Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Hp5f5cekjdYO30KiuCVJGwNmDNs.roa
File: Hp5f5cekjdYO30KiuCVJGwNmDNs.roa (raw, json)
Hash identifier: 9QfgHqpoohGleTavzHS+2GBxjik5W4ARnXnpqroAwLo=
Subject key identifier: 1E:9E:5F:E5:C7:A4:8D:D6:0E:DF:42:A2:B8:25:49:1B:03:66:0C:DB
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 01856FF04554E3161DE2A79C84A23EA634AB
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Hp5f5cekjdYO30KiuCVJGwNmDNs.roa
Signing time: Mon 02 Jan 2023 00:44:55 +0000
ROA not before: Mon 02 Jan 2023 00:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60372
IP address blocks: 185.156.214.0/24 maxlen: 24
185.156.215.0/24 maxlen: 24
185.4.252.0/24 maxlen: 24
185.4.253.0/24 maxlen: 24
185.4.254.0/24 maxlen: 24
185.4.255.0/24 maxlen: 24
185.156.212.0/24 maxlen: 24
185.156.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Jun 2023 08:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:45:54:e3:16:1d:e2:a7:9c:84:a2:3e:a6:34:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Jan 2 00:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e9e5fe5c7a48dd60edf42a2b825491b03660cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:e6:28:d5:29:49:30:af:e2:4a:b4:d4:63:
cf:4d:1d:b5:3b:da:e6:51:13:bf:92:87:33:9c:01:
24:b8:f3:e8:72:28:cd:e5:40:e4:bf:88:c7:ad:1e:
1f:99:98:cc:52:52:5d:34:d5:3f:33:0f:6e:6c:b6:
64:03:47:20:75:fb:9b:f5:6a:8f:d7:f0:90:31:e5:
bc:c6:22:c1:0f:7b:ff:2f:0b:0a:57:3d:83:99:61:
f4:0d:3d:cb:4f:57:ea:ba:1c:15:5a:43:46:da:67:
9a:97:96:d2:91:9e:d0:45:4c:06:b4:2b:8f:23:6e:
d5:b5:bf:f5:39:cd:fe:b9:39:7e:e4:cc:71:7d:17:
e3:42:80:61:7a:2e:5b:18:e0:04:69:c6:5c:b5:6d:
61:85:c8:04:fd:55:33:11:1a:9a:ec:96:1d:4b:dd:
08:5b:8e:8c:73:0e:3d:8e:71:59:12:67:49:25:50:
aa:35:f5:f6:e3:c9:54:e2:ab:f5:78:09:c1:f2:1a:
7e:9d:0d:32:b1:b3:14:fb:f2:a8:55:0a:c8:eb:15:
d4:45:92:1e:e2:1b:f9:e0:e0:ef:ee:27:b7:bc:53:
ef:a7:b1:ca:c3:db:fa:7e:4b:51:fa:cc:1b:8b:f2:
4c:cb:50:a5:be:c4:90:e5:54:7f:2b:f4:a1:f1:ca:
95:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9E:5F:E5:C7:A4:8D:D6:0E:DF:42:A2:B8:25:49:1B:03:66:0C:DB
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Hp5f5cekjdYO30KiuCVJGwNmDNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.252.0/22
185.156.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:9e:c1:9b:f2:b8:da:a7:76:9f:ed:e5:09:e6:b6:3e:39:22:
9b:23:82:8a:e7:c5:70:2a:98:81:e8:70:d6:1e:e3:a8:ea:18:
b2:16:ef:35:4e:b5:37:69:38:1d:75:22:35:4e:d9:22:e6:81:
08:c0:bd:68:a3:85:a9:d1:4c:63:0d:6c:1f:f1:1b:fc:d7:93:
d4:b6:dc:fc:83:ed:6a:36:72:36:d5:c7:e3:e2:ff:ea:e3:bc:
53:88:dd:9a:da:de:61:62:80:a5:fa:81:f0:45:86:9c:01:24:
28:c3:a3:0f:7e:15:57:93:e1:a0:fe:55:3e:e8:19:a3:cb:1f:
a9:c4:1a:00:41:32:bd:e8:8d:5f:51:08:8d:0c:d5:5d:39:bb:
b0:c3:04:b2:c5:84:b1:82:0f:ab:01:0a:18:95:fd:60:b9:2b:
36:db:4a:4f:23:87:f0:70:5c:7e:82:10:15:7c:47:9a:db:03:
3a:34:2e:ad:96:a8:7d:86:f1:cb:7d:2a:56:a2:a6:40:f4:a9:
59:5d:73:f1:e5:6d:61:13:33:1e:f0:b6:16:16:d8:a7:a0:fb:
d1:6a:39:70:22:40:ed:e9:41:f5:94:d6:e4:dc:b1:57:e9:7b:
bc:38:4b:32:28:db:da:32:d0:15:9d:1f:1f:e4:e8:1e:4f:91:
df:8f:5e:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv8EVU4xYd4qechKI+pjSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjMwMTAyMDA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTllNWZlNWM3YTQ4ZGQ2MGVkZjQyYTJiODI1NDkxYjAzNjYwY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lvmKNUpSTCv4kq01GPPTR21O9rm
URO/kocznAEkuPPocijN5UDkv4jHrR4fmZjMUlJdNNU/Mw9ubLZkA0cgdfub9WqP
1/CQMeW8xiLBD3v/LwsKVz2DmWH0DT3LT1fquhwVWkNG2meal5bSkZ7QRUwGtCuP
I27Vtb/1Oc3+uTl+5MxxfRfjQoBhei5bGOAEacZctW1hhcgE/VUzERqa7JYdS90I
W46Mcw49jnFZEmdJJVCqNfX248lU4qv1eAnB8hp+nQ0ysbMU+/KoVQrI6xXURZIe
4hv54ODv7ie3vFPvp7HKw9v6fktR+swbi/JMy1ClvsSQ5VR/K/Sh8cqV/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6eX+XHpI3WDt9CorglSRsDZgzbMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEvSHA1ZjVjZWtqZFlPMzBLaXVDVkpHd05tRE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQT8AwQC
uZzUMA0GCSqGSIb3DQEBCwUAA4IBAQBKnsGb8rjap3af7eUJ5rY+OSKbI4KK58Vw
KpiB6HDWHuOo6hiyFu81TrU3aTgddSI1Ttki5oEIwL1oo4Wp0UxjDWwf8Rv815PU
ttz8g+1qNnI21cfj4v/q47xTiN2a2t5hYoCl+oHwRYacASQow6MPfhVXk+Gg/lU+
6Bmjyx+pxBoAQTK96I1fUQiNDNVdObuwwwSyxYSxgg+rAQoYlf1guSs220pPI4fw
cFx+ghAVfEea2wM6NC6tlqh9hvHLfSpWoqZA9KlZXXPx5W1hEzMe8LYWFtinoPvR
ajlwIkDt6UH1lNbk3LFX6Xu8OEsyKNvaMtAVnR8f5OgeT5Hfj157
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:18 2024 by rpki-client on console-ams.rpki-client.org