Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ac51b2-ad16-4529-8f82-453d37b4921c/1/HT72MEfGoLQQWN7kHSK_yKAcBLQ.roa
File: HT72MEfGoLQQWN7kHSK_yKAcBLQ.roa (raw, json)
Hash identifier: yIX/ndupgLPfdO4KuDXw8yJg/FGJMSM2wm1JOt6WnzA=
Subject key identifier: 1D:3E:F6:30:47:C6:A0:B4:10:58:DE:E4:1D:22:BF:C8:A0:1C:04:B4
Certificate issuer: /CN=fef7fd5710ae5a473e158dc3fd6c8f17efa3e55b
Certificate serial: 01889EC63109B8A4C8F0B98F2BE8120E75B8
Authority key identifier: FE:F7:FD:57:10:AE:5A:47:3E:15:8D:C3:FD:6C:8F:17:EF:A3:E5:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vf9VxCuWkc-FY3D_WyPF--j5Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ac51b2-ad16-4529-8f82-453d37b4921c/1/HT72MEfGoLQQWN7kHSK_yKAcBLQ.roa
Signing time: Fri 09 Jun 2023 06:09:28 +0000
ROA not before: Fri 09 Jun 2023 06:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210671
IP address blocks: 85.92.119.0/24 maxlen: 24
194.48.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:c6:31:09:b8:a4:c8:f0:b9:8f:2b:e8:12:0e:75:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef7fd5710ae5a473e158dc3fd6c8f17efa3e55b
Validity
Not Before: Jun 9 06:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d3ef63047c6a0b41058dee41d22bfc8a01c04b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:17:3b:3f:61:1d:ee:b1:a0:3b:a5:ea:e5:ea:
0d:d4:5f:67:df:f5:88:06:ff:75:e4:ba:d9:ad:db:
f8:2d:c4:bb:23:3d:f1:c0:cf:54:da:9b:02:67:16:
6a:aa:b1:dc:5e:2f:21:de:1a:be:9c:4b:6b:d8:22:
a1:9d:51:f6:dc:5a:5d:40:39:1e:ea:02:13:1c:ec:
c4:f2:bb:31:72:a7:76:d2:9d:31:40:90:c6:25:44:
21:39:10:18:c1:1c:98:f8:06:b4:aa:dd:f3:e0:00:
7c:4e:91:6f:2f:5a:0c:58:74:99:9e:4d:6f:30:bf:
e8:67:25:aa:b2:e6:39:d3:a9:c1:3a:a0:e3:3f:98:
f1:96:fd:34:89:71:1f:35:9c:7f:e9:74:49:d6:14:
c3:62:12:34:09:1d:e3:cc:b4:18:9d:1a:6a:40:3a:
48:b3:75:e1:2d:a4:31:32:5d:ce:e4:e4:25:dd:e7:
32:20:0e:ff:ea:f3:34:e4:9e:48:96:63:7f:ca:f6:
7b:e0:fd:e8:3c:49:7c:bc:1d:e5:7b:fe:e2:fa:b0:
11:fa:b7:33:97:1f:14:1f:b4:87:d7:a0:84:c2:4f:
5d:ff:33:03:8b:9b:22:d7:1f:d1:9e:39:6b:76:dd:
fd:4a:f3:56:48:91:27:c4:f3:d0:e6:fc:5e:82:9f:
30:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3E:F6:30:47:C6:A0:B4:10:58:DE:E4:1D:22:BF:C8:A0:1C:04:B4
X509v3 Authority Key Identifier:
keyid:FE:F7:FD:57:10:AE:5A:47:3E:15:8D:C3:FD:6C:8F:17:EF:A3:E5:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vf9VxCuWkc-FY3D_WyPF--j5Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ac51b2-ad16-4529-8f82-453d37b4921c/1/HT72MEfGoLQQWN7kHSK_yKAcBLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ac51b2-ad16-4529-8f82-453d37b4921c/1/_vf9VxCuWkc-FY3D_WyPF--j5Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.119.0/24
