Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/qQ_NRdlJ3YoSR8rkJcUocW1S9HE.roa
File: qQ_NRdlJ3YoSR8rkJcUocW1S9HE.roa (raw, json)
Hash identifier: aLHZJbWRFGxMakoJfUCBfz/5x1Ty5frDcBcKCBFWMI0=
Subject key identifier: A9:0F:CD:45:D9:49:DD:8A:12:47:CA:E4:25:C5:28:71:6D:52:F4:71
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018F958D1E17973C19F9FA0B99D755F59BC5
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/qQ_NRdlJ3YoSR8rkJcUocW1S9HE.roa
Signing time: Mon 20 May 2024 10:30:04 +0000
ROA not before: Mon 20 May 2024 10:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 152.89.193.0/24 maxlen: 24
171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 08:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:8d:1e:17:97:3c:19:f9:fa:0b:99:d7:55:f5:9b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: May 20 10:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a90fcd45d949dd8a1247cae425c528716d52f471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:67:13:8f:05:d8:88:61:96:a6:99:2a:99:
88:23:5b:2a:a9:b3:bd:b2:56:b8:f8:d3:c2:e2:fa:
18:99:b3:7f:69:ba:56:f1:25:a3:45:05:90:f2:c3:
60:ba:d8:e2:39:9a:9d:c8:5f:fc:b8:90:04:f7:7f:
0c:fc:b9:cd:45:83:6e:77:08:1f:8f:72:b3:4c:84:
81:07:82:14:68:69:6d:57:e2:87:77:02:3b:cb:7b:
c9:8b:df:5b:1d:81:77:39:49:bc:af:00:0e:56:a0:
40:62:f0:ba:ee:9b:4a:86:58:1d:37:24:f5:8f:4b:
af:7b:25:4e:e7:80:ee:1a:bb:17:53:75:f3:7e:2d:
83:9b:3f:51:56:9a:df:01:f6:3e:48:95:92:7e:11:
a1:ed:23:53:95:38:0a:ac:60:0d:4c:0c:ec:0a:fb:
d1:0c:44:b9:79:2b:5d:ab:c0:43:f3:56:ec:e3:ae:
9b:63:6c:d4:22:2e:d8:84:f8:c3:49:9f:a3:7b:14:
8c:c9:21:fe:eb:67:b6:3c:d9:0a:43:a7:19:39:33:
8a:bd:48:22:27:fb:ef:f5:5a:82:1e:0c:42:7a:b8:
53:bd:ca:4d:cb:3a:7c:84:7e:5f:d7:b2:4e:08:87:
16:c9:56:13:25:b8:21:b6:04:e8:95:73:32:2e:56:
ea:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0F:CD:45:D9:49:DD:8A:12:47:CA:E4:25:C5:28:71:6D:52:F4:71
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/qQ_NRdlJ3YoSR8rkJcUocW1S9HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3f:ce:6f:c7:b4:52:93:9d:da:3f:57:eb:4b:d6:8d:e3:b2:
36:d5:1a:ec:3e:c5:7d:99:f8:82:f2:c0:5a:27:2b:71:2b:e7:
a4:e8:cb:d7:96:a6:fb:c9:50:b0:1e:59:1e:89:bf:ef:10:d0:
c6:fd:da:6f:3c:86:8e:c3:09:57:31:af:6d:d3:b8:ee:ee:b5:
19:ec:c4:0a:48:cc:8c:3e:4c:7d:2f:06:58:07:31:4e:d4:d1:
3c:e1:2e:f2:e6:5d:ea:3e:83:82:b9:61:fb:b7:62:b6:9a:ea:
f6:d2:81:d7:19:29:31:31:90:f7:9a:7e:7d:89:82:e1:31:41:
81:f7:35:fe:c8:0f:76:6c:e5:b7:c3:4b:38:3d:12:4a:d2:77:
11:74:50:da:c5:a8:8f:c9:54:8d:35:ab:4f:c3:74:9d:10:7f:
28:e2:b7:14:6d:67:d6:a8:e9:71:88:79:a1:ad:d7:03:92:a3:
73:92:60:dc:fd:54:f0:f0:d7:a3:e7:77:14:aa:e0:26:f9:2b:
13:e3:e1:4f:f0:a7:29:90:cf:aa:a5:4d:76:f0:33:94:74:f2:
59:bc:f1:cd:ca:52:06:1b:1b:ac:c7:3b:21:bc:a3:3a:0d:fa:
45:02:b8:e2:ac:18:29:9c:e7:08:2c:02:29:46:a4:cf:81:c5:
ca:73:10:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+VjR4XlzwZ+foLmddV9ZvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwNTIwMTAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBmY2Q0NWQ5NDlkZDhhMTI0N2NhZTQyNWM1Mjg3MTZkNTJmNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGZnE48F2IhhlqaZKpmII1sqqbO9
sla4+NPC4voYmbN/abpW8SWjRQWQ8sNgutjiOZqdyF/8uJAE938M/LnNRYNudwgf
j3KzTISBB4IUaGltV+KHdwI7y3vJi99bHYF3OUm8rwAOVqBAYvC67ptKhlgdNyT1
j0uveyVO54DuGrsXU3Xzfi2Dmz9RVprfAfY+SJWSfhGh7SNTlTgKrGANTAzsCvvR
DES5eStdq8BD81bs466bY2zUIi7YhPjDSZ+jexSMySH+62e2PNkKQ6cZOTOKvUgi
J/vv9VqCHgxCerhTvcpNyzp8hH5f17JOCIcWyVYTJbghtgTolXMyLlbq2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKkPzUXZSd2KEkfK5CXFKHFtUvRxMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvcVFfTlJkbEozWW9TUjhya0pjVW9jVzFTOUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFnBAwQA
qyHwMA0GCSqGSIb3DQEBCwUAA4IBAQB/P85vx7RSk53aP1frS9aN47I21RrsPsV9
mfiC8sBaJytxK+ek6MvXlqb7yVCwHlkeib/vENDG/dpvPIaOwwlXMa9t07ju7rUZ
7MQKSMyMPkx9LwZYBzFO1NE84S7y5l3qPoOCuWH7t2K2mur20oHXGSkxMZD3mn59
iYLhMUGB9zX+yA92bOW3w0s4PRJK0ncRdFDaxaiPyVSNNatPw3SdEH8o4rcUbWfW
qOlxiHmhrdcDkqNzkmDc/VTw8Nej53cUquAm+SsT4+FP8KcpkM+qpU128DOUdPJZ
vPHNylIGGxusxzshvKM6DfpFArjirBgpnOcILAIpRqTPgcXKcxAU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org