Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hmyXUR6dEbKCCNRaK2Q2UwX-i4w.roa
File: hmyXUR6dEbKCCNRaK2Q2UwX-i4w.roa (raw, json)
Hash identifier: WX2E1BoLK6zAWzWjGtkSrPrQCAcaNCKNh+NWF6Are6k=
Subject key identifier: 86:6C:97:51:1E:9D:11:B2:82:08:D4:5A:2B:64:36:53:05:FE:8B:8C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6F48C50C1F12945DD77CC4B961FE6708
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hmyXUR6dEbKCCNRaK2Q2UwX-i4w.roa
Signing time: Thu 07 Sep 2023 10:55:54 +0000
ROA not before: Thu 07 Sep 2023 10:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 10:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:48:c5:0c:1f:12:94:5d:d7:7c:c4:b9:61:fe:67:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 7 10:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=866c97511e9d11b28208d45a2b64365305fe8b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e0:ed:e8:2e:95:d3:90:c1:75:a7:e5:e1:ea:
a8:90:65:fa:43:89:2e:68:d3:cd:d8:c0:1c:67:2e:
0f:50:1d:6e:8e:c0:22:94:37:08:4c:68:05:dd:88:
23:28:af:ae:fe:7b:a9:7d:47:d6:ec:77:9e:b8:91:
ef:d7:3f:98:25:52:fe:28:1d:c1:ae:8b:28:9a:21:
da:f0:84:46:dd:ee:23:61:5f:fa:47:73:f9:73:c2:
dc:59:70:4c:25:32:cb:83:3a:91:4f:ae:7b:49:84:
8b:dc:39:fa:d7:9c:cb:f4:b3:bb:31:8c:c1:84:8c:
e9:cf:75:b5:5d:01:6c:ca:ef:af:dd:41:4c:15:e3:
03:1c:6c:de:0a:d5:f6:ad:a2:b5:2d:b4:e3:bf:08:
ce:f8:3a:c3:c3:57:37:54:ba:eb:d9:9c:90:12:da:
84:90:dc:04:c6:52:ff:8c:14:8e:2f:c9:1a:aa:e0:
4b:6b:70:00:2a:17:67:85:fd:33:e4:2c:32:06:48:
be:5a:8f:c5:4b:f6:66:ca:1f:21:1c:97:f6:5b:33:
b3:23:00:d1:cc:c3:18:b1:5f:2b:fe:86:02:85:12:
e5:69:35:ba:84:91:43:1d:b7:c5:77:07:f3:e5:36:
79:97:29:2c:49:43:c8:59:63:b6:43:87:48:8b:a7:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6C:97:51:1E:9D:11:B2:82:08:D4:5A:2B:64:36:53:05:FE:8B:8C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hmyXUR6dEbKCCNRaK2Q2UwX-i4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.39.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4c:b1:82:8b:d3:d1:09:01:c4:f9:b8:c3:35:b8:3f:c5:9a:
13:a9:70:a4:b9:9b:5f:8b:5b:43:ef:b1:c9:50:9d:8c:ca:12:
5c:9a:96:a1:d2:92:5f:57:76:6a:3c:df:c0:61:61:31:76:ba:
7e:5a:70:34:4e:1e:f2:87:ab:e8:43:c3:9a:0d:69:51:78:97:
81:1d:a6:73:3d:f4:f0:44:05:b4:b5:c0:54:7d:95:62:60:aa:
be:ea:f8:15:03:34:83:76:a6:be:fc:78:cc:ce:42:8a:69:ff:
6a:b7:22:62:63:36:27:f1:bc:79:a9:b8:53:26:f4:73:32:c9:
e8:71:c6:df:ff:ea:99:cc:d2:ec:a8:77:9f:aa:14:bd:e6:d0:
46:a1:71:1a:32:60:2f:69:f8:43:8f:2f:bf:59:3c:5b:4e:a6:
f3:3c:c9:7a:ba:c7:7e:c8:e7:5c:f8:d6:98:42:3d:30:a2:2d:
af:5e:8e:8c:7b:7b:b2:bc:28:b8:66:c9:36:06:e6:26:37:13:
96:9d:40:6a:88:dc:d9:34:3b:f3:54:4a:36:3d:3a:ef:68:cc:
20:e5:32:75:01:fa:b1:65:f8:f6:d4:5c:7e:23:db:ff:1f:64:
22:80:29:77:34:4d:fe:8a:4d:70:48:01:52:fc:6e:78:ba:8a:
b4:25:76:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpvSMUMHxKUXdd8xLlh/mcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA3MTA1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZjOTc1MTFlOWQxMWIyODIwOGQ0NWEyYjY0MzY1MzA1ZmU4YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuDt6C6V05DBdafl4eqokGX6Q4ku
aNPN2MAcZy4PUB1ujsAilDcITGgF3YgjKK+u/nupfUfW7HeeuJHv1z+YJVL+KB3B
rosomiHa8IRG3e4jYV/6R3P5c8LcWXBMJTLLgzqRT657SYSL3Dn615zL9LO7MYzB
hIzpz3W1XQFsyu+v3UFMFeMDHGzeCtX2raK1LbTjvwjO+DrDw1c3VLrr2ZyQEtqE
kNwExlL/jBSOL8kaquBLa3AAKhdnhf0z5CwyBki+Wo/FS/Zmyh8hHJf2WzOzIwDR
zMMYsV8r/oYChRLlaTW6hJFDHbfFdwfz5TZ5lyksSUPIWWO2Q4dIi6dIrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZsl1EenRGyggjUWitkNlMF/ouMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaG15WFVSNmRFYktDQ05SYUsyUTJVd1gtaTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlX6AwQA
w4UnAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQBYTLGCi9PRCQHE+bjDNbg/xZoT
qXCkuZtfi1tD77HJUJ2MyhJcmpah0pJfV3ZqPN/AYWExdrp+WnA0Th7yh6voQ8Oa
DWlReJeBHaZzPfTwRAW0tcBUfZViYKq+6vgVAzSDdqa+/HjMzkKKaf9qtyJiYzYn
8bx5qbhTJvRzMsnoccbf/+qZzNLsqHefqhS95tBGoXEaMmAvafhDjy+/WTxbTqbz
PMl6usd+yOdc+NaYQj0woi2vXo6Me3uyvCi4Zsk2BuYmNxOWnUBqiNzZNDvzVEo2
PTrvaMwg5TJ1AfqxZfj21Fx+I9v/H2QigCl3NE3+ik1wSAFS/G54uoq0JXYl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org