Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OnNFaKNaectfinjayxwM_HfvU-8.roa
File: OnNFaKNaectfinjayxwM_HfvU-8.roa (raw, json)
Hash identifier: cmImsjkNyYwBvKXeXG0LSeXkntnBDZWwMtWTRNxmam8=
Subject key identifier: 3A:73:45:68:A3:5A:79:CB:5F:8A:78:DA:CB:1C:0C:FC:77:EF:53:EF
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018BE9B69FB7F495EA8F6E2BAAAAA08B69E8
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OnNFaKNaectfinjayxwM_HfvU-8.roa
Signing time: Sun 19 Nov 2023 22:32:21 +0000
ROA not before: Sun 19 Nov 2023 22:32:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
152.89.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 05:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:b6:9f:b7:f4:95:ea:8f:6e:2b:aa:aa:a0:8b:69:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Nov 19 22:32:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a734568a35a79cb5f8a78dacb1c0cfc77ef53ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c6:a4:73:f9:22:ef:08:c5:78:bc:58:09:46:
3f:95:a1:4d:6a:54:49:25:ac:4e:31:84:e4:c7:50:
eb:b5:66:84:46:a3:2b:65:b5:ce:e6:7f:41:56:a8:
46:8a:cd:8d:b3:5a:7e:90:5d:41:22:66:b5:13:d1:
20:04:3c:74:b4:46:9a:fa:d2:ea:74:5c:30:ee:9d:
e6:05:15:fa:61:5a:87:cc:d9:bf:d5:f4:d6:a0:42:
ba:b4:67:eb:05:7e:a0:5e:ca:5d:8c:f0:71:99:36:
c2:2b:fe:12:31:99:fe:e4:e2:40:12:c3:38:dd:19:
18:a1:33:75:a4:0f:cf:c6:a8:5c:da:fb:b3:61:f1:
29:0b:ba:3a:cd:3c:fc:4c:84:3b:4e:13:96:cb:75:
55:b7:07:25:5a:02:16:fd:61:be:76:03:cb:2b:42:
4e:17:62:cd:79:94:62:3d:97:b7:8c:23:77:8c:5e:
fb:4f:5c:23:47:20:45:b7:ef:67:97:f0:db:c9:c0:
7e:e2:0c:a4:34:57:f1:32:64:95:e5:ce:bd:78:56:
8d:ed:ed:18:a3:f9:bc:b9:3f:7b:ed:60:94:72:9c:
de:35:dc:00:e6:60:6e:a4:cb:09:e5:2c:50:93:53:
fb:8b:3f:5d:80:e0:17:1e:26:12:b7:25:2c:4d:ad:
d0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:73:45:68:A3:5A:79:CB:5F:8A:78:DA:CB:1C:0C:FC:77:EF:53:EF
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OnNFaKNaectfinjayxwM_HfvU-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/24
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a5:38:4a:c2:8c:b8:f8:f7:a2:b3:d1:64:06:0a:be:6b:ed:
34:b4:76:8b:15:74:ea:b1:e0:93:f6:1a:75:53:1a:51:9b:27:
c0:8a:40:93:07:8c:09:7e:50:0a:b8:31:f6:22:23:66:25:38:
5c:a7:4a:5c:7c:d6:19:b6:55:7f:12:45:d9:a4:7a:a0:cc:88:
99:e2:f4:3a:6f:61:93:67:01:56:3a:f3:d8:75:40:7e:f3:48:
58:a6:f3:7a:c5:c9:08:d6:99:04:c3:4f:eb:cc:00:7f:1a:1f:
ed:32:89:b6:ad:00:47:96:98:78:58:d8:a7:14:db:98:3e:77:
cd:53:ca:7f:d3:05:c9:93:66:c8:66:53:56:6f:6b:31:52:5f:
13:e0:80:c6:21:60:1a:fa:9c:98:6a:49:1e:b7:89:f5:56:d2:
69:24:2c:fd:be:ab:c6:41:da:ba:5e:d7:09:b5:fc:51:71:24:
cc:7e:ea:58:18:f6:cd:27:e4:6d:d6:ed:52:2c:69:88:64:da:
6e:99:ca:d1:a3:c8:d4:06:2f:b8:fb:b8:43:e8:f3:1e:4e:48:
bb:8f:bb:4a:a8:08:12:1d:15:15:7a:4f:d5:5a:6b:61:8a:dd:
66:da:2b:c8:85:e6:c1:e3:92:ed:7f:24:cd:a3:dd:08:c7:e8:
d6:a5:43:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvptp+39JXqj24rqqqgi2noMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMxMTE5MjIzMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTczNDU2OGEzNWE3OWNiNWY4YTc4ZGFjYjFjMGNmYzc3ZWY1M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sakc/ki7wjFeLxYCUY/laFNalRJ
JaxOMYTkx1DrtWaERqMrZbXO5n9BVqhGis2Ns1p+kF1BIma1E9EgBDx0tEaa+tLq
dFww7p3mBRX6YVqHzNm/1fTWoEK6tGfrBX6gXspdjPBxmTbCK/4SMZn+5OJAEsM4
3RkYoTN1pA/Pxqhc2vuzYfEpC7o6zTz8TIQ7ThOWy3VVtwclWgIW/WG+dgPLK0JO
F2LNeZRiPZe3jCN3jF77T1wjRyBFt+9nl/DbycB+4gykNFfxMmSV5c69eFaN7e0Y
o/m8uT977WCUcpzeNdwA5mBupMsJ5SxQk1P7iz9dgOAXHiYStyUsTa3QWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpzRWijWnnLX4p42sscDPx371PvMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvT25ORmFLTmFlY3RmaW5qYXl4d01fSGZ2VS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFnCAwQA
qyHwMA0GCSqGSIb3DQEBCwUAA4IBAQCgpThKwoy4+Peis9FkBgq+a+00tHaLFXTq
seCT9hp1UxpRmyfAikCTB4wJflAKuDH2IiNmJThcp0pcfNYZtlV/EkXZpHqgzIiZ
4vQ6b2GTZwFWOvPYdUB+80hYpvN6xckI1pkEw0/rzAB/Gh/tMom2rQBHlph4WNin
FNuYPnfNU8p/0wXJk2bIZlNWb2sxUl8T4IDGIWAa+pyYakket4n1VtJpJCz9vqvG
Qdq6XtcJtfxRcSTMfupYGPbNJ+Rt1u1SLGmIZNpumcrRo8jUBi+4+7hD6PMeTki7
j7tKqAgSHRUVek/VWmthit1m2ivIhebB45LtfyTNo90Ix+jWpUN5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org