Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/HmCcHFQK87xCXKgSVUma1dUPyM0.roa
File: HmCcHFQK87xCXKgSVUma1dUPyM0.roa (raw, json)
Hash identifier: 6ipw0LWTumq7pLuQNcWgvHXonXA/OBU7dxPhH81ryrk=
Subject key identifier: 1E:60:9C:1C:54:0A:F3:BC:42:5C:A8:12:55:49:9A:D5:D5:0F:C8:CD
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018570027E68E546F3F509C7512BA4E8BDFF
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/HmCcHFQK87xCXKgSVUma1dUPyM0.roa
Signing time: Mon 02 Jan 2023 01:04:49 +0000
ROA not before: Mon 02 Jan 2023 01:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34684
IP address blocks: 195.87.49.0/24 maxlen: 24
195.87.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:7e:68:e5:46:f3:f5:09:c7:51:2b:a4:e8:bd:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 2 01:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e609c1c540af3bc425ca81255499ad5d50fc8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:65:8c:72:4c:50:51:d6:1c:87:ca:92:54:
b7:42:68:6d:f3:72:05:57:eb:09:c3:c3:e2:a9:7a:
0f:28:e1:62:d4:08:ac:df:7b:70:03:81:fa:ae:20:
14:b2:83:ca:b2:4a:ef:fd:30:83:6f:a5:b5:fc:ee:
5e:cd:8b:b1:58:ab:d1:46:ac:68:b0:e1:d4:f2:44:
25:13:b9:c6:7f:1e:d9:66:f2:64:6f:ff:82:eb:b3:
c3:f8:e8:3b:ba:28:e3:3c:f3:b6:5f:0d:7c:19:48:
d8:d2:7f:28:75:c2:b2:bc:a0:e6:73:61:f6:ab:f4:
3c:fa:ff:3d:da:84:5b:ff:22:2b:9a:34:c0:62:e9:
b7:ad:f5:81:97:f7:c5:0b:3e:61:41:76:a4:8c:f2:
02:4d:01:6b:77:31:57:6a:10:0e:64:20:55:fa:a5:
5d:8b:c6:2c:62:96:64:60:72:01:85:d3:83:f2:6a:
6e:d5:cb:fd:bf:01:ab:d3:40:e9:5f:7e:4f:b5:58:
74:4b:7a:92:9b:bd:2b:91:7d:7f:8a:1a:fd:ae:ba:
ad:37:02:f6:ba:28:c7:aa:5a:3c:38:9e:ff:b2:ce:
76:b7:c8:d2:49:9d:10:43:d8:fa:c4:c5:ea:78:22:
c4:c7:01:f4:7b:c8:0f:0b:b0:ef:03:8b:76:2c:a0:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:60:9C:1C:54:0A:F3:BC:42:5C:A8:12:55:49:9A:D5:D5:0F:C8:CD
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/HmCcHFQK87xCXKgSVUma1dUPyM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.87.47.0/24
195.87.49.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:65:40:93:92:b0:ae:f3:a7:97:0d:4c:52:bc:d3:e3:0c:01:
aa:8a:3e:3d:d9:7d:57:67:11:c2:8d:16:6b:77:09:cd:77:9d:
ee:a3:0c:de:cd:f6:ba:18:49:62:62:17:d0:1a:57:c2:72:fb:
ea:90:0c:e3:d5:a8:6d:7b:d5:18:96:79:16:e7:cb:23:51:8b:
fb:c1:3e:a6:c7:42:a7:14:e9:2f:79:9c:4b:40:c1:17:43:dd:
31:d8:55:74:3c:2d:ee:7b:9d:c4:a9:73:9d:7d:c2:e1:f1:35:
a5:b7:41:d9:ba:cd:3d:bf:ea:98:6a:0f:b2:ca:b4:13:05:21:
c7:a2:09:4e:80:aa:32:00:b6:e8:48:41:a6:43:28:e0:20:5d:
7c:db:18:84:fa:36:f5:bb:a7:7b:28:a0:5f:15:92:30:df:4c:
5a:0c:2e:f5:c7:b1:c2:46:87:27:be:e3:86:60:d5:a2:8f:4e:
9f:74:b4:a3:d2:e2:55:97:07:24:f5:a0:e5:95:3e:5c:04:57:
c3:a2:eb:d3:bd:5a:57:6f:02:a8:85:2b:e7:af:68:97:5a:c1:
20:21:07:56:6c:a0:28:19:c6:f3:0a:c7:f7:dc:1e:3a:0c:92:
6f:c1:27:a6:56:22:6f:5e:a0:df:90:90:81:fc:f5:89:d1:4f:
ba:21:fc:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAn5o5Ubz9QnHUSuk6L3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYwOWMxYzU0MGFmM2JjNDI1Y2E4MTI1NTQ5OWFkNWQ1MGZjOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqpljHJMUFHWHIfKklS3Qmht83IF
V+sJw8PiqXoPKOFi1Ais33twA4H6riAUsoPKskrv/TCDb6W1/O5ezYuxWKvRRqxo
sOHU8kQlE7nGfx7ZZvJkb/+C67PD+Og7uijjPPO2Xw18GUjY0n8odcKyvKDmc2H2
q/Q8+v892oRb/yIrmjTAYum3rfWBl/fFCz5hQXakjPICTQFrdzFXahAOZCBV+qVd
i8YsYpZkYHIBhdOD8mpu1cv9vwGr00DpX35PtVh0S3qSm70rkX1/ihr9rrqtNwL2
uijHqlo8OJ7/ss52t8jSSZ0QQ9j6xMXqeCLExwH0e8gPC7DvA4t2LKB8eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5gnBxUCvO8QlyoElVJmtXVD8jNMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvSG1DY0hGUUs4N3hDWEtnU1ZVbWExZFVQeU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw1cvAwQA
w1cxMA0GCSqGSIb3DQEBCwUAA4IBAQAdZUCTkrCu86eXDUxSvNPjDAGqij492X1X
ZxHCjRZrdwnNd53uowzezfa6GEliYhfQGlfCcvvqkAzj1ahte9UYlnkW58sjUYv7
wT6mx0KnFOkveZxLQMEXQ90x2FV0PC3ue53EqXOdfcLh8TWlt0HZus09v+qYag+y
yrQTBSHHoglOgKoyALboSEGmQyjgIF182xiE+jb1u6d7KKBfFZIw30xaDC71x7HC
RocnvuOGYNWij06fdLSj0uJVlwck9aDllT5cBFfDouvTvVpXbwKohSvnr2iXWsEg
IQdWbKAoGcbzCsf33B46DJJvwSemViJvXqDfkJCB/PWJ0U+6IfwD
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:59 2024 by rpki-client on console-fra.rpki-client.org