Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ffN2XEFyRVYJhf7ZSCZ0YMQKO9s.roa
File: ffN2XEFyRVYJhf7ZSCZ0YMQKO9s.roa (raw, json)
Hash identifier: QoWXfG+TMyA/BqgoxwR150BQFdw9/tQhIOgWCpWg62U=
Subject key identifier: 7D:F3:76:5C:41:72:45:56:09:85:FE:D9:48:26:74:60:C4:0A:3B:DB
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018570671E5B1A975FDB72D25D437C143DF8
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ffN2XEFyRVYJhf7ZSCZ0YMQKO9s.roa
Signing time: Mon 02 Jan 2023 02:54:44 +0000
ROA not before: Mon 02 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49596
IP address blocks: 188.253.84.0/22 maxlen: 22
185.103.128.0/22 maxlen: 22
5.202.36.0/23 maxlen: 23
5.202.34.0/23 maxlen: 23
5.202.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1e:5b:1a:97:5f:db:72:d2:5d:43:7c:14:3d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7df3765c417245560985fed948267460c40a3bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1a:dc:60:0a:fc:18:e0:45:7f:45:30:90:70:
9a:53:a5:5c:45:28:da:5b:54:26:35:60:28:5d:8b:
00:f8:f5:ac:ff:c0:77:ab:9c:6f:c5:f7:3e:5d:96:
1c:ff:43:e0:fa:a4:4b:46:cc:5e:5b:92:fd:51:fd:
50:10:6e:51:f1:ab:87:fc:42:9b:3e:c2:59:09:cb:
81:72:55:b7:0f:e2:d1:4b:22:6f:42:6a:0a:ad:9a:
ff:0b:3c:16:99:52:0b:d1:e2:40:3c:2c:9e:e1:3c:
b8:89:48:4f:ce:1e:dd:ce:f7:b4:bf:00:df:f1:73:
85:60:2b:4b:84:36:a8:e2:ba:7b:5c:f5:06:5c:15:
79:5d:41:44:7a:fc:c8:6b:63:64:b7:84:4e:04:4f:
81:1c:16:3e:68:43:b9:0c:1d:14:ed:65:19:fc:0b:
83:18:07:f5:f3:24:81:d2:a8:97:3f:88:38:2e:8d:
d8:44:e6:dd:72:d8:73:aa:a7:c5:c1:0e:0c:9b:93:
dd:3a:05:54:83:2d:a5:a7:72:f9:11:a0:86:aa:a9:
5f:bd:bf:81:41:0b:64:38:e8:6f:11:3a:a1:fd:d2:
eb:03:21:10:13:64:02:fd:cf:bd:12:30:fa:87:55:
5c:98:62:1b:e7:e8:ed:8b:63:a5:c9:79:64:d0:07:
0d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F3:76:5C:41:72:45:56:09:85:FE:D9:48:26:74:60:C4:0A:3B:DB
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ffN2XEFyRVYJhf7ZSCZ0YMQKO9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.34.0-5.202.38.255
185.103.128.0/22
188.253.84.0/22
Signature Algorithm: sha256WithRSAEncryption
69:d2:77:0a:35:a7:44:c3:12:3a:33:c9:84:bc:1a:de:a9:c3:
9c:00:7f:c3:6f:53:0b:24:13:9c:95:b3:f6:68:20:f5:ae:77:
52:17:8f:0b:62:ac:6c:70:93:71:c2:b1:51:1c:8c:33:e7:01:
f1:a0:97:79:7f:26:09:8a:79:fc:92:4c:a3:53:5f:18:b4:14:
d2:7a:7e:2d:ec:9f:ce:d7:5b:fd:fa:7a:b0:33:ae:fe:4e:63:
9a:50:17:be:44:46:7b:87:02:29:d1:53:e9:27:02:61:f8:fa:
66:66:1e:05:95:51:d2:b1:93:35:a4:06:75:ea:34:76:e0:70:
b6:50:be:45:98:b3:d7:57:2d:a4:80:30:6e:9f:91:0e:4e:2c:
56:63:84:cc:98:16:82:cc:a7:95:75:d4:04:2b:5e:e2:e5:3a:
c3:02:0d:3c:06:bb:d6:8e:1a:d5:95:11:1e:c0:1c:d4:47:9c:
6f:bc:8f:7d:89:df:a6:1a:c7:1a:e8:b9:3b:6f:c9:ef:0c:85:
21:b8:84:ea:20:09:5c:d6:cb:96:6b:53:8c:ea:6a:43:9a:0c:
28:b8:82:13:9b:38:f3:a7:f6:e1:8a:1d:8f:56:3b:94:73:1a:
ce:da:77:f0:a6:94:7e:ee:b9:98:86:99:34:50:d6:35:8b:8d:
ce:0b:38:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwZx5bGpdf23LSXUN8FD34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGYzNzY1YzQxNzI0NTU2MDk4NWZlZDk0ODI2NzQ2MGM0MGEzYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRrcYAr8GOBFf0UwkHCaU6VcRSja
W1QmNWAoXYsA+PWs/8B3q5xvxfc+XZYc/0Pg+qRLRsxeW5L9Uf1QEG5R8auH/EKb
PsJZCcuBclW3D+LRSyJvQmoKrZr/CzwWmVIL0eJAPCye4Ty4iUhPzh7dzve0vwDf
8XOFYCtLhDao4rp7XPUGXBV5XUFEevzIa2Nkt4ROBE+BHBY+aEO5DB0U7WUZ/AuD
GAf18ySB0qiXP4g4Lo3YRObdcthzqqfFwQ4Mm5PdOgVUgy2lp3L5EaCGqqlfvb+B
QQtkOOhvETqh/dLrAyEQE2QC/c+9EjD6h1VcmGIb5+jti2OlyXlk0AcNNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH3zdlxBckVWCYX+2UgmdGDECjvbMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvZmZOMlhFRnlSVllKaGY3WlNDWjBZTVFLTzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAEFyiID
BAAFyiYDBAK5Z4ADBAK8/VQwDQYJKoZIhvcNAQELBQADggEBAGnSdwo1p0TDEjoz
yYS8Gt6pw5wAf8NvUwskE5yVs/ZoIPWud1IXjwtirGxwk3HCsVEcjDPnAfGgl3l/
JgmKefySTKNTXxi0FNJ6fi3sn87XW/36erAzrv5OY5pQF75ERnuHAinRU+knAmH4
+mZmHgWVUdKxkzWkBnXqNHbgcLZQvkWYs9dXLaSAMG6fkQ5OLFZjhMyYFoLMp5V1
1AQrXuLlOsMCDTwGu9aOGtWVER7AHNRHnG+8j32J36YaxxrouTtvye8MhSG4hOog
CVzWy5ZrU4zqakOaDCi4ghObOPOn9uGKHY9WO5RzGs7ad/CmlH7uuZiGmTRQ1jWL
jc4LOI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org