Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa
File: hXVQ5nbyIFWLquYQCTNOwETVF0g.roa (raw, json)
Hash identifier: YhtxGrdG7B7anBlJq7LQ6EPuvxduQGS+zcfg2WmIQi4=
Subject key identifier: 85:75:50:E6:76:F2:20:55:8B:AA:E6:10:09:33:4E:C0:44:D5:17:48
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 018570F0AEE8C42FAF643EC3D933F23D72E8
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49349
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.229.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.230.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ae:e8:c4:2f:af:64:3e:c3:d9:33:f2:3d:72:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=857550e676f220558baae61009334ec044d51748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e2:69:d4:25:0f:c2:0f:f1:e0:36:4a:bc:49:
cd:a2:9d:2b:45:fa:37:10:6a:79:9e:eb:b4:41:ab:
6c:21:40:35:b4:f2:7f:8b:8c:a2:3c:ab:88:60:8e:
01:b9:92:37:27:17:85:2d:52:25:a3:a2:a2:82:3c:
18:c4:49:74:72:6c:e7:5c:37:1b:3a:49:3f:fe:b6:
04:44:5a:9b:80:c0:0c:2f:22:de:96:2e:22:52:c9:
31:7b:bb:97:91:72:b9:b1:b8:74:2e:90:ea:d2:79:
93:c8:ec:39:a2:43:d7:57:7a:f2:28:8c:5d:b6:f8:
41:58:72:e3:c7:d4:8e:4e:1b:c1:51:da:e1:79:54:
6c:34:4f:27:25:00:03:3b:e5:a8:9e:57:00:30:be:
95:be:10:53:2c:b4:cd:f0:19:d3:a3:d7:c8:10:92:
f5:38:2d:f9:e3:89:c4:76:64:66:b7:7b:c4:b8:ae:
06:a9:16:d4:82:8a:9a:f3:6a:3b:b4:6d:90:8e:22:
f7:93:a3:4c:8d:36:e7:c8:b4:11:3d:24:5f:56:12:
9f:57:c5:1a:56:24:d9:4b:d8:06:43:32:85:68:89:
aa:78:a5:f1:48:de:96:dd:ce:c2:9e:b6:b0:42:6e:
0c:ad:24:42:4b:a6:c4:cb:7a:75:f6:32:7d:29:fd:
2b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:75:50:E6:76:F2:20:55:8B:AA:E6:10:09:33:4E:C0:44:D5:17:48
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
d5:4e:45:33:78:d9:82:ff:bb:af:7f:2c:98:4a:7d:6f:ae:2e:
0d:df:19:76:4e:6b:88:8b:3c:af:c2:16:0e:93:45:14:14:27:
1c:51:7d:8b:6c:e1:1d:7a:17:b1:0e:df:10:39:46:73:b2:91:
51:c4:47:9a:e0:9b:03:a8:6a:de:f1:e7:5c:41:93:e0:7b:52:
d5:c2:b5:55:10:a2:11:19:90:e5:ba:52:d8:cc:ea:e5:dc:a7:
ee:eb:c5:cc:0c:db:0f:b0:92:6e:f1:ad:00:46:69:71:df:df:
c4:52:5c:3d:e3:4f:28:b8:a6:2e:65:6c:07:ed:80:e4:8b:ba:
5e:88:e9:10:c6:13:91:14:5d:30:e2:e7:78:ff:f0:45:00:b7:
1f:b6:63:9b:77:0b:cc:67:91:c2:3f:41:e4:4e:f2:39:70:2c:
71:f4:c5:59:91:f6:fe:b1:08:f3:76:58:69:e2:70:cf:09:b0:
0e:ca:a4:d7:ae:99:d5:ed:a5:26:a1:55:ba:b3:ef:25:67:da:
b9:11:31:66:27:2f:7b:12:c9:39:c1:2f:c6:16:0e:de:d1:82:
4f:21:5a:8a:70:fd:03:53:ab:58:44:34:89:92:76:75:94:15:
7b:d4:0d:1b:03:c9:e4:d2:c7:ed:dc:00:fc:cf:40:59:0a:a6:
50:c2:ba:d9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVw8K7oxC+vZD7D2TPyPXLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc1NTBlNjc2ZjIyMDU1OGJhYWU2MTAwOTMzNGVjMDQ0ZDUxNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuJp1CUPwg/x4DZKvEnNop0rRfo3
EGp5nuu0QatsIUA1tPJ/i4yiPKuIYI4BuZI3JxeFLVIlo6KigjwYxEl0cmznXDcb
Okk//rYERFqbgMAMLyLeli4iUskxe7uXkXK5sbh0LpDq0nmTyOw5okPXV3ryKIxd
tvhBWHLjx9SOThvBUdrheVRsNE8nJQADO+WonlcAML6VvhBTLLTN8BnTo9fIEJL1
OC3544nEdmRmt3vEuK4GqRbUgoqa82o7tG2QjiL3k6NMjTbnyLQRPSRfVhKfV8Ua
ViTZS9gGQzKFaImqeKXxSN6W3c7CnrawQm4MrSRCS6bEy3p19jJ9Kf0roQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIV1UOZ28iBVi6rmEAkzTsBE1RdIMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvaFhWUTVuYnlJRldMcXVZUUNUTk93RVRWRjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDBc7gAwQC
uSaMMAwDBAC57OUDBAO57OADBAO8XegwDQQCAAIwBwMFACoAHGAwDQYJKoZIhvcN
AQELBQADggEBANVORTN42YL/u69/LJhKfW+uLg3fGXZOa4iLPK/CFg6TRRQUJxxR
fYts4R16F7EO3xA5RnOykVHER5rgmwOoat7x51xBk+B7UtXCtVUQohEZkOW6UtjM
6uXcp+7rxcwM2w+wkm7xrQBGaXHf38RSXD3jTyi4pi5lbAftgOSLul6I6RDGE5EU
XTDi53j/8EUAtx+2Y5t3C8xnkcI/QeRO8jlwLHH0xVmR9v6xCPN2WGnicM8JsA7K
pNeumdXtpSahVbqz7yVn2rkRMWYnL3sSyTnBL8YWDt7Rgk8hWopw/QNTq1hENImS
dnWUFXvUDRsDyeTSx+3cAPzPQFkKplDCutk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:20 2024 by rpki-client on console-ams.rpki-client.org