Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HVsekJZCk49UfAppekaQLNq1hI4.roa
File: HVsekJZCk49UfAppekaQLNq1hI4.roa (raw, json)
Hash identifier: IlraNQtzDyYp1+CcPAGMuVrj3oAFZu/0jZLYG9U88H4=
Subject key identifier: 1D:5B:1E:90:96:42:93:8F:54:7C:0A:69:7A:46:90:2C:DA:B5:84:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A6003A0719C6585D571FCD1E2026802E7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HVsekJZCk49UfAppekaQLNq1hI4.roa
Signing time: Mon 04 Sep 2023 11:46:04 +0000
ROA not before: Mon 04 Sep 2023 11:46:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 192.145.29.0/24 maxlen: 24
192.145.30.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
185.252.162.0/24 maxlen: 24
185.252.161.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
193.148.50.0/24 maxlen: 24
194.11.197.0/24 maxlen: 24
193.148.49.0/24 maxlen: 24
194.11.198.0/24 maxlen: 24
194.11.199.0/24 maxlen: 24
193.148.48.0/24 maxlen: 24
193.148.51.0/24 maxlen: 24
194.11.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:03:a0:71:9c:65:85:d5:71:fc:d1:e2:02:68:02:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 4 11:46:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d5b1e909642938f547c0a697a46902cdab5848e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:16:e5:6e:db:2d:dc:26:db:b0:db:a8:09:e1:
dd:8a:e0:be:1c:bf:4e:68:f2:bd:34:d0:83:77:8c:
b0:27:54:9a:f7:3a:a8:40:54:30:69:b1:9b:1d:2a:
d4:99:04:74:42:5a:31:4d:65:44:2f:a1:c8:91:66:
44:5b:6c:5a:33:b7:c3:29:f1:d3:c1:da:b2:5d:d9:
11:32:10:a8:99:1a:ec:f1:6a:b1:1f:e5:14:8f:99:
c1:8b:58:d3:9d:8f:77:40:82:70:c3:87:56:26:90:
56:f8:ba:0e:4e:4b:e1:37:1f:23:5f:9a:e6:e7:49:
6c:dc:d1:20:18:95:6b:9b:71:0a:56:93:a4:c4:c9:
16:cb:c9:90:97:d4:18:f6:46:2e:b5:b9:63:2d:d9:
1a:3d:20:df:da:fc:8e:bf:1a:aa:b5:92:21:96:5e:
8f:38:e0:28:f1:d6:e6:bd:d4:52:90:70:2f:94:ad:
55:57:65:74:71:15:85:ae:45:b6:49:2f:99:2a:79:
04:af:fc:9e:d4:5c:dd:b9:ef:63:d3:84:33:dc:04:
27:05:89:fe:48:8e:19:37:06:93:19:9e:33:91:7c:
f6:34:0b:5c:31:ec:3c:ef:16:20:fb:66:a3:ad:62:
89:fd:ca:c8:cb:5d:fb:76:a1:17:be:bd:d4:69:13:
b4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5B:1E:90:96:42:93:8F:54:7C:0A:69:7A:46:90:2C:DA:B5:84:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HVsekJZCk49UfAppekaQLNq1hI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.161.0-185.252.163.255
192.145.28.0/22
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:4f:13:ce:3a:a5:e3:5e:71:c2:d9:a2:0d:6c:48:39:e7:24:
44:e9:e1:c4:8b:dd:04:be:b8:34:be:6f:a7:60:29:0e:26:1a:
e4:49:a1:c5:d7:ce:5d:dc:99:9f:1b:c1:96:83:e2:e8:80:a1:
66:98:d2:28:b6:7f:3a:4b:e2:92:42:26:b3:81:1c:76:2c:a9:
e4:e8:02:27:17:12:0e:96:08:df:0c:16:04:34:b6:3c:80:79:
b3:36:39:f1:4c:3c:87:d0:bb:ea:66:8c:3d:d6:eb:82:3e:d4:
8f:08:f2:3e:b5:eb:8f:e9:d4:2a:06:19:76:e6:9c:92:b4:e9:
15:2a:17:ab:cc:97:5e:29:86:5b:1a:0e:36:ee:8c:3e:e3:a9:
ca:d2:89:af:b7:4d:af:55:fd:27:60:e4:a8:e2:67:15:69:30:
4c:5e:35:7e:73:6a:5c:65:2d:5d:21:44:1c:40:bc:83:8a:f7:
32:16:f4:de:8f:6b:4a:2b:31:d8:74:32:ea:29:2e:64:42:69:
a5:2e:b1:8f:89:bd:5c:75:68:33:44:95:a0:a2:6f:df:4a:46:
69:ab:68:fc:2c:cd:bf:9d:85:6e:b3:24:c5:25:4d:97:82:9f:
3d:06:5b:5c:9d:f1:c0:a2:e9:b4:15:c5:8c:1e:fe:0d:fa:81:
3f:d6:97:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYpgA6BxnGWF1XH80eICaALnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA0MTE0NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDViMWU5MDk2NDI5MzhmNTQ3YzBhNjk3YTQ2OTAyY2RhYjU4NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRblbtst3CbbsNuoCeHdiuC+HL9O
aPK9NNCDd4ywJ1Sa9zqoQFQwabGbHSrUmQR0QloxTWVEL6HIkWZEW2xaM7fDKfHT
wdqyXdkRMhComRrs8WqxH+UUj5nBi1jTnY93QIJww4dWJpBW+LoOTkvhNx8jX5rm
50ls3NEgGJVrm3EKVpOkxMkWy8mQl9QY9kYutbljLdkaPSDf2vyOvxqqtZIhll6P
OOAo8dbmvdRSkHAvlK1VV2V0cRWFrkW2SS+ZKnkEr/ye1Fzdue9j04Qz3AQnBYn+
SI4ZNwaTGZ4zkXz2NAtcMew87xYg+2ajrWKJ/crIy137dqEXvr3UaRO07wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB1bHpCWQpOPVHwKaXpGkCzatYSOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSFZzZWtKWkNrNDlVZkFwcGVrYVFMTnExaEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAC5/KED
BAK5/KADBALAkRwDBALBlDADBALCC8QwDQYJKoZIhvcNAQELBQADggEBAKZPE846
peNeccLZog1sSDnnJETp4cSL3QS+uDS+b6dgKQ4mGuRJocXXzl3cmZ8bwZaD4uiA
oWaY0ii2fzpL4pJCJrOBHHYsqeToAicXEg6WCN8MFgQ0tjyAebM2OfFMPIfQu+pm
jD3W64I+1I8I8j6164/p1CoGGXbmnJK06RUqF6vMl14phlsaDjbujD7jqcrSia+3
Ta9V/Sdg5KjiZxVpMExeNX5zalxlLV0hRBxAvIOK9zIW9N6Pa0orMdh0MuopLmRC
aaUusY+JvVx1aDNElaCib99KRmmraPwszb+dhW6zJMUlTZeCnz0GW1yd8cCi6bQV
xYwe/g36gT/WlwQ=
-----END CERTIFICATE-----
Generated at Tue Sep 12 12:14:12 2023 by rpki-client on console-ams.rpki-client.org