Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/H1nDb3hUTO7x_90U00YT_jYCpfY.roa
File: H1nDb3hUTO7x_90U00YT_jYCpfY.roa (raw, json)
Hash identifier: I9bI+8ok+ywuShkG07ldN4xdyTGaevBG6YWibRx0Js4=
Subject key identifier: 1F:59:C3:6F:78:54:4C:EE:F1:FF:DD:14:D3:46:13:FE:36:02:A5:F6
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 018570FBA22618A899D56D26E5550F2EB6E0
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/H1nDb3hUTO7x_90U00YT_jYCpfY.roa
Signing time: Mon 02 Jan 2023 05:36:57 +0000
ROA not before: Mon 02 Jan 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34848
IP address blocks: 89.104.192.0/19 maxlen: 19
89.104.206.0/24 maxlen: 24
193.238.186.0/24 maxlen: 24
193.238.184.0/24 maxlen: 24
195.245.210.0/24 maxlen: 24
195.242.120.0/23 maxlen: 23
185.38.182.0/23 maxlen: 23
185.38.181.0/24 maxlen: 24
185.38.180.0/24 maxlen: 24
193.238.187.0/24 maxlen: 24
2a01:77c0:6::/48 maxlen: 48
2a01:77c0:1181::/48 maxlen: 48
2a01:77c0::/36 maxlen: 36
2a01:77c0:1180::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a2:26:18:a8:99:d5:6d:26:e5:55:0f:2e:b6:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Jan 2 05:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f59c36f78544ceef1ffdd14d34613fe3602a5f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:7a:cb:15:bf:d4:9a:18:0a:cc:0b:27:c7:
b2:36:6d:c2:f0:28:48:ec:e6:c0:3f:03:df:1d:30:
64:23:c5:2d:a1:4e:b6:06:16:2c:ac:2d:dc:22:60:
cb:65:06:2c:6c:5e:e2:4c:6a:97:69:6a:fa:ca:27:
4f:f2:e1:2f:5f:15:e8:3a:2c:a5:6e:16:6a:33:18:
89:c2:f5:04:9b:37:73:5f:b1:06:4b:9c:1d:40:54:
95:80:9e:59:6e:a6:1c:2d:7f:db:6a:8d:4f:51:eb:
85:5a:ae:63:98:65:26:2b:68:92:1c:4a:9b:3b:55:
10:db:8e:be:36:7e:b0:17:e9:33:4c:bf:01:91:cd:
a5:e4:c9:c3:b2:dd:50:7e:cd:14:c9:92:98:31:cd:
0a:9c:36:e3:b9:6d:00:73:f5:4c:59:9e:be:de:25:
fe:62:ff:ed:c1:9c:57:81:d6:f1:fd:8e:82:b3:df:
89:75:ae:c2:43:d0:69:81:e4:cc:db:ce:e4:71:8e:
9d:d0:af:d9:5e:b9:ae:d2:f7:22:cc:5b:a9:51:26:
69:da:f1:70:65:1b:46:b5:30:be:f6:44:6a:87:e1:
7d:5a:b2:23:75:a9:17:57:99:50:a5:35:42:2a:22:
c1:33:88:a4:17:f0:6f:4e:85:89:3f:90:60:36:33:
b9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:59:C3:6F:78:54:4C:EE:F1:FF:DD:14:D3:46:13:FE:36:02:A5:F6
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/H1nDb3hUTO7x_90U00YT_jYCpfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.192.0/19
185.38.180.0/22
193.238.184.0/24
