Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1hXLa3-JG2YWrDPlcYi_ijVXC_A.roa
File: 1hXLa3-JG2YWrDPlcYi_ijVXC_A.roa (raw, json)
Hash identifier: fgWeq7k/Zcj4WiHGHnUUIGN9s0E+xKjLEngbKegCh+M=
Subject key identifier: D6:15:CB:6B:7F:89:1B:66:16:AC:33:E5:71:88:BF:8A:35:57:0B:F0
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 018943C463FB1D4613B634897656B88B18E7
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1hXLa3-JG2YWrDPlcYi_ijVXC_A.roa
Signing time: Tue 11 Jul 2023 07:04:51 +0000
ROA not before: Tue 11 Jul 2023 07:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39386
IP address blocks: 84.235.56.0/23 maxlen: 23
178.86.50.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
37.224.192.0/24 maxlen: 24
84.235.95.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
193.19.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 07:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:c4:63:fb:1d:46:13:b6:34:89:76:56:b8:8b:18:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Jul 11 07:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d615cb6b7f891b6616ac33e57188bf8a35570bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:56:89:e1:f4:fd:00:58:c4:ac:b7:7d:19:c7:
47:93:10:60:65:7d:e7:cf:cb:95:1d:1d:21:93:87:
f5:2d:82:5d:68:b0:71:96:a4:27:8a:3f:de:97:4b:
4c:1e:52:21:3f:ed:9c:19:48:7e:6e:28:db:17:fe:
9f:41:75:a9:7c:c0:c5:dd:73:1a:1c:b2:b5:b4:39:
ce:e1:d0:2e:bd:a4:77:19:0c:9d:3d:87:ed:70:07:
dc:1f:98:dd:45:a2:27:c3:57:d1:08:c3:7f:9c:f9:
46:fd:1f:f2:a1:d1:82:d8:9c:8a:58:d6:ae:24:cb:
06:1f:df:4e:fb:a6:8e:63:5e:b6:43:f2:bc:4e:bb:
72:16:01:e9:32:f2:1a:d8:60:26:54:42:9f:da:b4:
d4:4d:a1:c6:1f:54:32:cf:7b:86:c7:c5:e5:8c:dc:
ac:7d:6b:c2:60:52:26:cc:78:2e:40:8b:e0:7b:8e:
c9:e9:b3:f2:2d:59:a6:b5:28:18:3d:89:df:81:fb:
73:3b:31:1d:de:07:1b:a7:90:13:37:60:be:94:1f:
34:34:01:12:d5:2c:4c:d7:a1:47:ee:3b:69:35:e6:
4f:78:3a:81:7c:2e:9b:99:cf:d8:48:7f:44:2a:6b:
1e:74:3c:b8:46:f2:0b:a8:90:c3:b6:09:47:b0:b5:
45:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:15:CB:6B:7F:89:1B:66:16:AC:33:E5:71:88:BF:8A:35:57:0B:F0
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1hXLa3-JG2YWrDPlcYi_ijVXC_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e7:d6:54:01:01:6f:bb:65:6e:db:d5:d3:83:f5:bd:43:b7:
bf:31:aa:99:cb:32:97:db:93:c7:1b:d7:e8:1f:86:d7:4f:3e:
ba:ef:83:50:ca:22:91:a2:52:6d:71:6a:5b:ac:b1:4d:26:91:
2d:a0:f9:87:91:a5:7f:4d:c0:a7:4a:1b:fa:e3:af:b1:2e:4f:
64:61:f1:25:43:0d:b9:33:c4:7e:76:34:e1:6d:cb:33:56:a0:
b0:bb:79:31:0a:72:f3:2e:6d:46:b2:7c:0b:d9:19:41:15:3e:
d0:51:78:38:03:56:8f:c2:47:ca:01:e2:2a:ac:c8:a5:d8:96:
64:a3:3a:9d:63:82:7c:90:fe:36:c2:ce:7c:d6:7b:c7:cc:52:
5f:68:e3:2f:8e:27:1b:25:6a:e7:0d:1b:20:31:92:b2:45:fa:
74:5d:9b:53:51:74:56:40:f4:ec:7a:30:12:26:cf:a8:57:9d:
9e:fa:41:4d:b9:d8:44:31:db:d7:74:25:5f:a4:b8:81:03:87:
33:fd:dc:29:94:69:ca:7d:d5:fa:c8:21:e5:1b:81:bd:86:bd:
c4:50:9c:9c:f7:64:82:81:56:df:73:8a:47:76:d8:b7:d7:bd:
92:25:23:18:b0:50:3e:b5:18:38:5e:01:95:1d:ee:c5:a8:45:
70:45:e4:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlDxGP7HUYTtjSJdla4ixjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNzExMDcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE1Y2I2YjdmODkxYjY2MTZhYzMzZTU3MTg4YmY4YTM1NTcwYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFaJ4fT9AFjErLd9GcdHkxBgZX3n
z8uVHR0hk4f1LYJdaLBxlqQnij/el0tMHlIhP+2cGUh+bijbF/6fQXWpfMDF3XMa
HLK1tDnO4dAuvaR3GQydPYftcAfcH5jdRaInw1fRCMN/nPlG/R/yodGC2JyKWNau
JMsGH99O+6aOY162Q/K8TrtyFgHpMvIa2GAmVEKf2rTUTaHGH1Qyz3uGx8XljNys
fWvCYFImzHguQIvge47J6bPyLVmmtSgYPYnfgftzOzEd3gcbp5ATN2C+lB80NAES
1SxM16FH7jtpNeZPeDqBfC6bmc/YSH9EKmsedDy4RvILqJDDtglHsLVFqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNYVy2t/iRtmFqwz5XGIv4o1VwvwMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvMWhYTGEzLUpHMllXckRQbGNZaV9palZYQ19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0MA0GCSqGSIb3DQEBCwUAA4IBAQBz59ZUAQFvu2Vu29XT
g/W9Q7e/MaqZyzKX25PHG9foH4bXTz6674NQyiKRolJtcWpbrLFNJpEtoPmHkaV/
TcCnShv646+xLk9kYfElQw25M8R+djThbcszVqCwu3kxCnLzLm1GsnwL2RlBFT7Q
UXg4A1aPwkfKAeIqrMil2JZkozqdY4J8kP42ws581nvHzFJfaOMvjicbJWrnDRsg
MZKyRfp0XZtTUXRWQPTsejASJs+oV52e+kFNudhEMdvXdCVfpLiBA4cz/dwplGnK
fdX6yCHlG4G9hr3EUJyc92SCgVbfc4pHdti3172SJSMYsFA+tRg4XgGVHe7FqEVw
ReTo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:02 2024 by rpki-client on console-ams.rpki-client.org