Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6a01b7-a4ed-4b71-80b6-cd392b0dedcf/1/hqD-KHMfAn1ZdQvL81erxdO7Fy0.roa
File: hqD-KHMfAn1ZdQvL81erxdO7Fy0.roa (raw, json)
Hash identifier: W4NN8NrUI9yYpmePwu/m0L7iEIWh6Ijwy/kVfpoX+J4=
Subject key identifier: 86:A0:FE:28:73:1F:02:7D:59:75:0B:CB:F3:57:AB:C5:D3:BB:17:2D
Certificate issuer: /CN=1f88b5e93522b898e76f45f478443c348f57b916
Certificate serial: 018CAAE389C5528890AB0B27E8CF35EE7953
Authority key identifier: 1F:88:B5:E9:35:22:B8:98:E7:6F:45:F4:78:44:3C:34:8F:57:B9:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4i16TUiuJjnb0X0eEQ8NI9XuRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6a01b7-a4ed-4b71-80b6-cd392b0dedcf/1/hqD-KHMfAn1ZdQvL81erxdO7Fy0.roa
Signing time: Wed 27 Dec 2023 10:48:07 +0000
ROA not before: Wed 27 Dec 2023 10:48:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50366
IP address blocks: 109.95.138.0/24 maxlen: 24
109.95.137.0/24 maxlen: 24
109.95.136.0/24 maxlen: 24
109.95.139.0/24 maxlen: 24
109.95.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:e3:89:c5:52:88:90:ab:0b:27:e8:cf:35:ee:79:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f88b5e93522b898e76f45f478443c348f57b916
Validity
Not Before: Dec 27 10:48:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86a0fe28731f027d59750bcbf357abc5d3bb172d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:56:65:e7:ce:f2:98:e1:52:fd:56:ea:c2:e5:
5c:5e:a7:15:fb:b8:23:4b:70:bb:f1:24:76:71:7a:
16:73:83:28:55:39:b9:ef:34:e0:40:90:9a:c3:33:
ff:c9:62:bd:ee:b5:86:17:13:6c:71:f6:47:9b:63:
f2:3e:9f:26:03:d1:d7:80:1b:97:cc:3c:cf:18:83:
be:e4:64:92:3f:6a:f8:51:76:7f:14:7e:a1:15:a5:
15:f0:e9:ed:05:ec:73:ed:72:a8:85:48:27:19:74:
15:28:33:b1:51:1e:54:a2:93:e5:da:90:23:6d:60:
66:fb:04:64:ea:2e:99:80:28:77:bc:e8:0d:4d:ad:
a0:a1:59:44:29:f5:1a:eb:0f:16:c8:ef:93:07:d8:
76:8b:aa:b1:3e:d5:30:89:5f:9e:3b:ba:e4:a4:af:
1a:31:82:4c:5e:7f:53:14:39:9d:c9:b9:fa:f0:7b:
3e:2d:5f:f2:d6:39:24:9b:64:84:1c:3b:55:7e:2f:
cc:7b:fd:ff:07:73:75:b8:8c:99:b7:34:51:09:53:
57:48:13:7e:5c:d0:28:28:bd:08:1f:e7:c2:72:28:
01:50:24:19:e4:ab:f9:78:1f:aa:c9:f5:fc:c3:3a:
34:c6:29:72:e4:c3:f7:ea:9f:0b:af:b9:1f:89:11:
f5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A0:FE:28:73:1F:02:7D:59:75:0B:CB:F3:57:AB:C5:D3:BB:17:2D
X509v3 Authority Key Identifier:
keyid:1F:88:B5:E9:35:22:B8:98:E7:6F:45:F4:78:44:3C:34:8F:57:B9:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4i16TUiuJjnb0X0eEQ8NI9XuRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6a01b7-a4ed-4b71-80b6-cd392b0dedcf/1/hqD-KHMfAn1ZdQvL81erxdO7Fy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6a01b7-a4ed-4b71-80b6-cd392b0dedcf/1/H4i16TUiuJjnb0X0eEQ8NI9XuRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.136.0-109.95.140.255
