Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/H8nwm2nDJWLHeJL9hH6PCnJ1ACY.roa
File: H8nwm2nDJWLHeJL9hH6PCnJ1ACY.roa (raw, json)
Hash identifier: kfDxVpDmbSDoHV5mUB5cP2jNTxSEXPaRGND2/U8+4Eg=
Subject key identifier: 1F:C9:F0:9B:69:C3:25:62:C7:78:92:FD:84:7E:8F:0A:72:75:00:26
Certificate issuer: /CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
Certificate serial: 018D41AC0F4640CDDD76C030B1A97C230DBA
Authority key identifier: 37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/H8nwm2nDJWLHeJL9hH6PCnJ1ACY.roa
Signing time: Thu 25 Jan 2024 17:30:11 +0000
ROA not before: Thu 25 Jan 2024 17:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203576
IP address blocks: 5.252.96.0/24 maxlen: 32
5.252.97.0/24 maxlen: 32
5.252.99.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Mar 2024 20:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:ac:0f:46:40:cd:dd:76:c0:30:b1:a9:7c:23:0d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37d27fc24443fcdd4b1b65cfc8078c4a14289f9e
Validity
Not Before: Jan 25 17:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc9f09b69c32562c77892fd847e8f0a72750026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:36:6a:f7:59:ef:c3:48:f8:2c:1d:a5:a1:33:
b1:6f:48:9b:3b:6c:5c:4e:fe:be:a3:34:e1:15:df:
75:b2:a7:d3:97:69:42:2a:7d:7c:4a:3b:a8:87:bd:
f9:66:a7:d3:d6:8c:db:bc:ee:ea:c6:b7:59:e0:57:
34:45:f3:6f:e3:75:ad:e3:3c:1e:ab:7f:c5:b9:69:
f8:2c:5a:4c:7d:a2:f9:37:b7:48:f5:40:28:6b:4d:
a1:bd:54:ee:0d:75:50:f5:82:08:dd:70:da:80:d6:
f4:6a:36:9c:13:b8:d1:1d:ca:6a:9a:99:d8:61:ea:
4c:b9:e8:27:21:32:59:3b:27:49:8c:46:e3:07:20:
12:4c:1e:e5:00:b4:e8:26:5d:34:a9:d6:95:8f:4f:
d4:b7:5e:d7:21:a5:47:c0:9d:92:2a:69:56:d3:71:
85:20:34:08:6a:d8:be:6c:c5:ba:9f:f5:e0:f7:bf:
20:26:8a:d5:56:a2:7e:dc:37:97:38:30:5f:4b:3a:
b0:c3:26:d4:61:bf:ee:22:81:9b:09:f6:7e:63:4c:
cf:31:95:c3:9a:a3:fd:6f:df:0d:64:34:41:cb:f7:
db:ab:b3:3f:8e:6f:4e:c3:03:85:da:c4:ae:2c:8a:
32:97:e8:f9:99:95:19:98:cf:5f:6a:37:42:f5:86:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C9:F0:9B:69:C3:25:62:C7:78:92:FD:84:7E:8F:0A:72:75:00:26
X509v3 Authority Key Identifier:
keyid:37:D2:7F:C2:44:43:FC:DD:4B:1B:65:CF:C8:07:8C:4A:14:28:9F:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9J_wkRD_N1LG2XPyAeMShQon54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/H8nwm2nDJWLHeJL9hH6PCnJ1ACY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d8c58d-8d24-4280-91fd-48b1664d40d5/1/N9J_wkRD_N1LG2XPyAeMShQon54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.96.0/23
5.252.99.0/24
