Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/h_kno3gx6-qk-mNKSKGlnbUFo_s.roa
File: h_kno3gx6-qk-mNKSKGlnbUFo_s.roa (raw, json)
Hash identifier: qfMkFj4gHodfocR26eYgMYFQe6v749WEI55VTlQhf3I=
Subject key identifier: 87:F9:27:A3:78:31:EB:EA:A4:FA:63:4A:48:A1:A5:9D:B5:05:A3:FB
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 01856C53D868D228BFA792FC37FAF7D5D317
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/h_kno3gx6-qk-mNKSKGlnbUFo_s.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210403
IP address blocks: 185.98.131.0/24 maxlen: 24
78.138.45.0/24 maxlen: 24
78.138.58.0/24 maxlen: 24
193.203.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d8:68:d2:28:bf:a7:92:fc:37:fa:f7:d5:d3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f927a37831ebeaa4fa634a48a1a59db505a3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d5:e2:33:de:76:97:c6:99:15:4b:ca:9d:60:
c3:5d:dd:4c:f0:39:ba:96:71:fc:65:5f:a4:3f:d3:
aa:9f:27:aa:f1:5a:b9:30:7b:c0:e0:07:c9:55:07:
41:f5:4b:58:2f:01:00:82:0c:37:3a:b6:fa:8a:5a:
ec:60:4f:f0:44:fa:b0:1b:67:49:7c:cf:a4:71:fc:
26:20:1f:00:76:8e:a8:94:11:de:2a:54:bb:dd:d8:
17:a6:28:ef:af:07:99:92:1b:5a:7f:dc:b3:ec:bd:
d3:ac:0a:37:54:45:6e:12:bf:7d:5f:96:7a:6f:63:
0b:af:0b:ea:2b:b1:6a:0b:f9:d8:55:4f:51:c5:e6:
ce:f1:3e:03:52:3d:84:40:eb:5a:a8:df:50:a9:f5:
d7:da:03:38:60:11:8d:95:b0:d9:69:33:71:13:44:
1f:1c:01:1b:fd:2e:ac:f4:50:1b:38:ca:e7:dd:2b:
90:72:ff:0b:8c:e8:d2:8e:c4:72:ed:3c:f8:4f:a2:
c6:9c:45:da:fe:e5:88:5d:64:bd:18:d6:4d:ec:04:
6a:61:4d:80:46:d8:8e:b5:ea:7b:7a:83:ea:53:a8:
13:7b:07:52:e8:6f:5b:55:f0:22:20:77:ae:73:c0:
98:3d:e6:1f:66:c5:58:1e:78:04:a1:89:ff:23:8c:
62:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F9:27:A3:78:31:EB:EA:A4:FA:63:4A:48:A1:A5:9D:B5:05:A3:FB
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/h_kno3gx6-qk-mNKSKGlnbUFo_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.45.0/24
78.138.58.0/24
185.98.131.0/24
193.203.239.0/24
Signature Algorithm: sha256WithRSAEncryption
09:79:99:c3:3a:33:cf:e8:c7:42:56:f7:29:7d:11:6e:3e:87:
53:24:ef:54:d4:ca:e1:44:c9:b7:41:23:85:e0:39:b5:9e:96:
92:98:ba:37:fe:b5:44:42:5b:a9:fe:79:49:a1:55:12:e3:8c:
86:63:eb:ac:2e:25:79:53:1d:1a:40:90:7d:28:7f:84:13:10:
2e:84:24:7d:86:42:90:c5:d0:14:14:9d:7a:06:cd:58:e2:fa:
33:83:c9:70:00:17:53:7d:4f:fc:35:0c:c8:df:78:79:bd:c4:
95:7f:d2:57:fd:4e:43:f0:2a:bb:b2:fd:b6:c7:bb:6c:a8:3f:
9c:2f:a6:53:75:d2:44:a8:c5:b1:e4:5d:5d:ac:f2:4a:35:1d:
e6:e1:86:b3:d6:74:fe:9b:ca:d0:39:9c:fd:75:66:e9:97:ad:
8c:6c:90:3d:a2:8e:b1:26:d6:89:fc:40:ed:19:50:71:a1:97:
09:6d:83:d7:bb:bf:a4:c4:26:6d:f1:73:60:a8:0b:fe:9a:14:
1d:9c:9f:ca:da:9c:62:67:d6:a7:92:a3:9e:5f:db:4a:cc:d5:
f2:47:9b:80:fd:8f:95:03:1a:86:41:c1:d3:30:ee:79:19:6c:
b9:38:32:5a:a7:86:35:3c:f5:e0:7b:c1:3d:7a:dd:e1:13:b2:
e7:c0:79:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsU9ho0ii/p5L8N/r31dMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y5MjdhMzc4MzFlYmVhYTRmYTYzNGE0OGExYTU5ZGI1MDVhM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdXiM952l8aZFUvKnWDDXd1M8Dm6
lnH8ZV+kP9Oqnyeq8Vq5MHvA4AfJVQdB9UtYLwEAggw3Orb6ilrsYE/wRPqwG2dJ
fM+kcfwmIB8Ado6olBHeKlS73dgXpijvrweZkhtaf9yz7L3TrAo3VEVuEr99X5Z6
b2MLrwvqK7FqC/nYVU9RxebO8T4DUj2EQOtaqN9QqfXX2gM4YBGNlbDZaTNxE0Qf
HAEb/S6s9FAbOMrn3SuQcv8LjOjSjsRy7Tz4T6LGnEXa/uWIXWS9GNZN7ARqYU2A
RtiOtep7eoPqU6gTewdS6G9bVfAiIHeuc8CYPeYfZsVYHngEoYn/I4xiywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIf5J6N4MevqpPpjSkihpZ21BaP7MB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvaF9rbm8zZ3g2LXFrLW1OS1NLR2xuYlVGb19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATootAwQA
Too6AwQAuWKDAwQAwcvvMA0GCSqGSIb3DQEBCwUAA4IBAQAJeZnDOjPP6MdCVvcp
fRFuPodTJO9U1MrhRMm3QSOF4Dm1npaSmLo3/rVEQlup/nlJoVUS44yGY+usLiV5
Ux0aQJB9KH+EExAuhCR9hkKQxdAUFJ16Bs1Y4vozg8lwABdTfU/8NQzI33h5vcSV
f9JX/U5D8Cq7sv22x7tsqD+cL6ZTddJEqMWx5F1drPJKNR3m4Yaz1nT+m8rQOZz9
dWbpl62MbJA9oo6xJtaJ/EDtGVBxoZcJbYPXu7+kxCZt8XNgqAv+mhQdnJ/K2pxi
Z9ankqOeX9tKzNXyR5uA/Y+VAxqGQcHTMO55GWy5ODJap4Y1PPXge8E9et3hE7Ln
wHnG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:42 2024 by rpki-client on console-ams.rpki-client.org