Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HANI4sDSd_RKuWK2feF4M9ctLy4.roa
File: HANI4sDSd_RKuWK2feF4M9ctLy4.roa (raw, json)
Hash identifier: kZSwp/R3MJvGYGDwysCBft5W6HaKLjOk7UaQ+yUYMyI=
Subject key identifier: 1C:03:48:E2:C0:D2:77:F4:4A:B9:62:B6:7D:E1:78:33:D7:2D:2F:2E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186C1C452D1FA95D1620BA92AD349D64C5B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HANI4sDSd_RKuWK2feF4M9ctLy4.roa
Signing time: Wed 08 Mar 2023 15:08:34 +0000
ROA not before: Wed 08 Mar 2023 15:08:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 195.133.193.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:c4:52:d1:fa:95:d1:62:0b:a9:2a:d3:49:d6:4c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 8 15:08:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c0348e2c0d277f44ab962b67de17833d72d2f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d9:b9:86:8d:15:62:5a:58:f2:aa:27:0a:11:
53:87:d5:4e:58:56:78:51:45:3a:ae:64:ae:1b:0e:
1a:16:51:0a:49:43:f2:cc:c6:1f:61:37:0a:e2:f9:
3f:ff:c2:39:1c:41:0b:3f:4c:09:58:4f:d6:ee:ff:
e0:a6:11:10:fb:c4:3b:7e:4c:13:b4:cf:59:ba:e2:
5f:2c:b9:4b:a1:a7:91:bf:37:78:a1:28:54:71:32:
de:7e:c3:d2:10:e1:e4:5d:55:f5:31:b0:5a:be:12:
27:51:77:42:db:ca:31:9a:06:e1:99:9e:84:bb:92:
48:af:c8:db:2f:95:d9:0a:f9:b8:71:2c:cd:62:a8:
47:f4:2e:66:ea:81:ed:3b:02:54:3d:2d:ef:c2:23:
66:24:f9:83:07:7d:fe:71:eb:8a:1e:dc:a2:28:41:
5d:39:b3:12:ac:79:dd:67:4c:9f:7a:4d:07:23:b2:
c9:50:fb:3c:2d:d8:c3:eb:5b:19:d9:04:19:77:d6:
ec:56:cf:d3:bb:c0:64:b3:36:00:55:8a:2b:5c:7a:
79:b5:3a:41:c6:fe:e6:a6:2b:e5:f6:10:ed:13:ec:
85:34:a2:00:f2:df:d2:72:e1:e9:3c:d4:c4:14:f5:
87:71:ba:b4:bd:72:e4:ee:51:e0:8e:98:3a:68:41:
ff:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:03:48:E2:C0:D2:77:F4:4A:B9:62:B6:7D:E1:78:33:D7:2D:2F:2E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HANI4sDSd_RKuWK2feF4M9ctLy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.126.0/24
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
05:85:ec:c6:5d:d3:f0:58:e9:a3:93:04:06:7f:1e:9f:9a:70:
6d:d5:fd:e5:6a:f9:47:55:a1:8e:27:52:e0:82:87:f0:d3:d9:
b8:2a:05:d6:7c:46:9e:ca:2c:b2:a7:92:78:4e:2b:ae:1d:23:
2b:4c:e7:cb:a9:17:70:35:d1:c8:40:cb:8c:47:f7:e9:08:2c:
ba:83:44:0c:06:ed:8e:bb:51:10:d3:2d:dd:a9:c5:86:30:8e:
83:63:a7:b2:c6:1b:ee:20:61:06:18:90:d3:b9:0b:1f:97:de:
23:c7:9f:ac:d7:d4:57:3c:0f:bc:8b:0a:3e:36:e5:8a:b8:84:
73:c4:ab:94:6c:16:2a:01:5c:bd:71:8e:5d:1f:39:5f:8f:a7:
3b:66:ba:c1:a6:42:db:c6:d5:3b:41:5e:e5:77:7d:f1:ae:8b:
65:f9:a7:aa:ca:8c:3a:12:11:4a:98:3d:9c:9e:71:d2:13:e7:
ef:20:aa:96:4b:d1:17:86:e8:ff:4b:db:90:61:fa:ab:2a:33:
a2:10:88:98:c5:da:c7:fe:11:09:19:05:a2:86:41:48:59:90:
c4:ef:a0:28:aa:4d:f9:67:3d:4b:9b:db:7f:cf:9a:2b:42:5f:
a5:30:39:1c:3b:31:2e:37:68:55:b6:26:2b:d5:e6:4a:e9:24:
c3:05:1f:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbBxFLR+pXRYgupKtNJ1kxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA4MTUwODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAzNDhlMmMwZDI3N2Y0NGFiOTYyYjY3ZGUxNzgzM2Q3MmQyZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dm5ho0VYlpY8qonChFTh9VOWFZ4
UUU6rmSuGw4aFlEKSUPyzMYfYTcK4vk//8I5HEELP0wJWE/W7v/gphEQ+8Q7fkwT
tM9ZuuJfLLlLoaeRvzd4oShUcTLefsPSEOHkXVX1MbBavhInUXdC28oxmgbhmZ6E
u5JIr8jbL5XZCvm4cSzNYqhH9C5m6oHtOwJUPS3vwiNmJPmDB33+ceuKHtyiKEFd
ObMSrHndZ0yfek0HI7LJUPs8LdjD61sZ2QQZd9bsVs/Tu8BkszYAVYorXHp5tTpB
xv7mpivl9hDtE+yFNKIA8t/ScuHpPNTEFPWHcbq0vXLk7lHgjpg6aEH/QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBwDSOLA0nf0Srlitn3heDPXLS8uMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSEFOSTRzRFNkX1JLdVdLMmZlRjRNOWN0THk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwld+AwQA
w4XBMA0GCSqGSIb3DQEBCwUAA4IBAQAFhezGXdPwWOmjkwQGfx6fmnBt1f3lavlH
VaGOJ1Lggofw09m4KgXWfEaeyiyyp5J4TiuuHSMrTOfLqRdwNdHIQMuMR/fpCCy6
g0QMBu2Ou1EQ0y3dqcWGMI6DY6eyxhvuIGEGGJDTuQsfl94jx5+s19RXPA+8iwo+
NuWKuIRzxKuUbBYqAVy9cY5dHzlfj6c7ZrrBpkLbxtU7QV7ld33xrotl+aeqyow6
EhFKmD2cnnHSE+fvIKqWS9EXhuj/S9uQYfqrKjOiEIiYxdrH/hEJGQWihkFIWZDE
76Aoqk35Zz1Lm9t/z5orQl+lMDkcOzEuN2hVtiYr1eZK6STDBR+l
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org