Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5hkovySMeoTvD9IYWyu0rc24QAw.roa
File: 5hkovySMeoTvD9IYWyu0rc24QAw.roa (raw, json)
Hash identifier: 024SzB0Pqe9Rrl9ZIPsKPQT6lZhIYmFZvBXGwPsaxnk=
Subject key identifier: E6:19:28:BF:24:8C:7A:84:EF:0F:D2:18:5B:2B:B4:AD:CD:B8:40:0C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189BA3E16B7BC03C66DAA3BBF33E2B4D25D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5hkovySMeoTvD9IYWyu0rc24QAw.roa
Signing time: Thu 03 Aug 2023 07:12:58 +0000
ROA not before: Thu 03 Aug 2023 07:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 45.156.159.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 17:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:3e:16:b7:bc:03:c6:6d:aa:3b:bf:33:e2:b4:d2:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 3 07:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e61928bf248c7a84ef0fd2185b2bb4adcdb8400c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0b:1f:4d:e9:f6:3b:76:7f:c2:6a:4f:f5:80:
d5:d9:c1:78:ee:79:cc:84:3a:89:01:d3:dc:aa:17:
76:eb:ce:c5:da:0c:44:f9:34:e6:39:38:76:6f:27:
b4:39:ab:3c:78:a4:bd:45:82:4b:60:e7:a2:41:44:
07:8b:dd:b1:34:9d:df:40:00:ff:ee:27:ee:ea:33:
27:12:99:51:f8:78:1e:a5:74:65:e0:56:d8:2e:86:
51:53:fd:2b:a3:6c:51:93:25:db:2d:3c:c6:34:8f:
1c:54:8d:43:1e:31:8f:04:9c:40:8d:ff:76:6f:4d:
34:cd:9a:64:dc:b4:93:e1:83:c9:6c:ce:5b:4d:99:
10:0c:c8:9c:3c:0f:dd:85:9b:e1:56:89:e0:b9:8f:
f1:10:6a:ad:d3:4d:31:70:f5:75:25:d9:d9:ea:c6:
d7:0a:78:4a:d3:43:23:7b:d2:23:72:e4:9b:50:fa:
ab:a8:ea:e0:29:fb:d1:56:a7:27:e6:6d:60:57:f2:
66:ea:3b:c7:07:c9:ee:3d:61:4e:3f:97:67:31:2f:
0a:06:0a:f5:9a:d0:2f:14:e4:fa:f4:68:e0:01:00:
43:50:93:19:78:54:55:85:e3:c7:39:36:01:7c:9e:
e2:98:ca:85:2f:f3:d0:98:73:0d:3c:df:7d:7c:25:
78:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:19:28:BF:24:8C:7A:84:EF:0F:D2:18:5B:2B:B4:AD:CD:B8:40:0C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5hkovySMeoTvD9IYWyu0rc24QAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
89.33.84.0/24
Signature Algorithm: sha256WithRSAEncryption
07:2c:15:57:4b:5c:70:5d:14:88:38:99:7c:28:c9:81:d5:ba:
79:e3:65:6c:49:e8:74:8c:ea:96:1c:bb:08:69:68:83:c7:10:
c3:71:b7:b2:85:c1:88:f4:9d:db:5b:85:a1:4d:95:88:62:3a:
1e:22:c5:19:05:cc:3d:5b:c2:bc:8e:08:ca:08:8f:f4:02:31:
59:17:88:df:8f:f0:5c:10:f2:81:a5:36:7d:cf:16:01:89:7e:
28:1e:d5:b9:ae:39:84:45:45:5f:aa:04:cf:ff:15:3b:3d:bd:
e6:7a:e2:d5:85:92:e3:66:ad:f7:ea:39:2f:d4:d1:66:4c:6f:
c9:55:98:b0:13:b2:04:28:7b:4c:6b:2a:4d:8a:a7:9f:29:63:
b7:7b:a6:c0:42:71:ca:60:4a:c9:0d:f7:1a:d1:e3:13:94:d8:
7b:e0:e8:b3:f6:dc:e3:eb:0e:da:14:59:28:6d:a2:90:4c:29:
53:cf:c6:2e:69:ad:31:89:f1:ce:62:9a:10:a6:5e:6c:ed:1d:
1a:cf:b7:47:1c:5d:33:e4:7f:ec:8f:8b:15:b5:22:96:ee:97:
f3:ca:53:4e:3d:f0:66:50:1c:ea:41:ad:bf:b1:07:e0:d1:12:
07:86:2b:45:8c:9c:e6:e6:57:70:24:93:ac:1f:32:fb:1c:ec:
ce:d0:80:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm6Pha3vAPGbao7vzPitNJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODAzMDcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE5MjhiZjI0OGM3YTg0ZWYwZmQyMTg1YjJiYjRhZGNkYjg0MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QsfTen2O3Z/wmpP9YDV2cF47nnM
hDqJAdPcqhd2687F2gxE+TTmOTh2bye0Oas8eKS9RYJLYOeiQUQHi92xNJ3fQAD/
7ifu6jMnEplR+HgepXRl4FbYLoZRU/0ro2xRkyXbLTzGNI8cVI1DHjGPBJxAjf92
b000zZpk3LST4YPJbM5bTZkQDMicPA/dhZvhVonguY/xEGqt000xcPV1JdnZ6sbX
CnhK00Mje9IjcuSbUPqrqOrgKfvRVqcn5m1gV/Jm6jvHB8nuPWFOP5dnMS8KBgr1
mtAvFOT69GjgAQBDUJMZeFRVhePHOTYBfJ7imMqFL/PQmHMNPN99fCV4RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOYZKL8kjHqE7w/SGFsrtK3NuEAMMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNWhrb3Z5U01lb1R2RDlJWVd5dTByYzI0UUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZyfAwQA
WSFUMA0GCSqGSIb3DQEBCwUAA4IBAQAHLBVXS1xwXRSIOJl8KMmB1bp542VsSeh0
jOqWHLsIaWiDxxDDcbeyhcGI9J3bW4WhTZWIYjoeIsUZBcw9W8K8jgjKCI/0AjFZ
F4jfj/BcEPKBpTZ9zxYBiX4oHtW5rjmERUVfqgTP/xU7Pb3meuLVhZLjZq336jkv
1NFmTG/JVZiwE7IEKHtMaypNiqefKWO3e6bAQnHKYErJDfca0eMTlNh74Oiz9tzj
6w7aFFkobaKQTClTz8Yuaa0xifHOYpoQpl5s7R0az7dHHF0z5H/sj4sVtSKW7pfz
ylNOPfBmUBzqQa2/sQfg0RIHhitFjJzm5ldwJJOsHzL7HOzO0IC7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org