Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hawMO0jVWjnsWlKh3Gv0dhGYcNQ.roa
File: hawMO0jVWjnsWlKh3Gv0dhGYcNQ.roa (raw, json)
Hash identifier: MDtTam6iP5EDCWzqxZUJyRKjxJqWJr18ozYmGnDGxbg=
Subject key identifier: 85:AC:0C:3B:48:D5:5A:39:EC:5A:52:A1:DC:6B:F4:76:11:98:70:D4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01907E6755E33D3551B5601C1F3CFD730801
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hawMO0jVWjnsWlKh3Gv0dhGYcNQ.roa
Signing time: Thu 04 Jul 2024 15:40:19 +0000
ROA not before: Thu 04 Jul 2024 15:40:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215350
IP address blocks: 217.60.236.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 11:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:67:55:e3:3d:35:51:b5:60:1c:1f:3c:fd:73:08:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 4 15:40:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85ac0c3b48d55a39ec5a52a1dc6bf476119870d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d9:ba:d8:fe:4d:bb:ef:36:09:43:4c:cc:6a:
7f:18:de:78:91:c6:e7:5e:54:94:6f:d5:8a:69:04:
13:4d:00:53:5b:71:a9:19:a9:f6:0d:91:80:90:e1:
8d:8f:f9:dc:55:9c:4d:8f:6f:83:e1:52:55:9d:1d:
a8:3b:ca:67:39:51:a0:69:88:65:7a:24:29:37:e0:
8e:ef:81:81:f3:f6:4e:d8:9d:e7:84:50:d4:3e:6f:
f5:ea:38:35:0b:2d:c3:ca:b3:40:21:91:94:f7:e6:
e7:b0:43:a3:ab:c7:87:92:7e:fe:68:96:53:3c:4b:
3f:af:e6:1d:c7:07:f9:a3:f7:64:5b:cd:35:7e:de:
24:e1:85:28:b4:a4:56:30:de:c1:d0:6a:6f:d7:e4:
cd:d0:34:ae:76:15:40:3b:e8:47:01:ff:32:8c:12:
c4:2e:92:ae:11:fc:15:60:66:f8:e3:63:f2:0a:40:
5a:9d:7d:35:1c:77:ad:aa:e9:d4:6e:00:06:2c:48:
c3:da:ea:c5:4c:a0:59:f3:a1:50:d7:80:3b:3a:66:
9f:e5:e5:1a:da:fd:6c:e8:7a:7c:82:86:9a:4f:e6:
91:0a:c6:ba:a8:85:fe:24:45:c2:60:7c:2d:cf:86:
67:60:a2:33:10:73:8f:cb:bb:77:1c:d0:87:be:22:
52:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AC:0C:3B:48:D5:5A:39:EC:5A:52:A1:DC:6B:F4:76:11:98:70:D4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hawMO0jVWjnsWlKh3Gv0dhGYcNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.236.0/24
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
85:6d:9b:a4:de:64:3c:1b:5c:d6:f9:ee:91:b0:57:10:89:d7:
9d:c3:a6:c1:23:05:16:53:d2:cc:c0:fe:e3:13:e9:0f:8c:da:
2d:e0:da:99:6f:29:77:07:5f:1e:e6:e5:f6:5a:94:fe:f3:ff:
b6:2a:16:00:99:a9:98:10:f4:c0:8d:8b:33:c1:65:e2:fd:d3:
6c:03:a4:2c:2f:4a:ba:f5:08:57:09:44:a4:7b:d1:84:8f:23:
a7:13:f7:4b:de:ae:7d:ee:e0:06:f1:02:0b:8d:85:ad:b5:42:
03:74:12:61:89:52:e1:7f:46:cf:d1:e4:56:4b:8e:bc:40:7d:
7c:51:85:c5:58:e7:56:9a:38:8c:8d:26:a2:25:c1:ea:95:43:
fc:c5:ea:12:9d:d4:5c:e6:67:35:ec:94:55:ad:d6:8e:04:6c:
27:c5:f2:2b:73:ba:f2:74:d1:53:b8:ab:7d:30:82:92:ae:2b:
70:1b:ca:be:7c:cb:fb:bd:03:03:d7:12:c1:cb:8c:31:00:5e:
bc:41:eb:85:3c:12:73:c4:57:18:82:e9:14:38:fd:e6:22:7b:
a2:b4:b5:21:0b:2b:cb:f3:62:e2:4d:2b:a5:64:6f:ba:fd:7f:
d0:56:03:a4:59:e8:0e:dc:75:36:8e:e4:c1:5d:54:f4:3a:b7:
39:d2:90:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZB+Z1XjPTVRtWAcHzz9cwgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwNzA0MTU0MDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFjMGMzYjQ4ZDU1YTM5ZWM1YTUyYTFkYzZiZjQ3NjExOTg3MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntm62P5Nu+82CUNMzGp/GN54kcbn
XlSUb9WKaQQTTQBTW3GpGan2DZGAkOGNj/ncVZxNj2+D4VJVnR2oO8pnOVGgaYhl
eiQpN+CO74GB8/ZO2J3nhFDUPm/16jg1Cy3DyrNAIZGU9+bnsEOjq8eHkn7+aJZT
PEs/r+Ydxwf5o/dkW801ft4k4YUotKRWMN7B0Gpv1+TN0DSudhVAO+hHAf8yjBLE
LpKuEfwVYGb442PyCkBanX01HHetqunUbgAGLEjD2urFTKBZ86FQ14A7Omaf5eUa
2v1s6Hp8goaaT+aRCsa6qIX+JEXCYHwtz4ZnYKIzEHOPy7t3HNCHviJSzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWsDDtI1Vo57FpSodxr9HYRmHDUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaGF3TU8walZXam5zV2xLaDNHdjBkaEdZY05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2TzsAwQA
2Tz4MA0GCSqGSIb3DQEBCwUAA4IBAQCFbZuk3mQ8G1zW+e6RsFcQidedw6bBIwUW
U9LMwP7jE+kPjNot4NqZbyl3B18e5uX2WpT+8/+2KhYAmamYEPTAjYszwWXi/dNs
A6QsL0q69QhXCUSke9GEjyOnE/dL3q597uAG8QILjYWttUIDdBJhiVLhf0bP0eRW
S468QH18UYXFWOdWmjiMjSaiJcHqlUP8xeoSndRc5mc17JRVrdaOBGwnxfIrc7ry
dNFTuKt9MIKSritwG8q+fMv7vQMD1xLBy4wxAF68QeuFPBJzxFcYgukUOP3mInui
tLUhCyvL82LiTSulZG+6/X/QVgOkWegO3HU2juTBXVT0Orc50pAe
-----END CERTIFICATE-----
Generated at Sun Jul 28 14:05:03 2024 by rpki-client on console-fra.rpki-client.org