Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/hGhh0MShJVItocNAKaMFcm9U26o.roa
File: hGhh0MShJVItocNAKaMFcm9U26o.roa (raw, json)
Hash identifier: r2ctUvQ5WzVy56TATMttt9qcx+450i1vQSazZ/Rtwcc=
Subject key identifier: 84:68:61:D0:C4:A1:25:52:2D:A1:C3:40:29:A3:05:72:6F:54:DB:AA
Certificate issuer: /CN=42e4605bc566ed910cbfe28bc2273db99ae6a68d
Certificate serial: 01856DE67673CFBAA7585F58097EF368923A
Authority key identifier: 42:E4:60:5B:C5:66:ED:91:0C:BF:E2:8B:C2:27:3D:B9:9A:E6:A6:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/hGhh0MShJVItocNAKaMFcm9U26o.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.206.135.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:76:73:cf:ba:a7:58:5f:58:09:7e:f3:68:92:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e4605bc566ed910cbfe28bc2273db99ae6a68d
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=846861d0c4a125522da1c34029a305726f54dbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:6a:42:0b:8a:0c:2f:65:4f:3e:92:3a:62:
df:f4:81:75:c4:eb:19:23:6c:01:2d:f4:d8:31:5e:
bd:ab:98:f4:2e:03:b6:6c:21:f9:43:5c:a7:62:21:
b6:6c:7d:1b:e4:b8:7a:b4:46:56:41:c5:5a:44:66:
d9:4b:21:b6:fb:f7:31:ab:13:78:04:67:7c:2c:cf:
ae:6d:df:e2:17:a2:6d:88:57:c0:0b:66:33:b9:47:
1f:21:9e:45:72:b8:ac:c5:38:b2:b8:95:92:20:99:
66:41:57:98:3c:d6:d4:b4:c9:aa:07:ab:15:b8:2e:
1e:73:17:ec:6e:1d:70:f1:a1:5e:af:6d:37:b3:8b:
c8:99:13:73:96:37:bf:6d:e9:51:1a:0f:ea:9e:16:
c3:8c:cc:8a:d9:ff:eb:f0:10:a1:38:f3:72:7a:20:
ce:1c:cc:6d:5a:01:cf:8f:9b:aa:fc:2b:ea:96:f3:
3e:18:72:06:f4:a7:53:70:15:47:c1:4c:fc:3b:f3:
bf:f6:cd:11:75:64:6b:67:a5:1a:57:27:bf:af:36:
e2:c1:4e:4a:40:97:21:40:15:0c:ea:29:89:f9:b4:
9e:5e:76:90:69:63:f6:de:44:d9:4d:98:3d:d6:8d:
ef:78:70:42:f1:44:ad:a5:71:b4:a5:29:d3:74:ed:
99:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:68:61:D0:C4:A1:25:52:2D:A1:C3:40:29:A3:05:72:6F:54:DB:AA
X509v3 Authority Key Identifier:
keyid:42:E4:60:5B:C5:66:ED:91:0C:BF:E2:8B:C2:27:3D:B9:9A:E6:A6:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/hGhh0MShJVItocNAKaMFcm9U26o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/511d83-7531-4430-a839-0ccc703fe471/1/QuRgW8Vm7ZEMv-KLwic9uZrmpo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.132.0/22
Signature Algorithm: sha256WithRSAEncryption
96:0f:54:0e:7c:b2:e0:1b:15:9f:d9:be:d4:61:b3:c8:17:2d:
ab:3a:d7:20:ad:74:38:d1:a9:5c:81:cf:9a:ed:81:9d:44:0b:
