Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HJ04w9fwnrIsa67g2Uvv6mVfTEA.roa
File: HJ04w9fwnrIsa67g2Uvv6mVfTEA.roa (raw, json)
Hash identifier: 2l20/0N7IHhxClHP51WViJRa8Omxcy2lnkX16j7OCPg=
Subject key identifier: 1C:9D:38:C3:D7:F0:9E:B2:2C:6B:AE:E0:D9:4B:EF:EA:65:5F:4C:40
Certificate issuer: /CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Certificate serial: 01856E2662A07329D98539C9A6BDDE261B8E
Authority key identifier: 8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HJ04w9fwnrIsa67g2Uvv6mVfTEA.roa
Signing time: Sun 01 Jan 2023 16:24:47 +0000
ROA not before: Sun 01 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199143
IP address blocks: 5.158.217.0/24 maxlen: 24
5.158.216.0/24 maxlen: 24
5.158.219.0/24 maxlen: 24
5.158.218.0/24 maxlen: 24
5.158.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:62:a0:73:29:d9:85:39:c9:a6:bd:de:26:1b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37
Validity
Not Before: Jan 1 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c9d38c3d7f09eb22c6baee0d94befea655f4c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:4b:6f:92:2b:d0:4d:a3:b8:82:62:c0:47:
3f:4a:41:a4:11:7f:f9:91:3f:7a:04:bd:0a:cb:1a:
4a:5a:ee:5d:52:c8:a4:bd:f2:99:44:9c:3c:22:96:
79:ff:e8:f9:cd:42:b9:51:2e:57:70:63:62:75:c7:
7e:cf:59:c9:c5:72:ed:bb:dc:3c:e9:7d:8d:66:ed:
16:6b:c2:02:03:ff:86:7b:a0:13:75:ea:70:ad:7f:
65:7b:24:7e:9c:ef:1f:75:14:9f:69:08:65:d6:50:
bd:a6:bc:91:6d:86:c8:e7:a9:db:38:1b:39:42:37:
f6:aa:e6:ef:a7:3b:cd:39:81:9e:4f:30:36:b3:d4:
ec:3a:fd:f1:44:46:c3:de:1b:c1:96:e1:c1:8f:38:
52:11:2f:5b:a3:06:e9:62:45:01:12:f7:da:a5:da:
99:92:6a:7c:10:e2:5e:20:81:e3:f9:87:a9:99:56:
da:23:c3:99:86:aa:c6:f0:c1:e5:86:a6:39:1f:32:
fb:ba:8e:9f:df:e8:d6:95:ff:8a:0f:f6:58:82:94:
bf:24:46:e1:6f:9b:b9:88:2f:f9:fb:87:ed:a1:ca:
b7:b3:b8:82:fc:07:a5:b4:d4:7d:20:9c:1b:4f:69:
15:10:fc:da:d9:36:50:df:6e:88:6f:ee:f4:90:e5:
a4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9D:38:C3:D7:F0:9E:B2:2C:6B:AE:E0:D9:4B:EF:EA:65:5F:4C:40
X509v3 Authority Key Identifier:
keyid:8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HJ04w9fwnrIsa67g2Uvv6mVfTEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.216.0-5.158.220.255
Signature Algorithm: sha256WithRSAEncryption
84:7a:7f:c6:14:4f:44:a6:08:dc:7d:f0:02:1b:ea:17:4b:35:
9b:2d:04:79:38:2a:98:5f:9b:33:d0:3d:73:08:38:01:cd:e7:
05:af:ee:3a:22:d8:6c:52:97:16:22:c7:d9:95:86:54:e1:e5:
79:95:e3:2f:df:c1:21:3c:20:1f:fa:10:0c:96:0a:30:0f:80:
6f:a9:f2:bf:45:59:ad:ab:90:b8:37:6e:e0:1a:50:fa:17:98:
75:5a:2c:f1:fa:af:a2:cd:35:28:ae:6c:4e:76:5c:ee:57:2a:
5e:06:03:53:f8:fc:1f:5c:23:41:08:28:25:79:12:df:36:d6:
ca:43:9c:88:08:ab:f5:92:53:78:7a:8d:17:50:30:b8:4e:48:
fa:14:72:34:ed:39:fb:bc:75:fe:ac:e7:e0:d8:07:d7:9d:3d:
c7:9a:1d:53:35:5c:b0:96:11:b5:82:bc:80:eb:9f:a8:db:99:
57:f7:86:5a:ec:4f:55:a0:69:81:f8:03:91:37:a3:57:16:5d:
3f:fc:a2:e6:5b:a7:95:4b:bd:ac:a9:52:ce:18:07:07:e8:50:
37:2e:5d:43:6c:c9:13:20:8d:fc:40:f7:46:99:ed:0f:2f:f8:
e9:7d:f4:c2:9d:68:ee:57:20:35:53:68:37:9e:ac:e0:78:52:
b0:5c:e3:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuJmKgcynZhTnJpr3eJhuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDQ3YmFhOWFhNmUwYTIwYWQ5OTVhNzljMmE4ZGU2MDRm
OWFhMzcwHhcNMjMwMTAxMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzlkMzhjM2Q3ZjA5ZWIyMmM2YmFlZTBkOTRiZWZlYTY1NWY0YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApERLb5Ir0E2juIJiwEc/SkGkEX/5
kT96BL0KyxpKWu5dUsikvfKZRJw8IpZ5/+j5zUK5US5XcGNidcd+z1nJxXLtu9w8
6X2NZu0Wa8ICA/+Ge6ATdepwrX9leyR+nO8fdRSfaQhl1lC9pryRbYbI56nbOBs5
Qjf2qubvpzvNOYGeTzA2s9TsOv3xREbD3hvBluHBjzhSES9bowbpYkUBEvfapdqZ
kmp8EOJeIIHj+YepmVbaI8OZhqrG8MHlhqY5HzL7uo6f3+jWlf+KD/ZYgpS/JEbh
b5u5iC/5+4ftocq3s7iC/AeltNR9IJwbT2kVEPza2TZQ326Ib+70kOWkWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBydOMPX8J6yLGuu4NlL7+plX0xAMB8GA1UdIwQY
MBaAFIrUe6qapuCiCtmVp5wqjeYE+ao3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEt
ZjAxYTJmNThlZjg4LzEvSEowNHc5ZnducklzYTY3ZzJVdnY2bVZmVEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEtZjAxYTJmNThlZjg4
LzEvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMFntgD
BAAFntwwDQYJKoZIhvcNAQELBQADggEBAIR6f8YUT0SmCNx98AIb6hdLNZstBHk4
KphfmzPQPXMIOAHN5wWv7joi2GxSlxYix9mVhlTh5XmV4y/fwSE8IB/6EAyWCjAP
gG+p8r9FWa2rkLg3buAaUPoXmHVaLPH6r6LNNSiubE52XO5XKl4GA1P4/B9cI0EI
KCV5Et821spDnIgIq/WSU3h6jRdQMLhOSPoUcjTtOfu8df6s5+DYB9edPceaHVM1
XLCWEbWCvIDrn6jbmVf3hlrsT1WgaYH4A5E3o1cWXT/8ouZbp5VLvaypUs4YBwfo
UDcuXUNsyRMgjfxA90aZ7Q8v+Ol99MKdaO5XIDVTaDeerOB4UrBc4+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:17 2024 by rpki-client on console-fra.rpki-client.org