Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HIBrU-5TZyLgzX5ExLmn4OwdI3s.roa
File: HIBrU-5TZyLgzX5ExLmn4OwdI3s.roa (raw, json)
Hash identifier: euGqRfGBEg8aiXoHWVQm+uQjAyTl8xMTlflMO7PgKMg=
Subject key identifier: 1C:80:6B:53:EE:53:67:22:E0:CD:7E:44:C4:B9:A7:E0:EC:1D:23:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CA72B3EFD38B8348C8E8D5761A4FF5422
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HIBrU-5TZyLgzX5ExLmn4OwdI3s.roa
Signing time: Tue 26 Dec 2023 17:27:58 +0000
ROA not before: Tue 26 Dec 2023 17:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:2b:3e:fd:38:b8:34:8c:8e:8d:57:61:a4:ff:54:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 26 17:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c806b53ee536722e0cd7e44c4b9a7e0ec1d237b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:73:ac:30:7a:9d:a5:09:d6:68:5d:42:2c:
40:e6:31:e8:d8:c4:85:1e:26:8e:c0:de:5c:07:e2:
be:c9:ff:82:fe:f6:94:8c:fd:e7:ad:a5:68:c5:dc:
cb:ba:1c:7a:c6:64:9e:f4:0c:65:8e:5b:82:7c:0d:
fc:01:9a:c7:84:d9:2b:d9:ed:78:c8:3b:a3:98:42:
28:4f:4c:72:e3:79:ce:66:1a:9d:f1:ed:57:ff:50:
8f:e9:0a:bb:d0:06:73:ab:e0:85:03:37:14:b3:0a:
8c:3a:bc:2d:fe:05:95:b5:74:ef:0e:fe:f6:5f:ca:
6f:0b:1d:8f:83:3f:c4:4f:7f:d9:27:cc:78:aa:11:
91:e1:b2:f4:fd:a5:c1:e1:26:d9:ab:9e:fa:de:f9:
73:24:23:bf:23:2e:de:cf:43:03:8d:92:4a:af:55:
82:9b:0d:db:33:86:2d:2f:9d:17:91:e5:6b:c5:4d:
f3:92:76:45:cb:57:9c:64:07:f5:d8:58:b1:5e:bc:
a6:d7:39:df:6e:72:d6:b6:55:ac:e0:ae:4f:af:7a:
35:36:b9:6b:5a:a4:d3:df:8e:3e:d2:7d:f8:ab:70:
33:cf:e0:aa:cd:19:e8:54:3d:45:d4:63:e1:3b:a4:
88:15:7e:fa:76:3b:c6:77:6e:7e:58:b0:41:5b:2b:
05:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:80:6B:53:EE:53:67:22:E0:CD:7E:44:C4:B9:A7:E0:EC:1D:23:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HIBrU-5TZyLgzX5ExLmn4OwdI3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.188.0/24
192.124.190.0/23
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:be:c4:75:d8:e5:ad:13:96:56:31:63:c9:ec:89:2c:bb:30:
43:30:2a:5f:d9:ae:f8:0c:41:9f:bd:65:2e:4d:64:ed:4c:13:
54:f4:f2:d0:4a:44:92:d3:13:e9:40:e6:b3:9d:6b:03:c9:e2:
bd:5e:20:7c:63:74:fd:ab:71:98:b5:66:d4:b6:af:4f:e7:ac:
97:41:8a:e8:52:28:e5:ff:20:48:00:09:e9:db:8b:93:61:3a:
14:7f:84:35:33:dd:6a:b0:c0:9d:54:f3:e5:a1:53:21:d0:fe:
28:cc:a8:1e:d8:11:8c:2b:74:d2:34:24:1c:1a:24:62:12:07:
ba:3e:a5:36:5b:d3:46:50:30:9c:02:4d:c3:75:1b:97:1c:84:
8e:65:f9:4d:10:e4:b2:a5:61:e4:61:31:ea:2e:c6:ba:c4:41:
64:b2:44:f1:ab:d2:6b:ea:c4:5a:85:02:b0:3e:73:e4:21:6c:
5b:95:8d:17:d2:4e:e5:a3:08:ce:d9:bc:62:49:67:56:4a:71:
62:d3:be:5d:cf:02:22:a0:95:34:66:9b:6e:0b:ba:62:00:96:
db:62:d4:3a:fc:ac:f9:71:00:da:62:90:f9:84:ed:32:0b:4d:
92:e3:2a:94:35:ff:8a:ac:27:d6:88:c0:87:05:a3:43:39:2a:
30:1c:5e:33
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYynKz79OLg0jI6NV2Gk/1QiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI2MTcyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzgwNmI1M2VlNTM2NzIyZTBjZDdlNDRjNGI5YTdlMGVjMWQyMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mNzrDB6naUJ1mhdQixA5jHo2MSF
HiaOwN5cB+K+yf+C/vaUjP3nraVoxdzLuhx6xmSe9AxljluCfA38AZrHhNkr2e14
yDujmEIoT0xy43nOZhqd8e1X/1CP6Qq70AZzq+CFAzcUswqMOrwt/gWVtXTvDv72
X8pvCx2Pgz/ET3/ZJ8x4qhGR4bL0/aXB4SbZq5763vlzJCO/Iy7ez0MDjZJKr1WC
mw3bM4YtL50XkeVrxU3zknZFy1ecZAf12FixXrym1znfbnLWtlWs4K5Pr3o1Nrlr
WqTT344+0n34q3Azz+CqzRnoVD1F1GPhO6SIFX76djvGd25+WLBBWysFvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFByAa1PuU2ci4M1+RMS5p+DsHSN7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSElCclUtNVRaeUxnelg1RXhMbW40T3dkSTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBALAfLQD
BADAfLYDBADAfLwDBAHAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEB
AG2+xHXY5a0TllYxY8nsiSy7MEMwKl/ZrvgMQZ+9ZS5NZO1ME1T08tBKRJLTE+lA
5rOdawPJ4r1eIHxjdP2rcZi1ZtS2r0/nrJdBiuhSKOX/IEgACenbi5NhOhR/hDUz
3WqwwJ1U8+WhUyHQ/ijMqB7YEYwrdNI0JBwaJGISB7o+pTZb00ZQMJwCTcN1G5cc
hI5l+U0Q5LKlYeRhMeouxrrEQWSyRPGr0mvqxFqFArA+c+QhbFuVjRfSTuWjCM7Z
vGJJZ1ZKcWLTvl3PAiKglTRmm24LumIAltti1Dr8rPlxANpikPmE7TILTZLjKpQ1
/4qsJ9aIwIcFo0M5KjAcXjM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org