Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/1Nf2aR7aA_jDy5B_ELIyWPjcSHM.roa
File: 1Nf2aR7aA_jDy5B_ELIyWPjcSHM.roa (raw, json)
Hash identifier: h3OTJj1sgY3yxGSMYYnHMZLHFQVOpJYBMynhi4D1fsk=
Subject key identifier: D4:D7:F6:69:1E:DA:03:F8:C3:CB:90:7F:10:B2:32:58:F8:DC:48:73
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 018B572A0EC916FA24E6B94783F5098CD871
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/1Nf2aR7aA_jDy5B_ELIyWPjcSHM.roa
Signing time: Sun 22 Oct 2023 11:34:15 +0000
ROA not before: Sun 22 Oct 2023 11:34:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212216
IP address blocks: 195.28.10.0/24 maxlen: 24
195.28.168.0/24 maxlen: 24
185.73.226.0/24 maxlen: 32
80.249.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 01:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:57:2a:0e:c9:16:fa:24:e6:b9:47:83:f5:09:8c:d8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Oct 22 11:34:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4d7f6691eda03f8c3cb907f10b23258f8dc4873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:89:8a:2b:17:20:80:49:19:a8:af:7a:ee:
39:62:b1:29:6c:c8:f8:7b:c6:89:a3:ae:22:b6:ee:
b6:ba:e8:04:01:c7:ae:ec:48:a4:3d:fe:4e:74:d9:
6d:17:63:a3:ee:ee:15:e1:6f:9c:84:63:cf:1d:b1:
97:e1:4e:9d:e4:aa:db:ef:77:34:77:86:b4:3d:11:
a9:b9:32:eb:c1:98:ad:4e:18:bb:ea:ea:7f:74:a5:
f8:4c:06:9d:f7:a3:2a:4d:5e:eb:f9:b4:a2:36:10:
1d:49:05:93:0b:fc:f4:95:ac:c1:9a:65:19:f1:d9:
da:55:4b:fe:34:6d:f7:61:0b:25:32:0c:6a:41:51:
c4:cb:7e:a8:6c:12:17:e0:84:06:19:e5:0f:c1:44:
5f:51:fc:f9:aa:c5:16:4e:e3:54:1b:ed:f8:27:83:
16:a1:70:e3:bd:f3:be:80:06:9f:10:d0:d3:54:10:
09:09:a7:d0:ec:91:2b:b9:ed:86:eb:41:0b:e7:e6:
d3:a7:6c:bd:b8:df:fa:ba:ac:a7:fa:a8:41:3a:3c:
cd:84:75:b7:3d:7f:43:c0:76:54:ba:f1:8f:4a:be:
b4:c3:f3:ee:1d:45:f4:f5:31:67:c0:9e:04:14:d0:
75:25:48:81:64:7b:e4:cc:19:fa:e0:71:dc:0a:1c:
a5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D7:F6:69:1E:DA:03:F8:C3:CB:90:7F:10:B2:32:58:F8:DC:48:73
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/1Nf2aR7aA_jDy5B_ELIyWPjcSHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.115.0/24
185.73.226.0/24
195.28.10.0/24
195.28.168.0/24
Signature Algorithm: sha256WithRSAEncryption
09:06:f4:68:74:bb:e8:47:63:56:71:89:49:9a:c8:25:d1:2d:
0c:f6:3e:14:32:9e:0d:76:1c:1e:a2:9a:a1:06:b8:cc:3c:ab:
0e:78:8d:58:29:c6:c9:a4:aa:ad:32:40:92:1a:f9:ab:5a:bf:
cc:08:a2:30:17:6d:11:55:d0:12:be:12:39:50:9c:ca:7b:c3:
ca:f4:86:1e:32:2c:6c:e1:9e:3d:4d:43:b1:14:07:4b:73:2b:
f7:52:ba:a1:a3:18:30:5f:e4:6e:43:74:64:c7:c5:f7:67:1c:
95:15:c9:41:fc:59:18:b9:2a:40:85:f8:5d:e3:9c:40:6f:78:
be:db:37:7e:87:93:9a:14:ce:83:11:8c:1f:08:2d:3b:14:73:
65:28:75:d6:f6:e0:48:56:0c:eb:65:d8:2f:d7:ea:ac:6d:ef:
77:5b:20:a8:6e:41:8a:bf:5e:46:ea:b8:fa:27:51:49:38:a4:
a3:6a:1b:92:b6:b4:d3:b8:db:fc:c9:7f:05:03:ca:90:90:47:
86:29:5d:f6:b6:06:2a:7a:a4:60:37:9b:5a:15:f7:22:5c:87:
6e:a6:3d:10:74:85:20:6a:a9:de:69:44:64:0e:55:35:ee:aa:
14:ec:ee:da:4d:2c:b5:fb:a7:11:32:17:67:42:e1:cf:18:65:
da:ac:1a:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtXKg7JFvok5rlHg/UJjNhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjMxMDIyMTEzNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ3ZjY2OTFlZGEwM2Y4YzNjYjkwN2YxMGIyMzI1OGY4ZGM0ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdqJiisXIIBJGaiveu45YrEpbMj4
e8aJo64itu62uugEAceu7EikPf5OdNltF2Oj7u4V4W+chGPPHbGX4U6d5Krb73c0
d4a0PRGpuTLrwZitThi76up/dKX4TAad96MqTV7r+bSiNhAdSQWTC/z0lazBmmUZ
8dnaVUv+NG33YQslMgxqQVHEy36obBIX4IQGGeUPwURfUfz5qsUWTuNUG+34J4MW
oXDjvfO+gAafENDTVBAJCafQ7JErue2G60EL5+bTp2y9uN/6uqyn+qhBOjzNhHW3
PX9DwHZUuvGPSr60w/PuHUX09TFnwJ4EFNB1JUiBZHvkzBn64HHcChylUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNTX9mke2gP4w8uQfxCyMlj43EhzMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvMU5mMmFSN2FBX2pEeTVCX0VMSXlXUGpjU0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPlzAwQA
uUniAwQAwxwKAwQAwxyoMA0GCSqGSIb3DQEBCwUAA4IBAQAJBvRodLvoR2NWcYlJ
msgl0S0M9j4UMp4NdhweopqhBrjMPKsOeI1YKcbJpKqtMkCSGvmrWr/MCKIwF20R
VdASvhI5UJzKe8PK9IYeMixs4Z49TUOxFAdLcyv3UrqhoxgwX+RuQ3Rkx8X3ZxyV
FclB/FkYuSpAhfhd45xAb3i+2zd+h5OaFM6DEYwfCC07FHNlKHXW9uBIVgzrZdgv
1+qsbe93WyCobkGKv15G6rj6J1FJOKSjahuStrTTuNv8yX8FA8qQkEeGKV32tgYq
eqRgN5taFfciXIdupj0QdIUgaqneaURkDlU17qoU7O7aTSy1+6cRMhdnQuHPGGXa
rBrM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:23 2024 by rpki-client on console-fra.rpki-client.org