Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hoaF6dpPqKEodxySC31zmtwLcBc.roa
File: hoaF6dpPqKEodxySC31zmtwLcBc.roa (raw, json)
Hash identifier: Oo0/BvQ9rvk78nyAAv4mELWyxb5EDWE0og/OhPhuOM0=
Subject key identifier: 86:86:85:E9:DA:4F:A8:A1:28:77:1C:92:0B:7D:73:9A:DC:0B:70:17
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A088CE0FBBA669C9A4C63C84393F3D347
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hoaF6dpPqKEodxySC31zmtwLcBc.roa
Signing time: Fri 18 Aug 2023 12:09:24 +0000
ROA not before: Fri 18 Aug 2023 12:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 94.156.236.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:8c:e0:fb:ba:66:9c:9a:4c:63:c8:43:93:f3:d3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 18 12:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=868685e9da4fa8a128771c920b7d739adc0b7017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ae:67:ab:f7:94:e9:d9:8c:39:68:18:40:a0:
d7:2e:01:f8:63:50:85:9a:28:c5:fb:96:58:49:df:
b2:99:6a:9b:ff:c6:3c:2e:c1:5f:4f:c1:2a:d3:78:
6f:b5:43:5b:77:55:10:3b:5d:7b:d3:48:28:83:51:
d8:16:6f:96:3c:7d:76:36:98:cd:de:0b:7f:07:e0:
c1:bf:76:a7:4a:65:d7:5d:f3:b0:49:a2:a8:52:17:
ad:12:95:8a:c2:cc:ec:86:cd:59:55:2a:b5:3a:b6:
de:6a:f8:3d:9e:bb:64:e8:d0:07:40:17:50:ed:54:
05:12:6d:94:b9:8d:fa:89:a7:08:8d:f8:c7:48:c6:
66:41:73:4b:2d:f5:fa:9b:3a:cf:ff:20:a4:fa:b9:
b4:1a:2a:48:c4:41:0b:3f:9a:e0:dd:82:66:1e:aa:
bf:3f:40:5e:a3:fd:aa:26:53:ee:84:9b:24:e1:2d:
d3:34:08:71:f1:ce:d1:db:5a:b0:c6:17:72:3f:7c:
ee:37:90:6e:2a:19:50:9a:f2:5b:9f:b4:65:c2:52:
1b:23:72:59:38:6b:65:3c:49:cf:ab:cc:84:0a:f4:
25:f6:c6:c1:75:4f:b3:8e:69:d1:0c:5b:e6:a2:11:
f5:00:b6:5c:86:94:4a:95:43:67:ad:fc:20:d3:ac:
d2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:86:85:E9:DA:4F:A8:A1:28:77:1C:92:0B:7D:73:9A:DC:0B:70:17
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hoaF6dpPqKEodxySC31zmtwLcBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.177.0/24
94.156.236.0/24
Signature Algorithm: sha256WithRSAEncryption
04:04:91:a6:71:dc:61:e1:69:e1:be:95:ca:12:c0:32:07:75:
92:ac:92:05:b9:9d:07:15:2c:7f:de:1e:10:e0:bf:1b:8d:fc:
bf:5d:5a:05:6f:42:38:ee:d7:8c:4c:ed:8c:27:35:c5:1b:e3:
28:58:71:ec:e5:a0:13:5a:b6:bb:8c:7c:51:3d:25:00:6a:0e:
63:95:4f:60:8a:09:29:32:9d:b6:3b:11:7b:95:4c:07:58:d6:
b9:41:7d:06:f4:60:87:6a:00:34:ef:c5:55:70:01:d6:32:c9:
55:02:0f:77:fc:9c:24:b9:38:79:5c:1a:d4:75:55:46:c6:da:
13:43:fb:76:fe:67:1a:68:87:a6:e4:b8:55:85:12:a1:cd:ef:
1a:c7:ce:22:21:6f:da:ba:97:91:3a:33:1f:13:cb:66:a7:35:
2e:33:44:dd:c7:a9:f2:cd:11:5d:3a:b8:50:27:bd:a8:45:ca:
d0:c1:c9:d2:35:1a:bc:07:c2:21:2f:5c:f0:6d:c6:c4:07:64:
43:d3:83:c8:21:bf:a3:d1:1f:6a:cf:f2:a7:22:a2:2f:b2:6a:
9c:f5:3f:d7:15:2f:c9:c7:4b:dc:bc:d5:da:c3:c7:b8:a3:13:
c0:8d:03:1d:e1:86:32:eb:b3:f6:ad:9f:2c:65:89:db:e0:18:
e9:16:fe:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoIjOD7umacmkxjyEOT89NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE4MTIwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg2ODVlOWRhNGZhOGExMjg3NzFjOTIwYjdkNzM5YWRjMGI3MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra5nq/eU6dmMOWgYQKDXLgH4Y1CF
mijF+5ZYSd+ymWqb/8Y8LsFfT8Eq03hvtUNbd1UQO11700gog1HYFm+WPH12NpjN
3gt/B+DBv3anSmXXXfOwSaKoUhetEpWKwszshs1ZVSq1Orbeavg9nrtk6NAHQBdQ
7VQFEm2UuY36iacIjfjHSMZmQXNLLfX6mzrP/yCk+rm0GipIxEELP5rg3YJmHqq/
P0Beo/2qJlPuhJsk4S3TNAhx8c7R21qwxhdyP3zuN5BuKhlQmvJbn7RlwlIbI3JZ
OGtlPEnPq8yECvQl9sbBdU+zjmnRDFvmohH1ALZchpRKlUNnrfwg06zSEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIaGhenaT6ihKHcckgt9c5rcC3AXMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaG9hRjZkcFBxS0VvZHh5U0MzMXptdHdMY0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpyxAwQA
XpzsMA0GCSqGSIb3DQEBCwUAA4IBAQAEBJGmcdxh4WnhvpXKEsAyB3WSrJIFuZ0H
FSx/3h4Q4L8bjfy/XVoFb0I47teMTO2MJzXFG+MoWHHs5aATWra7jHxRPSUAag5j
lU9gigkpMp22OxF7lUwHWNa5QX0G9GCHagA078VVcAHWMslVAg93/JwkuTh5XBrU
dVVGxtoTQ/t2/mcaaIem5LhVhRKhze8ax84iIW/aupeROjMfE8tmpzUuM0Tdx6ny
zRFdOrhQJ72oRcrQwcnSNRq8B8IhL1zwbcbEB2RD04PIIb+j0R9qz/KnIqIvsmqc
9T/XFS/Jx0vcvNXaw8e4oxPAjQMd4YYy67P2rZ8sZYnb4BjpFv4a
-----END CERTIFICATE-----
Generated at Wed Aug 23 05:40:48 2023 by rpki-client on console-ams.rpki-client.org