Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/VHcQwSoGSlkiXBgj77VeteBYiOI.roa
File: VHcQwSoGSlkiXBgj77VeteBYiOI.roa (raw, json)
Hash identifier: IJWUlNAd8M7KfJrQIYzwr1iWxwJ+0D2U771AH9wEYiE=
Subject key identifier: 54:77:10:C1:2A:06:4A:59:22:5C:18:23:EF:B5:5E:B5:E0:58:88:E2
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 01856C6EE778837D493E7C42F4156D38F5A7
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/VHcQwSoGSlkiXBgj77VeteBYiOI.roa
Signing time: Sun 01 Jan 2023 08:24:45 +0000
ROA not before: Sun 01 Jan 2023 08:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e7:78:83:7d:49:3e:7c:42:f4:15:6d:38:f5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 08:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=547710c12a064a59225c1823efb55eb5e05888e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:08:aa:34:9c:49:10:10:f9:f0:75:a0:c2:37:
07:1d:5f:d9:6a:64:f0:de:b7:78:9a:7e:8d:c8:6a:
c9:13:43:f7:63:51:e5:3c:59:9c:b3:a3:f7:22:f2:
29:b3:8f:d7:a3:c6:da:e5:f9:9f:c8:29:b5:c1:5a:
8f:23:b6:ad:0a:db:73:56:3c:f5:6f:f2:d0:69:cc:
a8:d1:32:47:77:62:60:55:0c:97:3d:b4:60:6a:5e:
d1:64:96:e0:01:20:2a:2e:54:6a:2b:d5:df:5d:79:
3c:74:4f:1e:de:67:9b:04:d2:01:bd:3a:42:53:74:
e2:f0:02:37:7a:36:fb:9f:c5:3a:1b:0f:49:60:aa:
e1:8c:06:3b:ff:b4:dc:41:fc:be:3f:c0:55:92:9c:
64:d3:c1:7f:c2:42:62:93:c2:36:29:92:78:3e:35:
8a:5a:22:01:ad:57:75:35:50:7a:c2:02:94:ff:5a:
08:b8:1f:54:fd:6f:0f:ae:b6:47:e8:ce:05:77:3b:
b5:95:bb:f0:75:a7:6f:5a:d9:01:7b:c1:db:71:37:
00:dc:a8:89:b2:a1:9b:d5:15:30:20:27:77:df:40:
d9:50:8c:3d:93:95:60:4e:17:34:9d:d3:9c:1d:39:
8e:71:7a:2d:b0:19:64:a4:10:86:f2:4f:35:c4:61:
53:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:77:10:C1:2A:06:4A:59:22:5C:18:23:EF:B5:5E:B5:E0:58:88:E2
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/VHcQwSoGSlkiXBgj77VeteBYiOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:23:14:91:09:67:f7:e5:1c:ca:3d:05:d1:83:e6:4f:f2:4b:
b0:14:0b:ab:9e:1f:79:c8:e1:95:8e:18:a9:2f:3b:10:f9:a2:
69:2a:49:97:14:39:d8:8c:8c:7d:a6:da:ab:b9:49:50:fa:dc:
59:39:7e:1c:61:e0:23:65:25:ac:68:b4:a6:d6:d0:94:7a:09:
83:45:47:95:0d:81:56:34:d5:4d:5f:42:db:39:cb:56:43:0c:
54:5c:20:5d:64:0a:ad:72:54:0c:7d:93:fa:a4:15:a8:23:16:
6f:73:80:6b:f9:cf:07:06:33:6b:69:0a:89:db:32:28:74:df:
24:f0:8d:39:b3:37:30:12:e3:c2:8a:f8:e6:93:20:d8:05:cf:
25:03:94:ed:ae:4a:fe:a3:b3:ad:54:78:bd:9c:17:c3:6f:46:
2f:12:9e:bd:35:28:ea:b9:02:b3:eb:a9:b3:33:23:1c:b3:6b:
ae:41:91:c1:67:32:ac:88:c0:9c:05:a8:ee:91:a8:c4:51:51:
07:5d:d0:05:dd:ad:65:11:58:50:a1:49:2d:cd:91:dc:50:b3:
ee:e5:e1:80:fa:f2:d8:41:c0:26:4b:06:87:03:ee:62:a2:c9:
e6:5c:bc:cb:b0:58:69:2c:84:ed:54:c0:0a:5c:48:e4:6c:e4:
f7:f4:da:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsbud4g31JPnxC9BVtOPWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjMwMTAxMDgyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc3MTBjMTJhMDY0YTU5MjI1YzE4MjNlZmI1NWViNWUwNTg4OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAiqNJxJEBD58HWgwjcHHV/ZamTw
3rd4mn6NyGrJE0P3Y1HlPFmcs6P3IvIps4/Xo8ba5fmfyCm1wVqPI7atCttzVjz1
b/LQacyo0TJHd2JgVQyXPbRgal7RZJbgASAqLlRqK9XfXXk8dE8e3mebBNIBvTpC
U3Ti8AI3ejb7n8U6Gw9JYKrhjAY7/7TcQfy+P8BVkpxk08F/wkJik8I2KZJ4PjWK
WiIBrVd1NVB6wgKU/1oIuB9U/W8PrrZH6M4Fdzu1lbvwdadvWtkBe8HbcTcA3KiJ
sqGb1RUwICd330DZUIw9k5VgThc0ndOcHTmOcXotsBlkpBCG8k81xGFTVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFR3EMEqBkpZIlwYI++1XrXgWIjiMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvVkhjUXdTb0dTbGtpWEJnajc3VmV0ZUJZaU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUQsAwQC
uaHoMA0GCSqGSIb3DQEBCwUAA4IBAQBqIxSRCWf35RzKPQXRg+ZP8kuwFAurnh95
yOGVjhipLzsQ+aJpKkmXFDnYjIx9ptqruUlQ+txZOX4cYeAjZSWsaLSm1tCUegmD
RUeVDYFWNNVNX0LbOctWQwxUXCBdZAqtclQMfZP6pBWoIxZvc4Br+c8HBjNraQqJ
2zIodN8k8I05szcwEuPCivjmkyDYBc8lA5Ttrkr+o7OtVHi9nBfDb0YvEp69NSjq
uQKz66mzMyMcs2uuQZHBZzKsiMCcBajukajEUVEHXdAF3a1lEVhQoUktzZHcULPu
5eGA+vLYQcAmSwaHA+5iosnmXLzLsFhpLITtVMAKXEjkbOT39NpN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org