194.48.211.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d9:11:72:ab:bb:5d:19:63:4f:eb:10:bb:be:c9:d7:58:dd:
57:58:f7:d6:75:ad:17:8b:33:13:46:1f:b1:c3:98:7d:14:4c:
04:31:62:0e:ce:70:2d:12:05:08:b3:13:a8:47:3d:5c:65:66:
1e:4d:f0:45:e9:de:50:19:7a:09:f1:23:32:90:e5:ff:2a:1f:
2e:84:d9:58:e2:9a:8f:13:a1:df:9a:f9:5e:60:c1:65:b6:b0:
43:53:86:96:e1:08:07:5c:5a:a9:df:0d:fd:48:6d:b7:08:80:
59:c7:0b:47:02:db:41:64:1c:da:37:14:ae:f3:38:86:95:bb:
aa:f2:6d:15:6b:9f:33:71:28:c9:cc:87:55:f4:00:d7:76:58:
07:b8:54:ef:c8:8b:6a:76:46:ff:60:81:20:9a:e5:72:fd:ad:
9b:80:be:40:9b:10:04:9e:fc:84:13:8d:e1:48:76:e3:9e:33:
f8:74:1f:7f:46:31:ed:40:e7:32:26:97:d6:4a:d4:6f:9f:bb:
08:cc:36:a4:bf:25:87:6b:e9:c7:61:68:34:8c:81:75:63:27:
7e:33:14:fd:46:1d:b7:e6:b6:a1:4f:c3:21:1e:2f:46:42:a1:
8c:31:19:02:71:02:d3:71:c8:ba:1b:b9:47:28:b7:aa:fa:7e:
61:ee:04:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiexjEJuKTI8LmPK+gSDnW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjdmZDU3MTBhZTVhNDczZTE1OGRjM2ZkNmM4ZjE3ZWZh
M2U1NWIwHhcNMjMwNjA5MDYwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNlZjYzMDQ3YzZhMGI0MTA1OGRlZTQxZDIyYmZjOGEwMWMwNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxc7P2Ed7rGgO6Xq5eoN1F9n3/WI
Bv915LrZrdv4LcS7Iz3xwM9U2psCZxZqqrHcXi8h3hq+nEtr2CKhnVH23FpdQDke
6gITHOzE8rsxcqd20p0xQJDGJUQhORAYwRyY+Aa0qt3z4AB8TpFvL1oMWHSZnk1v
ML/oZyWqsuY506nBOqDjP5jxlv00iXEfNZx/6XRJ1hTDYhI0CR3jzLQYnRpqQDpI
s3XhLaQxMl3O5OQl3ecyIA7/6vM05J5IlmN/yvZ74P3oPEl8vB3le/7i+rAR+rcz
lx8UH7SH16CEwk9d/zMDi5si1x/Rnjlrdt39SvNWSJEnxPPQ5vxegp8wzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0+9jBHxqC0EFje5B0iv8igHAS0MB8GA1UdIwQY
MBaAFP73/VcQrlpHPhWNw/1sjxfvo+VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZmOVZ4Q3VXa2MtRlkzRF9XeVBGLS1qNVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9hYzUxYjItYWQxNi00NTI5LThmODIt
NDUzZDM3YjQ5MjFjLzEvSFQ3Mk1FZkdvTFFRV043a0hTS195S0FjQkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9hYzUxYjItYWQxNi00NTI5LThmODItNDUzZDM3YjQ5MjFj
LzEvX3ZmOVZ4Q3VXa2MtRlkzRF9XeVBGLS1qNVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVVx3AwQA
wjDTMA0GCSqGSIb3DQEBCwUAA4IBAQAH2RFyq7tdGWNP6xC7vsnXWN1XWPfWda0X
izMTRh+xw5h9FEwEMWIOznAtEgUIsxOoRz1cZWYeTfBF6d5QGXoJ8SMykOX/Kh8u
hNlY4pqPE6HfmvleYMFltrBDU4aW4QgHXFqp3w39SG23CIBZxwtHAttBZBzaNxSu
8ziGlbuq8m0Va58zcSjJzIdV9ADXdlgHuFTvyItqdkb/YIEgmuVy/a2bgL5AmxAE
nvyEE43hSHbjnjP4dB9/RjHtQOcyJpfWStRvn7sIzDakvyWHa+nHYWg0jIF1Yyd+
MxT9Rh235rahT8MhHi9GQqGMMRkCcQLTcci6G7lHKLeq+n5h7gSp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:30 2024 by rpki-client on console-fra.rpki-client.org