Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xphq3mJopxJ5bWaSI4AhusOPVCw.roa
File: xphq3mJopxJ5bWaSI4AhusOPVCw.roa (raw, json)
Hash identifier: vV4r2OGGO7aeaXIbl708bzo8NVSbI0bnNuIKsCyN8eA=
Subject key identifier: C6:98:6A:DE:62:68:A7:12:79:6D:66:92:23:80:21:BA:C3:8F:54:2C
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018B445ED1566E36AEAFBECBE8A81D465D3A
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xphq3mJopxJ5bWaSI4AhusOPVCw.roa
Signing time: Wed 18 Oct 2023 19:59:06 +0000
ROA not before: Wed 18 Oct 2023 19:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 18:59:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:44:5e:d1:56:6e:36:ae:af:be:cb:e8:a8:1d:46:5d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Oct 18 19:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6986ade6268a712796d6692238021bac38f542c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cc:44:fc:55:13:0e:41:75:f8:b0:b7:84:ec:
c0:91:3c:36:92:d4:18:f0:19:57:df:20:3e:be:9e:
c4:06:62:62:ad:de:e5:ad:21:db:94:de:72:2c:d8:
95:6f:d7:e7:0f:81:1a:4b:72:ff:e4:5c:54:d8:e5:
52:a2:54:3c:29:bc:6c:76:61:67:eb:19:c5:54:35:
b8:1e:ff:b9:c0:bd:34:19:79:d5:c1:67:71:68:05:
ec:3e:0c:47:26:3f:12:16:32:bd:5f:6d:9d:a1:04:
1f:44:32:fa:35:ca:8d:61:2a:37:4b:36:ac:20:d3:
4e:26:bc:f8:ab:31:ea:27:05:af:ee:2c:7b:de:0f:
39:15:7b:62:70:ff:39:10:76:e2:89:8a:cf:91:ed:
b1:c9:77:59:31:ce:00:53:8e:0d:87:16:48:d6:1e:
5f:05:e4:d0:22:c7:b9:88:c9:6f:70:01:54:1e:b8:
d1:d5:44:f3:59:4f:cf:62:9d:85:dc:6e:6d:db:86:
ed:e1:c2:d5:9f:f3:7d:60:f7:f3:44:dd:1f:73:30:
a4:ca:5c:d9:79:38:cd:b5:cd:e0:aa:6f:7b:22:d5:
fb:52:61:3f:c3:d7:09:16:4e:e5:be:ed:a1:c3:ec:
89:c5:89:0d:b2:26:ff:a2:86:e0:51:7a:5e:98:d5:
29:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:98:6A:DE:62:68:A7:12:79:6D:66:92:23:80:21:BA:C3:8F:54:2C
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xphq3mJopxJ5bWaSI4AhusOPVCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:f6:88:67:e1:4a:97:7c:15:1d:15:d9:1c:07:08:5a:2b:81:
a5:d6:52:51:df:a8:e8:02:cd:e3:c1:ce:49:66:e2:51:20:2e:
95:57:7c:78:51:7a:7f:50:1d:b4:8f:1e:1d:fe:d3:de:3f:aa:
d9:5c:93:90:04:d4:58:7e:58:ef:4a:f1:af:7d:e8:0a:73:6a:
ef:88:3d:b1:f1:08:e4:0a:99:9b:e7:94:db:c2:3f:03:5c:45:
b8:9f:76:86:05:d2:7d:68:b7:9e:a5:c6:f5:46:13:bf:00:9d:
85:41:60:98:ff:39:50:9b:0d:6d:a0:a7:cd:93:9a:1e:a6:33:
ac:ff:8f:ff:1a:0a:80:09:ad:b3:0f:7c:e8:af:97:99:2f:e1:
e3:72:c0:9e:35:58:f1:e2:ac:77:16:5b:1f:2a:01:6f:0f:f1:
80:8f:a1:92:55:d1:92:0f:c6:11:42:f6:d0:18:fa:ff:7b:3a:
d1:8f:61:11:47:6d:86:66:7e:a1:b4:be:15:fd:a3:39:19:2b:
73:b5:0b:ca:4a:f0:75:6d:56:08:3e:4d:69:df:8a:ec:16:96:
5a:ee:3c:57:cf:21:73:42:0a:35:6f:bc:49:a7:39:42:fc:14:
b2:2e:55:aa:19:0b:aa:4a:fe:4f:4b:e5:94:5c:c9:97:21:96:
e9:23:96:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtEXtFWbjaur77L6KgdRl06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMxMDE4MTk1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk4NmFkZTYyNjhhNzEyNzk2ZDY2OTIyMzgwMjFiYWMzOGY1NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMxE/FUTDkF1+LC3hOzAkTw2ktQY
8BlX3yA+vp7EBmJird7lrSHblN5yLNiVb9fnD4EaS3L/5FxU2OVSolQ8KbxsdmFn
6xnFVDW4Hv+5wL00GXnVwWdxaAXsPgxHJj8SFjK9X22doQQfRDL6NcqNYSo3Szas
INNOJrz4qzHqJwWv7ix73g85FXticP85EHbiiYrPke2xyXdZMc4AU44NhxZI1h5f
BeTQIse5iMlvcAFUHrjR1UTzWU/PYp2F3G5t24bt4cLVn/N9YPfzRN0fczCkylzZ
eTjNtc3gqm97ItX7UmE/w9cJFk7lvu2hw+yJxYkNsib/oobgUXpemNUpzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMaYat5iaKcSeW1mkiOAIbrDj1QsMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEveHBocTNtSm9weEo1YldhU0k0QWh1c09QVkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFnBAwQA
qyHwMA0GCSqGSIb3DQEBCwUAA4IBAQC49ohn4UqXfBUdFdkcBwhaK4Gl1lJR36jo
As3jwc5JZuJRIC6VV3x4UXp/UB20jx4d/tPeP6rZXJOQBNRYfljvSvGvfegKc2rv
iD2x8QjkCpmb55Tbwj8DXEW4n3aGBdJ9aLeepcb1RhO/AJ2FQWCY/zlQmw1toKfN
k5oepjOs/4//GgqACa2zD3zor5eZL+HjcsCeNVjx4qx3FlsfKgFvD/GAj6GSVdGS
D8YRQvbQGPr/ezrRj2ERR22GZn6htL4V/aM5GStztQvKSvB1bVYIPk1p34rsFpZa
7jxXzyFzQgo1b7xJpzlC/BSyLlWqGQuqSv5PS+WUXMmXIZbpI5Yt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org