Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7aVPT60pwxo5KGoJ6YEiLADwHE.roa
File: h7aVPT60pwxo5KGoJ6YEiLADwHE.roa (raw, json)
Hash identifier: Sk4XNXVLg/kbYalWUgw7chveHdndAWiGffrn+XxIwjQ=
Subject key identifier: 87:B6:95:3D:3E:B4:A7:0C:68:E4:A1:A8:27:A6:04:88:B0:03:C0:71
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01859A5A633AEB2ED7A0C0F67D408BA5B807
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7aVPT60pwxo5KGoJ6YEiLADwHE.roa
Signing time: Tue 10 Jan 2023 06:24:52 +0000
ROA not before: Tue 10 Jan 2023 06:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 185.216.68.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 10:17:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:5a:63:3a:eb:2e:d7:a0:c0:f6:7d:40:8b:a5:b8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 10 06:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b6953d3eb4a70c68e4a1a827a60488b003c071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:14:70:14:c4:2f:2a:58:14:64:42:16:9b:ba:
9e:7c:c9:81:e6:b0:c4:e9:df:aa:38:66:f0:50:99:
2c:01:7a:68:34:4b:b4:61:6c:32:49:bf:eb:da:15:
72:cb:c9:8a:93:1a:cb:e1:e9:f7:85:8c:f7:b1:54:
82:9e:1d:7a:01:1b:c9:9f:d2:33:c1:ab:fc:b8:7e:
17:21:66:a2:26:b0:a9:f3:5f:8a:53:9e:cb:43:9c:
8e:a4:88:1e:8b:07:cc:f9:3f:ab:82:a4:09:f1:d9:
be:aa:b2:4d:7f:97:bb:49:d5:b6:55:46:a5:63:48:
09:42:16:ee:36:b1:72:33:73:96:24:dd:f5:3f:08:
96:ee:cb:63:1b:d5:d3:c6:37:bc:5f:20:67:52:c4:
7a:f1:38:e0:26:ce:e3:6f:ee:14:e1:24:d0:cf:b4:
08:ca:f4:4f:dc:5c:79:0b:b6:14:b5:20:9c:d5:12:
7b:82:df:0b:a9:5c:dd:ce:53:8c:72:e0:73:c3:09:
65:32:15:e2:8a:9d:d7:31:5b:46:51:8c:04:71:d0:
95:5d:82:2b:4c:43:b2:26:97:e7:33:e0:01:87:f8:
2f:70:26:4f:7a:17:1d:a9:c9:c6:b2:f9:44:f9:26:
44:6e:f3:6a:63:19:28:04:cc:b9:cc:ee:9e:93:4a:
5f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B6:95:3D:3E:B4:A7:0C:68:E4:A1:A8:27:A6:04:88:B0:03:C0:71
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h7aVPT60pwxo5KGoJ6YEiLADwHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.51.0/24
185.216.68.0/24
193.42.33.0/24
193.58.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ef:4d:4d:64:bd:dd:01:b6:1a:ca:b9:5f:84:e6:ab:d2:79:
c4:94:ef:8a:f4:36:0f:c7:28:11:7f:09:5e:a5:1c:97:cf:99:
1a:79:9d:1c:75:f6:cb:fc:45:1b:13:44:33:0b:98:b6:cf:22:
04:9b:af:56:55:52:1f:43:e2:56:b4:d1:dd:52:e0:64:53:aa:
04:ed:3e:d2:2d:da:cc:c5:9b:24:34:c5:f6:c4:a8:18:81:de:
34:c6:e4:b1:aa:18:e7:81:5c:ed:3b:c9:9b:d1:9c:2e:a1:d0:
d9:99:6e:b0:c3:ec:60:08:fd:ab:e4:1c:1c:83:33:a4:bb:0e:
c3:1b:a0:8a:fd:c2:d2:f2:e3:c4:b3:7f:e9:a6:89:58:cb:dc:
a4:5f:d4:3d:f8:d0:a8:d2:49:8e:f6:a7:fb:e2:1a:c9:99:fe:
13:5e:77:a2:78:b8:af:29:09:20:b0:35:ef:a9:ab:61:ca:64:
ac:c9:c3:a1:ea:f2:31:c9:a0:3a:47:dd:f3:63:84:c5:30:ea:
fd:36:4e:40:5b:bc:a1:34:75:59:ff:e6:bf:59:fb:42:aa:c6:
95:b7:29:ae:4f:06:fe:f2:ab:ca:02:65:4f:d8:33:d4:a7:14:
83:e4:74:b2:2f:cb:db:ce:08:19:6b:1a:83:32:4a:a3:1b:bb:
49:d2:cb:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWaWmM66y7XoMD2fUCLpbgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTEwMDYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I2OTUzZDNlYjRhNzBjNjhlNGExYTgyN2E2MDQ4OGIwMDNjMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRRwFMQvKlgUZEIWm7qefMmB5rDE
6d+qOGbwUJksAXpoNEu0YWwySb/r2hVyy8mKkxrL4en3hYz3sVSCnh16ARvJn9Iz
wav8uH4XIWaiJrCp81+KU57LQ5yOpIgeiwfM+T+rgqQJ8dm+qrJNf5e7SdW2VUal
Y0gJQhbuNrFyM3OWJN31PwiW7stjG9XTxje8XyBnUsR68TjgJs7jb+4U4STQz7QI
yvRP3Fx5C7YUtSCc1RJ7gt8LqVzdzlOMcuBzwwllMhXiip3XMVtGUYwEcdCVXYIr
TEOyJpfnM+ABh/gvcCZPehcdqcnGsvlE+SZEbvNqYxkoBMy5zO6ek0pfkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIe2lT0+tKcMaOShqCemBIiwA8BxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDdhVlBUNjBwd3hvNUtHb0o2WUVpTEFEd0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT24zAwQA
udhEAwQAwSohAwQAwTp6MA0GCSqGSIb3DQEBCwUAA4IBAQCh701NZL3dAbYayrlf
hOar0nnElO+K9DYPxygRfwlepRyXz5kaeZ0cdfbL/EUbE0QzC5i2zyIEm69WVVIf
Q+JWtNHdUuBkU6oE7T7SLdrMxZskNMX2xKgYgd40xuSxqhjngVztO8mb0ZwuodDZ
mW6ww+xgCP2r5BwcgzOkuw7DG6CK/cLS8uPEs3/ppolYy9ykX9Q9+NCo0kmO9qf7
4hrJmf4TXneieLivKQkgsDXvqathymSsycOh6vIxyaA6R93zY4TFMOr9Nk5AW7yh
NHVZ/+a/WftCqsaVtymuTwb+8qvKAmVP2DPUpxSD5HSyL8vbzggZaxqDMkqjG7tJ
0stt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:16 2024 by rpki-client on console-fra.rpki-client.org