Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hQnRX-0Vt1v-xc3JLQA9VLFCPLo.roa
File: hQnRX-0Vt1v-xc3JLQA9VLFCPLo.roa (raw, json)
Hash identifier: /00T9Tk7VXC/Y3vmeMMb5cx0Oj9vrnbwmPbtQ/bKX7w=
Subject key identifier: 85:09:D1:5F:ED:15:B7:5B:FE:C5:CD:C9:2D:00:3D:54:B1:42:3C:BA
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 0185728C9C70E87F2841854E116E51BEFA22
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hQnRX-0Vt1v-xc3JLQA9VLFCPLo.roa
Signing time: Mon 02 Jan 2023 12:54:55 +0000
ROA not before: Mon 02 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3549
IP address blocks: 185.114.187.0/24 maxlen: 24
185.114.186.0/24 maxlen: 24
185.114.185.0/24 maxlen: 24
185.114.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:9c:70:e8:7f:28:41:85:4e:11:6e:51:be:fa:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 2 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8509d15fed15b75bfec5cdc92d003d54b1423cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:d3:64:6e:6a:dd:ae:44:17:87:bc:59:92:
3a:12:77:92:46:e3:4c:53:e0:87:67:04:43:d9:ba:
b5:f0:05:a3:99:e7:70:20:17:89:ac:61:b7:2b:83:
dd:98:cc:e3:20:d1:54:e4:b3:e6:53:69:07:c9:16:
04:0a:49:73:ba:72:97:26:97:8f:2d:66:4c:1e:a4:
ae:20:23:e7:0b:39:05:77:46:06:e6:4d:98:36:9a:
2e:90:a4:98:37:79:93:76:27:30:32:94:c8:67:91:
7d:e6:2b:db:11:ba:4f:aa:d7:07:b6:ce:48:94:dd:
cf:db:80:81:32:64:18:92:15:e5:93:44:af:b3:a6:
0c:d6:5b:84:32:27:cb:0e:aa:d2:a4:87:af:49:26:
8c:ec:40:aa:a3:b8:55:ce:a1:b0:32:76:fb:8a:31:
b6:4c:a0:05:5b:3f:81:91:4d:80:8a:51:fa:9e:98:
4e:7c:4b:4b:01:81:8f:65:cb:c4:39:5d:4a:64:85:
86:8b:a0:d3:82:9b:23:01:f2:89:01:ba:c0:74:d0:
75:b4:7f:4a:95:f3:2e:d2:f4:6a:76:b3:94:b7:db:
c4:8e:c1:b8:e0:18:cb:63:3a:fc:85:3b:d5:7b:44:
3b:5d:68:59:1e:66:ca:ae:e2:0b:1c:84:98:ef:f8:
2f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:09:D1:5F:ED:15:B7:5B:FE:C5:CD:C9:2D:00:3D:54:B1:42:3C:BA
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hQnRX-0Vt1v-xc3JLQA9VLFCPLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.184.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:9b:ba:7f:de:91:03:bd:65:b2:43:7a:f1:8c:98:13:3f:db:
90:19:96:6f:41:f9:0d:c0:51:f8:43:8e:f6:c5:da:b3:3a:b0:
ff:c9:90:b4:35:58:e9:1d:1d:56:59:67:a5:07:6b:1d:11:13:
b5:69:96:54:5a:33:b0:b6:2e:dd:c4:ef:26:1a:f1:92:d1:7e:
ba:fb:04:7b:19:da:aa:c2:6a:06:58:1c:25:0c:57:14:e3:78:
74:2c:2e:b6:81:8c:a1:df:47:14:40:27:5a:c9:ff:2f:97:52:
9c:36:97:f5:5f:11:73:69:79:98:51:49:aa:53:2b:5a:b3:60:
0f:7d:32:fc:cb:df:f4:c2:28:2a:6b:3b:31:02:2f:72:c8:e7:
b1:a9:f7:5a:0a:fd:ab:11:f3:66:eb:93:24:4b:ee:7d:52:1d:
a6:a9:cd:6d:2c:40:27:a6:fe:ac:7f:32:a5:17:01:4f:b7:f3:
cb:5d:ef:b5:b8:9e:40:f9:4e:cb:65:97:c6:3a:7d:d9:51:86:
02:f4:36:79:36:78:90:e6:13:f1:5d:04:de:27:c6:a6:1a:89:
80:0d:43:28:64:b7:a7:f6:6f:ec:91:e8:07:53:38:4f:9d:3e:
4c:88:8b:a5:ef:ad:8d:53:fc:26:57:83:06:1b:e7:68:36:2f:
0b:27:43:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjJxw6H8oQYVOEW5RvvoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjMwMTAyMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA5ZDE1ZmVkMTViNzViZmVjNWNkYzkyZDAwM2Q1NGIxNDIzY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLjTZG5q3a5EF4e8WZI6EneSRuNM
U+CHZwRD2bq18AWjmedwIBeJrGG3K4PdmMzjINFU5LPmU2kHyRYECklzunKXJpeP
LWZMHqSuICPnCzkFd0YG5k2YNpoukKSYN3mTdicwMpTIZ5F95ivbEbpPqtcHts5I
lN3P24CBMmQYkhXlk0Svs6YM1luEMifLDqrSpIevSSaM7ECqo7hVzqGwMnb7ijG2
TKAFWz+BkU2AilH6nphOfEtLAYGPZcvEOV1KZIWGi6DTgpsjAfKJAbrAdNB1tH9K
lfMu0vRqdrOUt9vEjsG44BjLYzr8hTvVe0Q7XWhZHmbKruILHISY7/gvoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUJ0V/tFbdb/sXNyS0APVSxQjy6MB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvaFFuUlgtMFZ0MXYteGMzSkxRQTlWTEZDUExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXK4MA0G
CSqGSIb3DQEBCwUAA4IBAQANm7p/3pEDvWWyQ3rxjJgTP9uQGZZvQfkNwFH4Q472
xdqzOrD/yZC0NVjpHR1WWWelB2sdERO1aZZUWjOwti7dxO8mGvGS0X66+wR7Gdqq
wmoGWBwlDFcU43h0LC62gYyh30cUQCdayf8vl1KcNpf1XxFzaXmYUUmqUytas2AP
fTL8y9/0wigqazsxAi9yyOexqfdaCv2rEfNm65MkS+59Uh2mqc1tLEAnpv6sfzKl
FwFPt/PLXe+1uJ5A+U7LZZfGOn3ZUYYC9DZ5NniQ5hPxXQTeJ8amGomADUMoZLen
9m/skegHUzhPnT5MiIul762NU/wmV4MGG+doNi8LJ0Pd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org