193.238.186.0/23
195.242.120.0/23
195.245.210.0/24
IPv6:
2a01:77c0::/36
2a01:77c0:1180::/47
Signature Algorithm: sha256WithRSAEncryption
83:91:10:da:0e:b6:c0:78:6f:ff:10:9a:4c:04:14:04:a8:d0:
ed:6f:73:44:f4:c2:55:79:aa:e9:5c:c9:d8:e4:68:25:1d:34:
9d:d9:99:9d:49:e9:c2:50:ec:79:0d:05:b0:84:a1:18:78:aa:
e2:6c:57:39:b7:1e:47:0e:62:f4:86:56:87:a7:9d:35:e8:b9:
6c:48:a0:05:97:8c:61:8c:81:63:ef:56:5b:8e:d2:e1:2e:5a:
be:fe:94:48:32:60:31:ad:4c:2c:ae:0a:a9:0a:da:83:22:75:
87:72:92:6b:1e:1d:61:bd:e0:e8:7f:b9:0c:c0:9d:c4:5b:b2:
80:3d:45:c8:c6:01:06:d3:d3:8c:db:51:8f:d8:16:b0:79:e1:
7e:d1:80:f0:87:29:af:55:10:70:e3:b7:a7:fa:d4:95:ca:bb:
e0:9c:e1:f1:73:88:42:eb:9f:6c:fe:0b:a0:22:34:79:c7:fe:
99:64:9f:0d:99:10:25:cf:65:52:5d:00:3a:7e:23:44:3a:08:
71:b3:42:81:b7:4a:52:93:23:dc:75:26:48:d9:57:ce:d7:80:
1f:7a:3a:19:6a:db:9a:21:6a:c6:c2:d2:bc:75:25:4c:4f:a8:
4a:4f:fa:12:78:63:c1:5b:27:60:78:d2:8b:e0:16:07:22:c6:
da:f2:e3:2e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYVw+6ImGKiZ1W0m5VUPLrbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjMwMTAyMDUzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU5YzM2Zjc4NTQ0Y2VlZjFmZmRkMTRkMzQ2MTNmZTM2MDJhNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb16yxW/1JoYCswLJ8eyNm3C8ChI
7ObAPwPfHTBkI8UtoU62BhYsrC3cImDLZQYsbF7iTGqXaWr6yidP8uEvXxXoOiyl
bhZqMxiJwvUEmzdzX7EGS5wdQFSVgJ5ZbqYcLX/bao1PUeuFWq5jmGUmK2iSHEqb
O1UQ246+Nn6wF+kzTL8Bkc2l5MnDst1Qfs0UyZKYMc0KnDbjuW0Ac/VMWZ6+3iX+
Yv/twZxXgdbx/Y6Cs9+Jda7CQ9BpgeTM287kcY6d0K/ZXrmu0vcizFupUSZp2vFw
ZRtGtTC+9kRqh+F9WrIjdakXV5lQpTVCKiLBM4ikF/BvToWJP5BgNjO56QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFB9Zw294VEzu8f/dFNNGE/42AqX2MB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvSDFuRGIzaFVUTzd4XzkwVTAwWVRfallDcGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAqBAIAATAkAwQFWWjAAwQC
uSa0AwQAwe64AwQBwe66AwQBw/J4AwQAw/XSMBcEAgACMBEDBgQqAXfAAAMHASoB
d8ARgDANBgkqhkiG9w0BAQsFAAOCAQEAg5EQ2g62wHhv/xCaTAQUBKjQ7W9zRPTC
VXmq6VzJ2ORoJR00ndmZnUnpwlDseQ0FsIShGHiq4mxXObceRw5i9IZWh6edNei5
bEigBZeMYYyBY+9WW47S4S5avv6USDJgMa1MLK4KqQragyJ1h3KSax4dYb3g6H+5
DMCdxFuygD1FyMYBBtPTjNtRj9gWsHnhftGA8Icpr1UQcOO3p/rUlcq74Jzh8XOI
QuufbP4LoCI0ecf+mWSfDZkQJc9lUl0AOn4jRDoIcbNCgbdKUpMj3HUmSNlXzteA
H3o6GWrbmiFqxsLSvHUlTE+oSk/6EnhjwVsnYHjSi+AWByLG2vLjLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:44 2024 by rpki-client on console-ams.rpki-client.org