Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/hakcAYQ-x8XLWzwmFKL4SqiQzJw.roa
File: hakcAYQ-x8XLWzwmFKL4SqiQzJw.roa (raw, json)
Hash identifier: dc2yj14uz3SjJ8yCEvSm+w2hkhbaVLd2QnxucBJmKjM=
Subject key identifier: 85:A9:1C:01:84:3E:C7:C5:CB:5B:3C:26:14:A2:F8:4A:A8:90:CC:9C
Certificate issuer: /CN=7df0c231b802ec575adaf6518c1c0ae13f3f1bc1
Certificate serial: 018573E859AE9F43DFCF027FB5E857EBD43B
Authority key identifier: 7D:F0:C2:31:B8:02:EC:57:5A:DA:F6:51:8C:1C:0A:E1:3F:3F:1B:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffDCMbgC7Fda2vZRjBwK4T8_G8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/hakcAYQ-x8XLWzwmFKL4SqiQzJw.roa
Signing time: Mon 02 Jan 2023 19:14:45 +0000
ROA not before: Mon 02 Jan 2023 19:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50628
IP address blocks: 185.173.68.0/22 maxlen: 22
178.208.0.0/19 maxlen: 19
185.194.156.0/22 maxlen: 22
2a04:3d80::/29 maxlen: 29
2a0b:3b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:e8:59:ae:9f:43:df:cf:02:7f:b5:e8:57:eb:d4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0c231b802ec575adaf6518c1c0ae13f3f1bc1
Validity
Not Before: Jan 2 19:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a91c01843ec7c5cb5b3c2614a2f84aa890cc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:35:dc:ec:8c:40:bc:15:d5:e3:3c:d0:f1:01:
09:09:b1:14:85:e6:77:2d:eb:71:12:f7:03:99:21:
e9:38:f0:88:28:3c:35:94:76:b5:f4:ae:60:3d:e5:
0c:ab:c3:cd:64:c0:e2:8a:aa:ed:95:69:84:b8:66:
6a:81:2b:ac:23:4f:b4:2a:df:df:21:b9:78:2b:76:
70:c7:0f:cf:e0:87:d9:92:ef:73:2d:84:56:37:84:
a7:2f:6b:5f:4e:a6:f4:74:ac:18:10:3d:7c:71:75:
e7:79:32:76:9c:89:bd:e6:08:22:ec:0a:aa:1b:c3:
8b:3e:c0:a4:dd:05:82:05:38:3b:96:68:fa:74:60:
c3:d8:b9:da:e0:48:9a:81:fa:d4:30:cf:da:4d:11:
97:e8:e6:79:ce:4d:1d:25:d0:d3:86:f8:85:26:df:
24:98:65:63:8d:c7:e2:eb:c7:f1:fd:a9:b1:95:c4:
7a:4c:46:7e:aa:7f:ec:13:36:73:9e:28:25:7f:46:
78:c5:8e:ff:5e:e1:82:52:6f:a6:2b:a2:64:b3:d8:
2b:99:f9:fa:18:0f:71:ab:5c:8e:51:90:15:17:aa:
10:2c:6a:3e:f9:98:1c:c7:f6:0f:f9:18:45:8a:07:
49:3f:cc:d3:6a:74:43:7c:68:86:41:9e:95:50:7b:
eb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A9:1C:01:84:3E:C7:C5:CB:5B:3C:26:14:A2:F8:4A:A8:90:CC:9C
X509v3 Authority Key Identifier:
keyid:7D:F0:C2:31:B8:02:EC:57:5A:DA:F6:51:8C:1C:0A:E1:3F:3F:1B:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffDCMbgC7Fda2vZRjBwK4T8_G8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/hakcAYQ-x8XLWzwmFKL4SqiQzJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec3092-1149-48d9-b2ff-d27aecc2b744/1/ffDCMbgC7Fda2vZRjBwK4T8_G8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.0.0/19
185.173.68.0/22
185.194.156.0/22
