Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/h53w4HKe7tbbQYt4bcSOewSm_e4.roa
File: h53w4HKe7tbbQYt4bcSOewSm_e4.roa (raw, json)
Hash identifier: 4GnnAiizJgOUGXe+uppAV7oK56JS1oiAE5ipk3Sk1wg=
Subject key identifier: 87:9D:F0:E0:72:9E:EE:D6:DB:41:8B:78:6D:C4:8E:7B:04:A6:FD:EE
Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial: 018751902928AD83A28AF2714BE1DED80745
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/h53w4HKe7tbbQYt4bcSOewSm_e4.roa
Signing time: Wed 05 Apr 2023 13:16:54 +0000
ROA not before: Wed 05 Apr 2023 13:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.68.0.0/16 maxlen: 16
132.68.0.0/15 maxlen: 15
132.68.239.0/24 maxlen: 24
132.69.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Sun 07 May 2023 14:27:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:90:29:28:ad:83:a2:8a:f2:71:4b:e1:de:d8:07:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Validity
Not Before: Apr 5 13:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=879df0e0729eeed6db418b786dc48e7b04a6fdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:0b:19:72:6a:6a:b1:e3:c4:96:e1:01:35:
33:ee:32:64:81:57:c6:f7:6a:19:6c:4c:80:43:88:
89:2d:41:e7:1f:1d:1b:0b:ed:db:5c:9a:a3:b5:c9:
e5:d9:b5:ab:ab:af:63:8a:b5:7f:e2:b4:45:cf:11:
2f:75:f7:dd:20:21:13:f5:09:e9:fd:b9:1d:63:56:
fc:5b:f1:e6:8a:ce:8a:d0:1a:b1:82:41:54:ce:2b:
92:c7:bf:3b:1a:d0:a9:23:fd:83:37:1f:7d:96:29:
b8:c7:25:f8:d9:05:01:8c:bf:31:7c:d0:47:70:78:
0a:6a:ec:cc:20:fb:f0:75:1e:54:76:2e:e3:39:f4:
b5:a0:1a:c2:4c:2b:41:24:46:da:f0:0d:56:e3:47:
7b:22:95:ce:e6:83:b3:7d:b2:48:52:72:1b:5f:e8:
39:7d:9a:24:3c:e4:de:81:e1:a9:ec:8c:a1:56:62:
b4:2d:4d:07:0f:43:2c:44:6d:f9:33:38:61:08:5f:
b2:4b:4e:8a:e7:95:26:30:94:4e:02:7d:ee:e7:23:
22:76:cd:e7:51:08:b1:59:54:87:61:c6:7c:71:6c:
22:e9:86:f6:ce:1b:a8:93:4e:9a:12:bd:83:6a:cd:
c3:0b:d3:53:d1:36:7c:91:7c:af:ef:01:fe:d5:6b:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9D:F0:E0:72:9E:EE:D6:DB:41:8B:78:6D:C4:8E:7B:04:A6:FD:EE
X509v3 Authority Key Identifier:
keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/h53w4HKe7tbbQYt4bcSOewSm_e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.68.0.0/15
Signature Algorithm: sha256WithRSAEncryption
33:4d:8c:a1:bd:ec:91:60:32:14:5e:f2:c0:c9:36:2b:5f:97:
08:4a:d8:d4:46:c2:4b:be:be:66:5a:ae:ba:81:04:e9:00:2f:
04:74:18:94:61:97:24:81:33:c6:d8:38:36:65:33:aa:3a:5c:
0b:da:6f:96:d5:c9:43:cf:29:e4:02:81:1e:55:a8:9b:38:73:
8e:c8:65:f6:5e:4d:6c:74:32:4b:bd:ed:ad:a8:cd:df:31:29:
4b:64:42:c1:e3:cf:7a:54:8e:0d:20:d1:75:10:7b:27:2f:ec:
0b:52:4a:73:4b:be:7d:f9:d2:cd:e4:19:04:69:06:93:aa:23:
69:fb:e6:f1:53:b1:fd:5e:46:12:f2:93:97:a2:30:11:ac:48:
6a:0f:8f:7e:04:c5:cd:59:43:1b:c8:4f:11:76:29:56:4b:2a:
48:4b:40:f4:fb:e8:01:b8:d9:72:75:ca:28:63:f6:50:d9:9d:
5e:a5:16:54:a2:0c:f1:d6:4c:84:22:5e:da:de:59:c8:15:92:
df:b4:a1:ea:c8:bf:a9:6c:b2:bb:06:9f:fe:48:57:47:ae:a6:
d3:c0:b7:a6:ff:dd:da:40:6e:15:63:cf:7a:8a:6f:9a:47:ff:
41:54:32:32:7e:c0:2c:ba:36:85:c2:4c:c8:f6:29:3d:84:cb:
a1:c9:a3:db
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRkCkorYOiivJxS+He2AdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwNDA1MTMxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzlkZjBlMDcyOWVlZWQ2ZGI0MThiNzg2ZGM0OGU3YjA0YTZmZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzMLGXJqarHjxJbhATUz7jJkgVfG
92oZbEyAQ4iJLUHnHx0bC+3bXJqjtcnl2bWrq69jirV/4rRFzxEvdffdICET9Qnp
/bkdY1b8W/Hmis6K0BqxgkFUziuSx787GtCpI/2DNx99lim4xyX42QUBjL8xfNBH
cHgKauzMIPvwdR5Udi7jOfS1oBrCTCtBJEba8A1W40d7IpXO5oOzfbJIUnIbX+g5
fZokPOTegeGp7IyhVmK0LU0HD0MsRG35MzhhCF+yS06K55UmMJROAn3u5yMids3n
UQixWVSHYcZ8cWwi6Yb2zhuok06aEr2Das3DC9NT0TZ8kXyv7wH+1WvLiQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIed8OBynu7W20GLeG3EjnsEpv3uMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvaDUzdzRIS2U3dGJiUVl0NGJjU09ld1NtX2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2
LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ
KoZIhvcNAQELBQADggEBADNNjKG97JFgMhRe8sDJNitflwhK2NRGwku+vmZarrqB
BOkALwR0GJRhlySBM8bYODZlM6o6XAvab5bVyUPPKeQCgR5VqJs4c47IZfZeTWx0
Mku97a2ozd8xKUtkQsHjz3pUjg0g0XUQeycv7AtSSnNLvn350s3kGQRpBpOqI2n7
5vFTsf1eRhLyk5eiMBGsSGoPj34Exc1ZQxvITxF2KVZLKkhLQPT76AG42XJ1yihj
9lDZnV6lFlSiDPHWTIQiXtreWcgVkt+0oerIv6lssrsGn/5IV0euptPAt6b/3dpA
bhVjz3qKb5pH/0FUMjJ+wCy6NoXCTMj2KT2Ey6HJo9s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org