Signature Algorithm: sha256WithRSAEncryption
97:fe:5b:fa:2b:89:a3:c3:76:7f:54:7d:2b:76:25:5c:ec:0d:
dc:2d:a0:ad:c8:2b:3a:ba:49:cc:8c:10:a3:e1:4f:3b:39:23:
39:40:11:43:e9:4c:88:ba:85:61:fd:7b:68:f0:e8:51:cd:3a:
39:af:11:46:d8:13:63:5b:bf:18:d6:38:90:d5:99:7b:ff:50:
f8:a7:63:2f:0b:91:57:a1:57:88:bc:e5:29:5e:10:d5:a3:77:
01:b0:d6:c4:70:19:5d:72:e3:76:55:12:2e:23:81:07:0a:a6:
95:b0:ba:9a:2f:da:15:30:68:23:cc:8b:3a:5a:de:4b:58:f3:
91:8f:08:3d:7b:7b:e5:a3:88:d1:8c:ed:33:36:7c:07:4a:fd:
6f:36:39:3c:69:49:e5:f3:46:75:b6:9b:c1:86:cf:e8:96:aa:
21:d0:5c:c9:5f:bc:aa:35:1d:db:4a:4e:74:ce:1d:98:3f:ea:
d7:df:ad:ca:f9:5a:7c:82:3d:be:0c:f5:14:b3:b7:c3:19:a1:
64:c4:7e:f3:38:8a:e2:42:36:dc:01:08:d3:e5:99:e4:c9:c3:
11:18:95:d0:89:e9:ef:a2:72:db:2b:95:93:bd:e0:cf:dd:72:
53:f8:25:d6:1c:2b:a9:a6:71:40:ac:13:dc:d8:25:41:fe:42:
d1:35:4d:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyq44nFUoiQqwsn6M817nlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODhiNWU5MzUyMmI4OThlNzZmNDVmNDc4NDQzYzM0OGY1
N2I5MTYwHhcNMjMxMjI3MTA0ODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmEwZmUyODczMWYwMjdkNTk3NTBiY2JmMzU3YWJjNWQzYmIxNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVZl587ymOFS/VbqwuVcXqcV+7gj
S3C78SR2cXoWc4MoVTm57zTgQJCawzP/yWK97rWGFxNscfZHm2PyPp8mA9HXgBuX
zDzPGIO+5GSSP2r4UXZ/FH6hFaUV8OntBexz7XKohUgnGXQVKDOxUR5UopPl2pAj
bWBm+wRk6i6ZgCh3vOgNTa2goVlEKfUa6w8WyO+TB9h2i6qxPtUwiV+eO7rkpK8a
MYJMXn9TFDmdybn68Hs+LV/y1jkkm2SEHDtVfi/Me/3/B3N1uIyZtzRRCVNXSBN+
XNAoKL0IH+fCcigBUCQZ5Kv5eB+qyfX8wzo0xily5MP36p8Lr7kfiRH1lQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIag/ihzHwJ9WXULy/NXq8XTuxctMB8GA1UdIwQY
MBaAFB+Itek1IriY529F9HhEPDSPV7kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRpMTZUVWl1SmpuYjBYMGVFUThOSTlYdVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82YTAxYjctYTRlZC00YjcxLTgwYjYt
Y2QzOTJiMGRlZGNmLzEvaHFELUtITWZBbjFaZFF2TDgxZXJ4ZE83RnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82YTAxYjctYTRlZC00YjcxLTgwYjYtY2QzOTJiMGRlZGNm
LzEvSDRpMTZUVWl1SmpuYjBYMGVFUThOSTlYdVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANtX4gD
BABtX4wwDQYJKoZIhvcNAQELBQADggEBAJf+W/oriaPDdn9UfSt2JVzsDdwtoK3I
Kzq6ScyMEKPhTzs5IzlAEUPpTIi6hWH9e2jw6FHNOjmvEUbYE2NbvxjWOJDVmXv/
UPinYy8LkVehV4i85SleENWjdwGw1sRwGV1y43ZVEi4jgQcKppWwupov2hUwaCPM
izpa3ktY85GPCD17e+WjiNGM7TM2fAdK/W82OTxpSeXzRnW2m8GGz+iWqiHQXMlf
vKo1HdtKTnTOHZg/6tffrcr5WnyCPb4M9RSzt8MZoWTEfvM4iuJCNtwBCNPlmeTJ
wxEYldCJ6e+ictsrlZO94M/dclP4JdYcK6mmcUCsE9zYJUH+QtE1TVI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:21 2024 by rpki-client on console-ams.rpki-client.org