Signature Algorithm: sha256WithRSAEncryption
03:72:16:8f:3a:7b:19:5e:82:9f:1c:5f:a6:47:a6:bb:7b:14:
ee:48:a8:7f:f7:ba:6f:39:bf:d2:1a:30:85:20:4b:f4:f6:f4:
84:19:51:ee:db:4e:80:be:8a:b7:22:f9:8d:e1:ed:9e:a6:a5:
ef:f9:2c:14:78:c5:00:a2:0e:b9:c4:5a:4f:ce:7f:f1:f1:8b:
8d:0d:ec:09:93:bb:b6:33:72:3a:9c:2e:d6:bf:96:75:21:8b:
e0:80:bb:70:37:69:ab:55:e1:3f:38:ba:5b:69:2a:26:e2:f3:
84:3a:45:1f:27:a9:ae:5b:73:93:43:b1:69:4e:01:c8:9d:68:
a7:83:cb:af:7b:d4:42:70:c6:16:45:35:54:dd:d9:af:16:48:
e4:7c:b7:a6:27:a5:a2:67:1d:44:1e:78:24:35:d4:51:80:9f:
97:80:f4:ae:96:39:36:a3:ec:f9:15:ef:1b:ea:ca:f5:8c:7f:
ee:d7:1b:39:b0:f7:9c:81:4b:24:e1:2c:e8:e4:35:e2:b3:02:
79:6b:34:10:f5:ea:d9:e6:2a:d5:e4:46:6c:98:22:10:ef:ad:
1e:13:58:3b:70:4c:15:90:a1:15:90:c9:90:2b:30:70:c5:38:
8c:4e:05:4b:8f:fa:33:ca:c1:01:a8:21:8e:75:98:03:5a:57:
c6:52:1e:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1BrA9GQM3ddsAwsal8Iw26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZDI3ZmMyNDQ0M2ZjZGQ0YjFiNjVjZmM4MDc4YzRhMTQy
ODlmOWUwHhcNMjQwMTI1MTczMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM5ZjA5YjY5YzMyNTYyYzc3ODkyZmQ4NDdlOGYwYTcyNzUwMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTZq91nvw0j4LB2loTOxb0ibO2xc
Tv6+ozThFd91sqfTl2lCKn18Sjuoh735ZqfT1ozbvO7qxrdZ4Fc0RfNv43Wt4zwe
q3/FuWn4LFpMfaL5N7dI9UAoa02hvVTuDXVQ9YII3XDagNb0ajacE7jRHcpqmpnY
YepMuegnITJZOydJjEbjByASTB7lALToJl00qdaVj0/Ut17XIaVHwJ2SKmlW03GF
IDQIati+bMW6n/Xg978gJorVVqJ+3DeXODBfSzqwwybUYb/uIoGbCfZ+Y0zPMZXD
mqP9b98NZDRBy/fbq7M/jm9OwwOF2sSuLIoyl+j5mZUZmM9fajdC9Yb4CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB/J8JtpwyVix3iS/YR+jwpydQAmMB8GA1UdIwQY
MBaAFDfSf8JEQ/zdSxtlz8gHjEoUKJ+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjlKX3drUkRfTjFMRzJYUHlBZU1TaFFvbjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOGM1OGQtOGQyNC00MjgwLTkxZmQt
NDhiMTY2NGQ0MGQ1LzEvSDhud20ybkRKV0xIZUpMOWhINlBDbkoxQUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOGM1OGQtOGQyNC00MjgwLTkxZmQtNDhiMTY2NGQ0MGQ1
LzEvTjlKX3drUkRfTjFMRzJYUHlBZU1TaFFvbjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBfxgAwQA
BfxjMA0GCSqGSIb3DQEBCwUAA4IBAQADchaPOnsZXoKfHF+mR6a7exTuSKh/97pv
Ob/SGjCFIEv09vSEGVHu206Avoq3IvmN4e2epqXv+SwUeMUAog65xFpPzn/x8YuN
DewJk7u2M3I6nC7Wv5Z1IYvggLtwN2mrVeE/OLpbaSom4vOEOkUfJ6muW3OTQ7Fp
TgHInWing8uve9RCcMYWRTVU3dmvFkjkfLemJ6WiZx1EHngkNdRRgJ+XgPSuljk2
o+z5Fe8b6sr1jH/u1xs5sPecgUsk4Szo5DXiswJ5azQQ9erZ5irV5EZsmCIQ760e
E1g7cEwVkKEVkMmQKzBwxTiMTgVLj/ozysEBqCGOdZgDWlfGUh6v
-----END CERTIFICATE-----
Generated at Mon Mar 25 23:33:21 2024 by rpki-client on console.sobornost.net