596CC65EFAD9032278
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/hOTK7xboGVdi2iLJ66zMFiyWOcQ.roa
Signing time: Sun 01 Jan 2023 16:05:04 +0000
ROA not before: Sun 01 Jan 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201071
IP address blocks: 217.147.125.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.120.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
92.249.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Feb 2023 13:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:54:dc:7b:0b:f5:59:6c:c6:5e:fa:d9:03:22:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84e4caef16e8195762da22c9ebaccc162c9639c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:eb:7e:6d:75:13:b8:3e:da:88:0a:ee:03:
86:ca:0c:7d:e3:79:c9:3b:cd:18:52:d1:b1:99:c8:
15:da:5b:82:14:5d:13:c6:df:c4:84:2e:8d:7d:8b:
14:c9:82:05:b9:43:33:b4:93:56:17:38:32:55:ad:
d8:ba:c1:09:6b:74:28:be:13:72:88:9e:28:c9:2a:
84:44:51:e6:5b:59:02:f7:ef:bd:bf:2c:c4:10:ce:
f6:31:b6:ef:53:db:ed:c4:5e:93:4e:87:08:24:b7:
c5:06:48:b0:2b:d8:85:66:72:6a:4d:5b:db:3c:a5:
89:f5:a1:94:93:19:02:ad:00:1c:af:6b:8a:3a:ee:
99:dc:e7:ba:a3:4a:45:40:c3:e0:dc:e4:e0:bd:70:
e1:20:b7:69:67:63:71:a3:7c:94:20:81:32:b0:1b:
48:81:1b:7a:88:6e:19:09:bd:4f:01:fb:35:6e:df:
a3:58:f9:31:39:b0:24:4f:44:9d:44:f6:fa:09:ed:
73:2d:ea:86:cd:d0:5b:e0:05:92:ab:3b:e2:60:16:
d4:aa:d7:68:e0:4f:79:91:1b:01:e5:f8:e2:f5:64:
11:0f:f9:15:95:c6:26:f0:96:5c:4c:c1:07:16:ac:
c7:22:99:5f:55:ca:30:e3:65:c0:7e:3b:db:d7:55:
b1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E4:CA:EF:16:E8:19:57:62:DA:22:C9:EB:AC:CC:16:2C:96:39:C4
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/hOTK7xboGVdi2iLJ66zMFiyWOcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.120.0/23
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:2e:81:c5:c2:07:2d:65:80:22:fb:9d:fe:52:29:93:11:72:
0a:00:cd:90:21:7d:8f:58:ee:1e:5a:93:75:8f:71:10:e6:aa:
47:59:1d:71:9e:c9:25:2c:d8:78:57:7c:63:83:d5:ae:14:d8:
cf:ba:0e:5a:98:b7:f5:e9:d4:a4:8b:4b:60:a8:09:c1:df:07:
cc:a5:93:bb:f3:6f:28:09:2a:28:f8:4d:23:4d:2a:18:5b:44:
2a:16:8c:ef:75:a3:0c:0d:b9:85:0b:96:b6:60:ae:1f:3e:90:
26:5b:3f:f8:81:dd:12:7f:9a:8a:c4:0b:9c:d3:fb:ac:d0:23:
24:e2:5c:9b:f0:03:be:87:c3:20:cf:cf:27:2e:6e:ba:53:3c:
f4:f5:44:3d:7d:dc:84:a6:82:1a:42:d0:0f:9e:56:a5:c4:56:
f2:db:3d:9c:6d:23:bc:58:5e:db:22:be:d9:04:0d:97:f9:d7:
ce:4d:94:0d:9f:59:81:d7:f6:a9:1b:03:79:dc:b5:41:af:ff:
0e:e4:0e:22:da:a9:21:dc:6d:a1:41:69:1b:aa:a7:b3:c6:1a:
c8:7a:43:65:06:b4:35:e8:c9:e2:ea:f5:a2:a9:e1:20:77:07:
4b:d7:c2:82:7b:32:96:ed:76:33:1a:58:7c:e2:b5:e9:8d:c5:
96:01:64:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuFFTcewv1WWzGXvrZAyJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjMwMTAxMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGU0Y2FlZjE2ZTgxOTU3NjJkYTIyYzllYmFjY2MxNjJjOTYzOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWbrfm11E7g+2ogK7gOGygx943nJ
O80YUtGxmcgV2luCFF0Txt/EhC6NfYsUyYIFuUMztJNWFzgyVa3YusEJa3QovhNy
iJ4oySqERFHmW1kC9++9vyzEEM72MbbvU9vtxF6TTocIJLfFBkiwK9iFZnJqTVvb
PKWJ9aGUkxkCrQAcr2uKOu6Z3Oe6o0pFQMPg3OTgvXDhILdpZ2Nxo3yUIIEysBtI
gRt6iG4ZCb1PAfs1bt+jWPkxObAkT0SdRPb6Ce1zLeqGzdBb4AWSqzviYBbUqtdo
4E95kRsB5fji9WQRD/kVlcYm8JZcTMEHFqzHIplfVcow42XAfjvb11Wx5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITkyu8W6BlXYtoiyeuszBYsljnEMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEvaE9USzd4Ym9HVmRpMmlMSjY2ek1GaXlXT2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXPkFAwQB
2ZN4AwQC2ZN8MA0GCSqGSIb3DQEBCwUAA4IBAQC5LoHFwgctZYAi+53+UimTEXIK
AM2QIX2PWO4eWpN1j3EQ5qpHWR1xnsklLNh4V3xjg9WuFNjPug5amLf16dSki0tg
qAnB3wfMpZO7828oCSoo+E0jTSoYW0QqFozvdaMMDbmFC5a2YK4fPpAmWz/4gd0S
f5qKxAuc0/us0CMk4lyb8AO+h8Mgz88nLm66Uzz09UQ9fdyEpoIaQtAPnlalxFby
2z2cbSO8WF7bIr7ZBA2X+dfOTZQNn1mB1/apGwN53LVBr/8O5A4i2qkh3G2hQWkb
qqezxhrIekNlBrQ16Mni6vWiqeEgdwdL18KCezKW7XYzGlh84rXpjcWWAWQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org