Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hFhFAEQ6QRiNBWJ1Knc_LXl_tRw.roa
File: hFhFAEQ6QRiNBWJ1Knc_LXl_tRw.roa (raw, json)
Hash identifier: OjDLzT5Ybh0jPBdkX5pHZItg6hwBaIjYPebl7CsVtSw=
Subject key identifier: 84:58:45:00:44:3A:41:18:8D:05:62:75:2A:77:3F:2D:79:7F:B5:1C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186FE663066E9ED6B9E7D93EBFCA027F368
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hFhFAEQ6QRiNBWJ1Knc_LXl_tRw.roa
Signing time: Mon 20 Mar 2023 09:42:35 +0000
ROA not before: Mon 20 Mar 2023 09:42:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 84.21.173.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 13:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:66:30:66:e9:ed:6b:9e:7d:93:eb:fc:a0:27:f3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 20 09:42:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84584500443a41188d0562752a773f2d797fb51c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6a:f2:2b:44:15:d1:42:64:9b:ec:23:8e:af:
6b:15:a2:8a:74:b3:4a:f0:6f:8e:93:5b:78:67:67:
4b:07:72:8d:4e:b7:be:68:69:75:ea:c3:1c:21:af:
8f:37:02:d1:c4:07:05:c2:45:c9:22:d9:54:7d:00:
88:8d:f9:77:4e:17:fc:15:c7:4f:05:39:b2:7e:f7:
01:11:65:59:19:cf:a6:36:f4:2f:13:9c:4b:48:88:
04:7e:34:32:63:d0:d1:53:fc:64:31:09:8f:a1:5a:
eb:d1:20:bf:c0:81:9d:33:dd:40:61:22:1a:fd:34:
5f:7c:ae:99:89:cb:22:8b:e1:7a:4c:e8:8e:4e:12:
47:7e:01:86:7b:c3:c2:c3:88:50:b7:d8:96:74:83:
4e:16:94:da:94:c0:3c:47:0e:ac:35:96:16:8f:d0:
4e:07:fc:9e:7e:bf:0e:43:f4:55:eb:af:77:75:34:
51:e5:bc:85:52:81:46:f7:ed:93:19:b3:d0:e5:1a:
e6:9f:78:3e:dd:e9:44:73:14:10:28:9a:37:1c:23:
4b:45:df:87:6e:a6:b5:82:0c:10:dd:69:af:8f:84:
69:29:35:8a:7e:65:7d:f2:10:9a:3d:98:96:48:07:
d5:f3:c3:e7:b6:0f:59:e1:ed:70:d1:50:68:8e:83:
3d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:58:45:00:44:3A:41:18:8D:05:62:75:2A:77:3F:2D:79:7F:B5:1C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hFhFAEQ6QRiNBWJ1Knc_LXl_tRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
85.209.132.0/24
176.125.255.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b6:1e:ee:0f:91:0f:2b:88:f7:c6:42:f4:14:ec:d1:d2:25:
d8:a5:ca:ba:92:92:02:54:d1:26:6b:3b:dd:27:55:6e:4a:f4:
a1:0c:50:8e:20:1d:94:30:f7:a5:09:a6:22:89:c5:25:90:b4:
05:82:e3:b7:9e:f1:e2:9c:70:a7:cd:43:85:69:aa:09:15:eb:
5e:76:be:60:6c:6b:53:53:95:8b:28:5d:72:17:97:ca:0a:80:
f9:36:f0:bc:9f:ff:44:29:39:b4:56:c0:32:f9:c6:a2:f8:4d:
b5:cf:c1:71:4a:b0:a2:5c:d5:3c:03:c2:54:53:5d:48:66:2f:
bd:c6:3a:62:48:6f:30:7b:93:1c:87:ea:8b:56:9a:d2:0a:a4:
a6:25:cc:a2:6d:76:30:c4:da:9b:98:19:dd:03:27:c2:8f:62:
87:fd:ee:b9:65:7f:ff:7d:08:5b:9a:5f:ac:6e:46:10:eb:fb:
fb:97:96:39:e0:5a:aa:69:18:0b:1d:35:be:6c:8a:b0:b3:de:
4b:90:b5:6a:5a:3b:a3:98:f1:32:2c:e6:21:85:95:62:9a:ce:
b4:23:ee:7d:3a:11:41:96:8f:97:bb:7c:5d:44:a5:b4:ba:3d:
eb:f6:6b:cf:ea:24:ec:98:f9:3b:16:47:ff:b2:ec:ee:e8:55:
d3:cb:a8:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYb+ZjBm6e1rnn2T6/ygJ/NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzIwMDk0MjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU4NDUwMDQ0M2E0MTE4OGQwNTYyNzUyYTc3M2YyZDc5N2ZiNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWryK0QV0UJkm+wjjq9rFaKKdLNK
8G+Ok1t4Z2dLB3KNTre+aGl16sMcIa+PNwLRxAcFwkXJItlUfQCIjfl3Thf8FcdP
BTmyfvcBEWVZGc+mNvQvE5xLSIgEfjQyY9DRU/xkMQmPoVrr0SC/wIGdM91AYSIa
/TRffK6Zicsii+F6TOiOThJHfgGGe8PCw4hQt9iWdINOFpTalMA8Rw6sNZYWj9BO
B/yefr8OQ/RV6693dTRR5byFUoFG9+2TGbPQ5Rrmn3g+3elEcxQQKJo3HCNLRd+H
bqa1ggwQ3Wmvj4RpKTWKfmV98hCaPZiWSAfV88Pntg9Z4e1w0VBojoM9xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIRYRQBEOkEYjQVidSp3Py15f7UcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaEZoRkFFUTZRUmlOQldKMUtuY19MWGxfdFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVBWtAwQA
VdGEAwQAsH3/AwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQBdth7uD5EPK4j3xkL0
FOzR0iXYpcq6kpICVNEmazvdJ1VuSvShDFCOIB2UMPelCaYiicUlkLQFguO3nvHi
nHCnzUOFaaoJFetedr5gbGtTU5WLKF1yF5fKCoD5NvC8n/9EKTm0VsAy+cai+E21
z8FxSrCiXNU8A8JUU11IZi+9xjpiSG8we5Mch+qLVprSCqSmJcyibXYwxNqbmBnd
AyfCj2KH/e65ZX//fQhbml+sbkYQ6/v7l5Y54FqqaRgLHTW+bIqws95LkLVqWjuj
mPEyLOYhhZVims60I+59OhFBlo+Xu3xdRKW0uj3r9mvP6iTsmPk7Fkf/suzu6FXT
y6gM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org