Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-HFZUI0fwHsmTA-5f6mfZo6cZPE.roa
File: 1-HFZUI0fwHsmTA-5f6mfZo6cZPE.roa (raw, json)
Hash identifier: UcCTogCsB7QF6OQyrLuSqRgYBUE6fLfpjRyHRGg5MbU=
Subject key identifier: F8:71:59:50:8D:1F:C0:7B:26:4C:0F:B9:7F:A9:9F:66:8E:9C:64:F1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018649500C9A63B809A005A0D9D8232D352F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-HFZUI0fwHsmTA-5f6mfZo6cZPE.roa
Signing time: Mon 13 Feb 2023 05:47:08 +0000
ROA not before: Mon 13 Feb 2023 05:47:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53850
IP address blocks: 62.76.224.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:50:0c:9a:63:b8:09:a0:05:a0:d9:d8:23:2d:35:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 13 05:47:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f87159508d1fc07b264c0fb97fa99f668e9c64f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:60:61:db:b7:8d:23:10:0d:61:91:f4:68:67:
83:8c:3b:4f:6a:c7:c5:bf:8a:81:f9:4a:55:fd:57:
52:fb:02:40:46:db:ad:59:28:13:1e:6d:9e:ae:ed:
35:66:37:77:b6:89:fa:3a:f5:ec:2e:9f:a8:02:21:
b2:fe:89:96:15:3b:d8:e1:a6:9c:81:7c:c0:16:e1:
34:b0:6a:dd:2d:ef:85:ab:bb:1b:1b:00:f6:ba:85:
88:8a:6f:b9:b4:a0:fa:50:49:dd:0f:dd:ef:0c:22:
de:d1:ad:87:3b:6b:a3:15:df:9f:56:b3:4f:89:ea:
83:31:20:1d:02:ff:b6:38:07:81:b3:cc:dc:35:38:
95:10:c9:c4:98:03:81:a3:9a:d4:e0:0e:85:94:04:
ca:05:ea:5c:49:f8:f0:48:23:8e:64:f4:cc:c0:d5:
67:4f:42:39:da:0a:8b:61:c4:ed:71:c9:86:9c:71:
56:28:17:b6:04:a3:9c:66:f8:de:c5:5f:dc:af:4b:
ee:15:97:d6:03:eb:e3:b5:1c:19:28:c3:e1:6c:6f:
aa:95:a0:3d:e3:09:a3:ea:b2:f5:8d:90:9d:a3:65:
b9:a1:61:f8:f8:07:d2:99:4a:e7:76:07:a0:a8:86:
84:6b:78:8a:e2:1f:71:aa:de:fc:fa:cc:e1:68:cb:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:71:59:50:8D:1F:C0:7B:26:4C:0F:B9:7F:A9:9F:66:8E:9C:64:F1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-HFZUI0fwHsmTA-5f6mfZo6cZPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
185.72.11.0/24
194.87.32.0/23
194.87.39.0/24
194.87.117.0-194.87.118.255
Signature Algorithm: sha256WithRSAEncryption
20:da:d9:91:89:1f:df:d3:a0:0d:31:ce:ea:0a:5d:16:6a:9c:
4b:1d:2f:a9:82:6d:17:f9:8a:0b:62:c2:00:b9:65:81:ff:77:
df:b5:31:8f:7c:b0:46:26:10:46:0f:9c:ea:d0:82:4c:37:49:
2f:54:90:c6:70:44:dd:03:e7:51:a1:e7:0d:96:e5:99:fb:bb:
77:1c:3b:c8:c0:cd:f0:a6:88:99:e2:a5:65:05:70:2d:11:92:
5a:e0:85:ac:0c:2d:d8:cb:92:59:e8:78:dc:18:e8:4c:88:50:
f4:90:f0:25:87:85:7f:96:0d:f6:b6:ba:13:7a:cb:64:de:ae:
24:9d:0a:99:da:b0:c2:69:5b:24:e1:b1:63:40:f1:e4:2c:58:
27:b3:de:04:29:23:48:86:4d:6f:4b:bd:2f:84:b1:14:aa:f9:
d8:bc:87:1d:e3:ae:5f:90:0f:39:bf:14:14:a8:0e:d2:1f:45:
53:6d:1c:74:9e:5b:91:8b:d9:93:88:91:77:c8:35:e2:f6:c0:
20:5a:06:f0:3b:21:70:40:07:54:6e:43:ac:f7:47:21:c4:7f:
11:d8:50:ca:db:50:07:db:37:27:86:5c:3b:6c:c9:8a:c2:1c:
63:2c:34:6c:20:93:c8:04:f4:37:06:ef:32:ae:41:4d:e2:7a:
6e:f5:81:af
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZJUAyaY7gJoAWg2dgjLTUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjEzMDU0NzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODcxNTk1MDhkMWZjMDdiMjY0YzBmYjk3ZmE5OWY2NjhlOWM2NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WBh27eNIxANYZH0aGeDjDtPasfF
v4qB+UpV/VdS+wJARtutWSgTHm2eru01Zjd3ton6OvXsLp+oAiGy/omWFTvY4aac
gXzAFuE0sGrdLe+Fq7sbGwD2uoWIim+5tKD6UEndD93vDCLe0a2HO2ujFd+fVrNP
ieqDMSAdAv+2OAeBs8zcNTiVEMnEmAOBo5rU4A6FlATKBepcSfjwSCOOZPTMwNVn
T0I52gqLYcTtccmGnHFWKBe2BKOcZvjexV/cr0vuFZfWA+vjtRwZKMPhbG+qlaA9
4wmj6rL1jZCdo2W5oWH4+AfSmUrndgegqIaEa3iK4h9xqt78+szhaMvZ7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPhxWVCNH8B7JkwPuX+pn2aOnGTxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1IRlpVSTBmd0hzbVRBLTVmNm1mWm82Y1pQRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAD5M4AME
ALlICwMEAcJXIAMEAMJXJzAMAwQAwld1AwQAwld2MA0GCSqGSIb3DQEBCwUAA4IB
AQAg2tmRiR/f06ANMc7qCl0WapxLHS+pgm0X+YoLYsIAuWWB/3fftTGPfLBGJhBG
D5zq0IJMN0kvVJDGcETdA+dRoecNluWZ+7t3HDvIwM3wpoiZ4qVlBXAtEZJa4IWs
DC3Yy5JZ6HjcGOhMiFD0kPAlh4V/lg32troTestk3q4knQqZ2rDCaVsk4bFjQPHk
LFgns94EKSNIhk1vS70vhLEUqvnYvIcd465fkA85vxQUqA7SH0VTbRx0nluRi9mT
iJF3yDXi9sAgWgbwOyFwQAdUbkOs90chxH8R2FDK21AH2zcnhlw7bMmKwhxjLDRs
IJPIBPQ3Bu8yrkFN4npu9YGv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org