b0:08:c2:21:89:d6:8f:08:56:3b:df:23:2f:22:3f:e7:75:e1:
ad:bc:50:7b:9c:4c:54:19:92:d4:43:13:e9:b1:81:da:ed:80:
47:4e:71:f2:cd:8e:1e:b9:a0:8d:f8:fe:d0:0c:d2:1c:2d:e9:
6c:9a:05:d5:bc:da:f7:b0:a5:bf:e4:34:44:3d:97:d9:21:5c:
06:6b:2d:11:94:28:26:f0:8a:eb:a5:61:55:90:4c:2d:e2:2c:
96:db:b9:1c:a9:ff:07:5f:ce:88:f8:ff:c8:d1:f1:3b:1a:5c:
f2:b7:e6:43:40:ab:28:2a:c9:27:e9:90:81:fb:13:f4:f3:f5:
c0:de:2f:56:b7:3e:83:69:ce:44:cd:87:12:b9:ef:9a:ba:4e:
86:4e:43:f7:38:8e:69:26:a1:b4:da:33:34:03:5a:4e:6b:92:
57:6b:89:61:f8:6b:7d:4d:d0:d2:17:63:13:fd:42:10:81:cf:
91:fc:76:43:c0:6e:8b:6f:2c:d5:91:fa:97:e1:a4:69:39:08:
bf:36:d4:f3:ed:a3:3d:fb:5f:4e:56:d1:d7:7f:62:26:a8:65:
e9:23:0b:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5nZzz7qnWF9YCX7zaJI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTQ2MDViYzU2NmVkOTEwY2JmZTI4YmMyMjczZGI5OWFl
NmE2OGQwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY4NjFkMGM0YTEyNTUyMmRhMWMzNDAyOWEzMDU3MjZmNTRkYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9NqQguKDC9lTz6SOmLf9IF1xOsZ
I2wBLfTYMV69q5j0LgO2bCH5Q1ynYiG2bH0b5Lh6tEZWQcVaRGbZSyG2+/cxqxN4
BGd8LM+ubd/iF6JtiFfAC2YzuUcfIZ5FcrisxTiyuJWSIJlmQVeYPNbUtMmqB6sV
uC4ecxfsbh1w8aFer203s4vImRNzlje/belRGg/qnhbDjMyK2f/r8BChOPNyeiDO
HMxtWgHPj5uq/CvqlvM+GHIG9KdTcBVHwUz8O/O/9s0RdWRrZ6UaVye/rzbiwU5K
QJchQBUM6imJ+bSeXnaQaWP23kTZTZg91o3veHBC8UStpXG0pSnTdO2ZLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRoYdDEoSVSLaHDQCmjBXJvVNuqMB8GA1UdIwQY
MBaAFELkYFvFZu2RDL/ii8InPbma5qaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVSZ1c4Vm03WkVNdi1LTHdpYzl1WnJtcG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81MTFkODMtNzUzMS00NDMwLWE4Mzkt
MGNjYzcwM2ZlNDcxLzEvaEdoaDBNU2hKVkl0b2NOQUthTUZjbTlVMjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81MTFkODMtNzUzMS00NDMwLWE4MzktMGNjYzcwM2ZlNDcx
LzEvUXVSZ1c4Vm03WkVNdi1LTHdpYzl1WnJtcG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc6EMA0G
CSqGSIb3DQEBCwUAA4IBAQCWD1QOfLLgGxWf2b7UYbPIFy2rOtcgrXQ40alcgc+a
7YGdRAuwCMIhidaPCFY73yMvIj/ndeGtvFB7nExUGZLUQxPpsYHa7YBHTnHyzY4e
uaCN+P7QDNIcLelsmgXVvNr3sKW/5DREPZfZIVwGay0RlCgm8IrrpWFVkEwt4iyW
27kcqf8HX86I+P/I0fE7Glzyt+ZDQKsoKskn6ZCB+xP08/XA3i9Wtz6Dac5EzYcS
ue+auk6GTkP3OI5pJqG02jM0A1pOa5JXa4lh+Gt9TdDSF2MT/UIQgc+R/HZDwG6L
byzVkfqX4aRpOQi/NtTz7aM9+19OVtHXf2ImqGXpIwvY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org