Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/h2XObRG6Su9T9RxmgJUFSKUJafM.roa
File: h2XObRG6Su9T9RxmgJUFSKUJafM.roa (raw, json)
Hash identifier: bv/wDb1DWxhVR4tjKicMLXZMi+cZ277V+dSwCf5dB/0=
Subject key identifier: 87:65:CE:6D:11:BA:4A:EF:53:F5:1C:66:80:95:05:48:A5:09:69:F3
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 01860DAA567F920D1A19B8C7F4978987CF96
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/h2XObRG6Su9T9RxmgJUFSKUJafM.roa
Signing time: Wed 01 Feb 2023 15:48:32 +0000
ROA not before: Wed 01 Feb 2023 15:48:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211183
IP address blocks: 79.133.183.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Jun 2023 14:53:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:aa:56:7f:92:0d:1a:19:b8:c7:f4:97:89:87:cf:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Feb 1 15:48:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8765ce6d11ba4aef53f51c6680950548a50969f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:01:75:27:07:36:56:76:e3:55:a6:63:50:c0:
33:41:d8:aa:55:6d:65:be:e2:9c:0d:5d:82:86:b5:
45:f5:0b:6b:c6:c6:9e:3c:09:e2:19:21:c3:9a:01:
01:fa:c7:9b:d7:3b:86:52:48:df:0e:90:4a:87:81:
85:a5:3a:b7:47:85:61:8a:b9:01:f6:82:71:bd:b3:
2b:06:e5:ed:d6:cb:13:f3:cf:53:72:58:0d:01:88:
05:e4:81:99:90:f6:b2:ba:41:6a:98:e3:d3:6d:d2:
12:9b:89:eb:ea:9a:e7:15:25:82:82:e2:a5:7b:fc:
9a:27:77:cc:c4:b4:4a:0e:fa:a9:ff:29:29:15:12:
3f:d0:0d:30:d9:bb:17:ca:34:f1:0c:a1:a1:df:21:
79:7a:44:b8:22:49:8c:66:49:d0:b7:76:bb:ca:2a:
d3:77:65:05:f2:8b:68:fa:de:8e:f8:bc:a6:1b:4d:
fd:d4:65:52:7c:f5:5d:bb:79:81:75:50:cf:e7:18:
3d:16:db:d9:5b:89:ca:7e:51:2b:94:2d:d8:98:4c:
7f:d7:8b:0e:a1:02:f9:4d:2d:ba:f3:04:4c:f7:1f:
7c:b1:c7:5c:e1:58:2a:ab:8a:02:65:e9:11:43:f2:
8b:54:e2:e0:e9:95:2e:32:d7:4e:62:46:6e:70:38:
d9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:65:CE:6D:11:BA:4A:EF:53:F5:1C:66:80:95:05:48:A5:09:69:F3
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/h2XObRG6Su9T9RxmgJUFSKUJafM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.181.0-79.133.183.255
91.200.84.0/24
185.240.103.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:54:84:6b:ca:0d:20:59:d0:5b:c1:d8:30:1b:24:06:20:8d:
df:04:0e:cc:f5:24:ef:54:c9:2c:45:07:ae:a8:a6:9a:7f:25:
7c:18:58:4b:a6:87:0b:8e:e7:9f:75:4a:22:43:b8:d1:6c:4e:
9b:0b:04:42:2a:1e:da:1f:ba:f6:59:7c:8c:c0:b8:b4:fe:2c:
9d:e0:14:d6:0a:39:f9:6c:eb:e0:1f:05:b7:eb:2f:06:a0:cb:
68:fc:9c:37:68:31:32:4d:97:81:57:a0:ff:b3:6f:22:02:96:
af:f7:ef:d3:1f:04:75:02:fc:60:25:a8:b1:d0:b6:f0:44:26:
78:ba:b2:75:39:92:3d:0e:f3:8b:4c:e0:d1:e8:ba:f4:fe:aa:
9a:a7:d3:ee:ff:7b:7a:39:d7:53:e6:96:eb:cc:a4:78:f1:b4:
f0:e6:04:68:9b:29:07:11:b8:dc:17:d6:68:98:3b:45:d8:5e:
04:1c:39:af:54:cd:36:60:eb:57:58:53:bc:92:48:64:14:c7:
a7:73:d4:ea:0d:4c:5d:64:36:d8:5c:a6:a1:96:6a:cc:dc:cd:
a5:9d:bf:9b:16:a5:15:50:2b:d7:aa:4f:a3:a8:45:5c:51:aa:
d2:ce:3f:8e:4e:8a:04:ef:75:08:00:70:3d:4e:b6:d3:59:8d:
56:72:bc:92
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYNqlZ/kg0aGbjH9JeJh8+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMwMjAxMTU0ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY1Y2U2ZDExYmE0YWVmNTNmNTFjNjY4MDk1MDU0OGE1MDk2OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigF1Jwc2VnbjVaZjUMAzQdiqVW1l
vuKcDV2ChrVF9QtrxsaePAniGSHDmgEB+seb1zuGUkjfDpBKh4GFpTq3R4VhirkB
9oJxvbMrBuXt1ssT889TclgNAYgF5IGZkPayukFqmOPTbdISm4nr6prnFSWCguKl
e/yaJ3fMxLRKDvqp/ykpFRI/0A0w2bsXyjTxDKGh3yF5ekS4IkmMZknQt3a7yirT
d2UF8oto+t6O+LymG0391GVSfPVdu3mBdVDP5xg9FtvZW4nKflErlC3YmEx/14sO
oQL5TS268wRM9x98scdc4Vgqq4oCZekRQ/KLVOLg6ZUuMtdOYkZucDjZDQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIdlzm0RukrvU/UcZoCVBUilCWnzMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvaDJYT2JSRzZTdTlUOVJ4bWdKVUZTS1VKYWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABPhbUD
BANPhbADBABbyFQDBAC58GcwDQYJKoZIhvcNAQELBQADggEBAC1UhGvKDSBZ0FvB
2DAbJAYgjd8EDsz1JO9UySxFB66oppp/JXwYWEumhwuO5591SiJDuNFsTpsLBEIq
HtofuvZZfIzAuLT+LJ3gFNYKOfls6+AfBbfrLwagy2j8nDdoMTJNl4FXoP+zbyIC
lq/379MfBHUC/GAlqLHQtvBEJni6snU5kj0O84tM4NHouvT+qpqn0+7/e3o511Pm
luvMpHjxtPDmBGibKQcRuNwX1miYO0XYXgQcOa9UzTZg61dYU7ySSGQUx6dz1OoN
TF1kNthcpqGWaszczaWdv5sWpRVQK9eqT6OoRVxRqtLOP45OigTvdQgAcD1OttNZ
jVZyvJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org