Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HkeB598kifpGhZdc1TIIX1uo-j0.roa
File: HkeB598kifpGhZdc1TIIX1uo-j0.roa (raw, json)
Hash identifier: pE0RZ9FQQ/spGcZK8Rl8CA3/tQHWRClSgqgvjUdiMFI=
Subject key identifier: 1E:47:81:E7:DF:24:89:FA:46:85:97:5C:D5:32:08:5F:5B:A8:FA:3D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B6C3A842994E6A0FE29C1954554654830
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HkeB598kifpGhZdc1TIIX1uo-j0.roa
Signing time: Thu 26 Oct 2023 13:44:16 +0000
ROA not before: Thu 26 Oct 2023 13:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 212.193.27.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:3a:84:29:94:e6:a0:fe:29:c1:95:45:54:65:48:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 26 13:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e4781e7df2489fa4685975cd532085f5ba8fa3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a2:1f:04:af:bf:6d:2f:28:b2:68:56:a1:e8:
01:d0:22:e1:8a:58:c7:7e:06:0d:d8:f9:22:10:aa:
f6:90:19:d4:61:57:b4:ae:b7:74:91:78:dc:d9:fe:
b1:ff:63:62:69:3e:f8:f1:f8:98:49:cc:eb:5a:60:
e6:ce:60:ff:fd:99:70:21:18:23:cc:51:a0:8f:9e:
ee:e6:99:de:02:ea:4a:f0:0b:3e:f9:6c:1e:e0:49:
a2:dd:e2:8c:3e:4b:97:1c:0c:88:50:13:21:6a:24:
0e:7b:89:63:9f:2d:71:f4:84:45:ff:37:15:58:6b:
24:cc:64:48:7b:a8:99:cf:57:94:9d:3e:4e:ea:32:
60:f8:9e:7a:f3:6f:3c:3f:73:fe:84:8b:10:ea:a8:
8d:a5:68:43:ab:32:b1:db:9a:00:ac:9d:73:b4:19:
90:43:05:d4:45:f1:61:77:ab:e9:47:ec:6a:7c:44:
2e:d5:df:ea:b5:7f:5b:27:08:0b:74:37:7e:af:6d:
f8:81:27:53:ec:ab:d9:78:b1:3c:34:f5:81:60:67:
d9:62:2f:56:ad:6a:b9:17:c5:3b:2d:4c:e4:16:28:
ef:25:56:f9:34:9f:9b:68:eb:fb:a2:a0:0f:d7:14:
4f:9b:23:2d:64:d8:c3:f5:42:a5:d2:e9:7d:aa:a2:
71:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:47:81:E7:DF:24:89:FA:46:85:97:5C:D5:32:08:5F:5B:A8:FA:3D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HkeB598kifpGhZdc1TIIX1uo-j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
194.135.38.0/24
212.192.1.0/24
212.193.27.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a4:58:02:30:d0:ba:98:e0:8c:18:af:4c:17:e0:9d:f2:d5:
07:20:a7:31:21:87:4b:80:35:c6:b4:b7:da:51:e9:68:8b:86:
8c:f7:a4:d7:e4:ec:b1:df:35:ab:a1:0c:1a:c3:bc:4b:65:25:
87:0b:ab:52:4c:5d:81:da:f0:20:72:4c:b2:8f:ba:b2:62:0a:
2c:dd:4f:ba:9b:03:8f:68:43:f3:86:4e:fc:35:08:79:ec:c8:
eb:35:9c:b0:df:f2:04:78:15:7d:70:71:5f:13:22:97:a4:2c:
b2:3c:ca:ae:b9:13:3a:4a:cb:04:3c:d9:61:1d:14:f7:49:a0:
5f:e5:35:b4:d9:b9:16:d7:52:15:36:04:8e:ac:ac:eb:f1:05:
b4:2a:ed:36:2a:c5:8c:ab:f9:76:55:28:36:97:bc:b4:ea:ca:
6f:9e:98:df:81:0f:58:12:77:26:65:d4:6e:ce:13:a9:cc:e5:
33:8e:b2:bb:c6:a0:74:7c:7a:a3:5e:b6:8f:8b:aa:90:5b:42:
02:d0:3f:3f:13:bd:b2:b8:1f:06:c8:94:8a:0b:ec:0c:76:8f:
8d:ee:7b:57:44:8f:f7:e3:c1:54:50:8d:73:10:8d:c1:98:4e:
f2:d2:c2:cc:04:96:dc:a1:17:41:96:e2:d0:11:76:a7:e4:52:
0e:4a:e4:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtsOoQplOag/inBlUVUZUgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI2MTM0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ3ODFlN2RmMjQ4OWZhNDY4NTk3NWNkNTMyMDg1ZjViYThmYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqIfBK+/bS8osmhWoegB0CLhiljH
fgYN2PkiEKr2kBnUYVe0rrd0kXjc2f6x/2NiaT748fiYSczrWmDmzmD//ZlwIRgj
zFGgj57u5pneAupK8As++Wwe4Emi3eKMPkuXHAyIUBMhaiQOe4ljny1x9IRF/zcV
WGskzGRIe6iZz1eUnT5O6jJg+J568288P3P+hIsQ6qiNpWhDqzKx25oArJ1ztBmQ
QwXURfFhd6vpR+xqfEQu1d/qtX9bJwgLdDd+r234gSdT7KvZeLE8NPWBYGfZYi9W
rWq5F8U7LUzkFijvJVb5NJ+baOv7oqAP1xRPmyMtZNjD9UKl0ul9qqJxvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB5HgeffJIn6RoWXXNUyCF9bqPo9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSGtlQjU5OGtpZnBHaFpkYzFUSUlYMXVvLWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHy8AwQA
wocmAwQA1MABAwQA1MEbMA0GCSqGSIb3DQEBCwUAA4IBAQAApFgCMNC6mOCMGK9M
F+Cd8tUHIKcxIYdLgDXGtLfaUeloi4aM96TX5Oyx3zWroQwaw7xLZSWHC6tSTF2B
2vAgckyyj7qyYgos3U+6mwOPaEPzhk78NQh57MjrNZyw3/IEeBV9cHFfEyKXpCyy
PMquuRM6SssEPNlhHRT3SaBf5TW02bkW11IVNgSOrKzr8QW0Ku02KsWMq/l2VSg2
l7y06spvnpjfgQ9YEncmZdRuzhOpzOUzjrK7xqB0fHqjXraPi6qQW0IC0D8/E72y
uB8GyJSKC+wMdo+N7ntXRI/348FUUI1zEI3BmE7y0sLMBJbcoRdBluLQEXan5FIO
SuTO
-----END CERTIFICATE-----
Generated at Tue Oct 31 12:32:32 2023 by rpki-client on console-ams.rpki-client.org