Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HQv1qCssvDx2iTgF73Dv00fKjN8.roa
File: HQv1qCssvDx2iTgF73Dv00fKjN8.roa (raw, json)
Hash identifier: dllAYJyKgT/zXkuU4/WXSscnZrpUsD/+M/8DIZfKfBo=
Subject key identifier: 1D:0B:F5:A8:2B:2C:BC:3C:76:89:38:05:EF:70:EF:D3:47:CA:8C:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCD5C34B1E7E0186BEFE7E2112EC3D0D2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HQv1qCssvDx2iTgF73Dv00fKjN8.roa
Signing time: Wed 21 Feb 2024 20:29:48 +0000
ROA not before: Wed 21 Feb 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.132.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 15:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cd:5c:34:b1:e7:e0:18:6b:ef:e7:e2:11:2e:c3:d0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d0bf5a82b2cbc3c76893805ef70efd347ca8cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:58:9c:65:29:14:fb:b7:c1:71:9e:00:43:
ed:03:29:76:b2:fc:a5:fa:6f:ba:66:27:d3:ef:94:
12:e1:d0:f6:99:5a:99:49:46:47:b2:71:a4:21:a5:
5d:64:27:7a:08:aa:85:02:39:66:a0:aa:41:07:fe:
1f:c0:b2:ba:6c:93:e4:51:b0:43:59:2a:2c:b7:26:
d5:6e:78:ef:3d:8f:77:43:ad:44:31:47:5b:f6:58:
de:1e:6b:bc:2d:4c:db:55:22:99:8c:b2:58:17:c6:
f2:04:9b:1b:68:ac:6e:7f:45:94:8d:35:c5:c2:54:
df:03:75:4d:90:c8:b5:8e:db:07:12:91:27:4a:fd:
d5:4e:e0:4e:1d:b4:6c:1b:2b:58:b0:04:4c:9b:bc:
b7:67:b9:2b:e8:aa:d0:34:14:49:db:88:d4:31:46:
21:e9:ba:eb:60:a9:12:38:cf:06:c3:5f:e1:9b:79:
1f:e8:15:2d:02:0b:44:86:9d:a9:37:1b:7d:c9:46:
0a:32:17:95:51:61:45:bc:41:c9:d4:92:57:d6:68:
b7:86:e4:be:db:1f:89:3b:fe:94:5a:b7:ef:4f:71:
33:26:78:ce:de:0c:5c:f8:cc:02:d1:9d:97:41:99:
d1:98:ef:0b:f8:ad:59:23:25:c0:32:7b:40:39:b6:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0B:F5:A8:2B:2C:BC:3C:76:89:38:05:EF:70:EF:D3:47:CA:8C:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HQv1qCssvDx2iTgF73Dv00fKjN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
48:f8:f4:b9:fd:90:d4:13:99:c9:4d:60:48:73:7b:77:e4:26:
00:b4:fa:2d:75:8c:09:b2:47:b6:6d:38:62:e7:97:be:07:00:
a2:ac:61:54:c8:a8:11:5f:03:20:e1:86:8d:96:a5:49:72:de:
4b:2d:fd:34:6a:df:01:b0:61:98:43:0b:23:7e:ab:20:8b:d7:
51:9e:a5:38:87:97:ef:6c:9d:c4:e2:c6:e0:64:8a:4d:2a:1e:
2f:8a:b8:66:9d:27:4a:5c:17:9c:8d:c7:3c:42:af:37:b0:01:
c3:81:d4:bb:34:89:52:f4:aa:26:f1:9c:0c:24:0d:bd:6a:e7:
05:e4:f5:d8:49:b0:ec:e5:5f:b9:94:79:34:b2:c5:ed:7f:0d:
b7:e7:60:06:a9:91:ac:f1:be:85:a8:0f:a8:75:d3:1f:96:61:
fe:1f:dc:de:fb:a5:a5:ec:8b:d5:4e:0b:e8:b6:33:ec:87:cb:
41:6b:6b:fc:73:10:d4:db:fa:43:7d:de:b3:76:4a:b2:99:82:
ab:5b:b2:d5:8d:47:6f:f1:9d:48:79:a4:ee:4f:a3:76:f1:66:
3c:1f:40:56:25:5b:66:55:34:b0:4c:22:4a:9e:58:ba:9d:c8:
c0:0d:82:eb:9b:d3:72:0e:65:96:08:59:65:01:97:92:e1:67:
83:13:94:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3NXDSx5+AYa+/n4hEuw9DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBiZjVhODJiMmNiYzNjNzY4OTM4MDVlZjcwZWZkMzQ3Y2E4Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG1YnGUpFPu3wXGeAEPtAyl2svyl
+m+6ZifT75QS4dD2mVqZSUZHsnGkIaVdZCd6CKqFAjlmoKpBB/4fwLK6bJPkUbBD
WSostybVbnjvPY93Q61EMUdb9ljeHmu8LUzbVSKZjLJYF8byBJsbaKxuf0WUjTXF
wlTfA3VNkMi1jtsHEpEnSv3VTuBOHbRsGytYsARMm7y3Z7kr6KrQNBRJ24jUMUYh
6brrYKkSOM8Gw1/hm3kf6BUtAgtEhp2pNxt9yUYKMheVUWFFvEHJ1JJX1mi3huS+
2x+JO/6UWrfvT3EzJnjO3gxc+MwC0Z2XQZnRmO8L+K1ZIyXAMntAObZVwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB0L9agrLLw8dok4Be9w79NHyozfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSFF2MXFDc3N2RHgyaVRnRjczRHYwMGZLak44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdGEAwQA
stfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQBI+PS5/ZDUE5nJTWBI
c3t35CYAtPotdYwJske2bThi55e+BwCirGFUyKgRXwMg4YaNlqVJct5LLf00at8B
sGGYQwsjfqsgi9dRnqU4h5fvbJ3E4sbgZIpNKh4virhmnSdKXBecjcc8Qq83sAHD
gdS7NIlS9Kom8ZwMJA29aucF5PXYSbDs5V+5lHk0ssXtfw2352AGqZGs8b6FqA+o
ddMflmH+H9ze+6Wl7IvVTgvotjPsh8tBa2v8cxDU2/pDfd6zdkqymYKrW7LVjUdv
8Z1IeaTuT6N28WY8H0BWJVtmVTSwTCJKnli6ncjADYLrm9NyDmWWCFllAZeS4WeD
E5Q3
-----END CERTIFICATE-----
Generated at Wed Feb 28 20:08:13 2024 by rpki-client on console-ams.rpki-client.org