IPv6:
2a04:3d80::/29
2a0b:3b00::/29
Signature Algorithm: sha256WithRSAEncryption
06:a7:1a:ae:10:2a:1a:47:5c:b9:6d:db:7c:3d:aa:6a:f7:27:
1a:88:5b:af:2d:dc:26:2d:dc:1d:4b:ec:96:b4:c2:f8:4e:d4:
c3:f7:e8:7d:ae:d3:40:8a:fe:dd:a4:70:3d:87:6b:5a:87:9f:
39:3a:50:c7:33:92:4c:a5:c3:ef:80:d3:1f:3a:f7:c1:96:c8:
4b:af:a8:45:3d:3b:ee:d8:98:fb:67:44:52:7a:9a:03:80:a8:
04:6c:b9:09:c6:c8:42:81:03:62:b6:44:c5:7b:38:63:cd:da:
c4:5d:2f:4f:7a:04:94:93:51:e7:d1:e9:75:87:60:1a:3d:88:
7d:67:93:c4:a8:c1:29:2c:79:b1:93:d0:be:27:60:23:3b:9e:
f3:bd:13:80:36:11:6a:23:ce:5f:d7:88:45:04:c4:5e:e6:62:
6b:ed:85:88:61:ca:fb:86:ca:25:4d:d7:d3:ac:39:ef:3f:57:
61:e1:e0:72:f2:68:48:85:4e:8c:cf:07:18:56:59:ad:07:f6:
3f:7b:f9:7e:9f:ba:7d:43:75:e5:05:8d:69:27:4c:c0:8b:a3:
22:8b:a7:fa:36:a1:c3:0c:2f:df:8d:57:1a:ef:d7:ad:37:68:
f9:df:02:95:1f:1e:8b:a1:36:96:db:43:bb:94:7a:88:12:c8:
08:49:77:49
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVz6Fmun0PfzwJ/tehX69Q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjBjMjMxYjgwMmVjNTc1YWRhZjY1MThjMWMwYWUxM2Yz
ZjFiYzEwHhcNMjMwMTAyMTkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE5MWMwMTg0M2VjN2M1Y2I1YjNjMjYxNGEyZjg0YWE4OTBjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzXc7IxAvBXV4zzQ8QEJCbEUheZ3
LetxEvcDmSHpOPCIKDw1lHa19K5gPeUMq8PNZMDiiqrtlWmEuGZqgSusI0+0Kt/f
Ibl4K3Zwxw/P4IfZku9zLYRWN4SnL2tfTqb0dKwYED18cXXneTJ2nIm95ggi7Aqq
G8OLPsCk3QWCBTg7lmj6dGDD2Lna4EiagfrUMM/aTRGX6OZ5zk0dJdDThviFJt8k
mGVjjcfi68fx/amxlcR6TEZ+qn/sEzZzniglf0Z4xY7/XuGCUm+mK6Jks9grmfn6
GA9xq1yOUZAVF6oQLGo++Zgcx/YP+RhFigdJP8zTanRDfGiGQZ6VUHvrrwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIWpHAGEPsfFy1s8JhSi+EqokMycMB8GA1UdIwQY
MBaAFH3wwjG4AuxXWtr2UYwcCuE/PxvBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZEQ01iZ0M3RmRhMnZaUmpCd0s0VDhfRzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzMwOTItMTE0OS00OGQ5LWIyZmYt
ZDI3YWVjYzJiNzQ0LzEvaGFrY0FZUS14OFhMV3p3bUZLTDRTcWlRekp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzMwOTItMTE0OS00OGQ5LWIyZmYtZDI3YWVjYzJiNzQ0
LzEvZmZEQ01iZ0M3RmRhMnZaUmpCd0s0VDhfRzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQFstAAAwQC
ua1EAwQCucKcMBQEAgACMA4DBQMqBD2AAwUDKgs7ADANBgkqhkiG9w0BAQsFAAOC
AQEABqcarhAqGkdcuW3bfD2qavcnGohbry3cJi3cHUvslrTC+E7Uw/fofa7TQIr+
3aRwPYdrWoefOTpQxzOSTKXD74DTHzr3wZbIS6+oRT077tiY+2dEUnqaA4CoBGy5
CcbIQoEDYrZExXs4Y83axF0vT3oElJNR59HpdYdgGj2IfWeTxKjBKSx5sZPQvidg
Izue870TgDYRaiPOX9eIRQTEXuZia+2FiGHK+4bKJU3X06w57z9XYeHgcvJoSIVO
jM8HGFZZrQf2P3v5fp+6fUN15QWNaSdMwIujIoun+jahwwwv341XGu/XrTdo+d8C
lR8ei6E2lttDu5R6iBLICEl3SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:46 2024 by rpki-client on console-ams.rpki-client.org