Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/HwccPnIXukLUmBNKNCTFOaXXlro.roa
File: HwccPnIXukLUmBNKNCTFOaXXlro.roa (raw, json)
Hash identifier: KFyXxh5D4t8jSfyv1iVg4XmnJrsaHyx3Hhy6TBnm498=
Subject key identifier: 1F:07:1C:3E:72:17:BA:42:D4:98:13:4A:34:24:C5:39:A5:D7:96:BA
Certificate issuer: /CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Certificate serial: 01856C414982C1ACDA2CEE4C381B9B18B1F2
Authority key identifier: 33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/HwccPnIXukLUmBNKNCTFOaXXlro.roa
Signing time: Sun 01 Jan 2023 07:34:56 +0000
ROA not before: Sun 01 Jan 2023 07:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200342
IP address blocks: 194.39.203.0/24 maxlen: 24
194.39.200.0/24 maxlen: 24
194.39.200.0/22 maxlen: 22
194.39.202.0/24 maxlen: 24
194.39.201.0/24 maxlen: 24
2a0c:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Nov 2023 16:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:49:82:c1:ac:da:2c:ee:4c:38:1b:9b:18:b1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Validity
Not Before: Jan 1 07:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f071c3e7217ba42d498134a3424c539a5d796ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e8:c5:e7:7a:b6:e4:90:f6:f2:8a:3e:86:8a:
02:67:5d:62:8f:66:86:75:ad:f9:c4:4a:51:89:1a:
65:2b:35:51:93:fb:6d:63:d1:a3:6e:81:a1:2b:5c:
ad:0d:a4:0f:79:6d:7d:f0:f3:9b:90:19:c8:d4:76:
98:77:87:c8:0d:30:25:d0:65:f6:11:1e:5d:71:cf:
35:57:31:a2:2b:8c:5d:ab:cf:2f:1e:26:c5:f0:e3:
77:53:01:db:37:ec:e3:e8:63:b8:99:8f:f3:08:1c:
50:05:bf:38:95:ef:27:74:37:0f:96:17:8b:f6:2f:
05:ab:cc:2f:43:27:80:3a:ee:d2:14:2f:a4:a1:aa:
79:2b:d5:19:15:b6:7a:85:f5:b1:32:23:60:6c:b4:
34:3c:45:85:af:05:f2:b4:58:90:1c:83:b0:df:06:
0a:03:7f:f9:9b:0e:02:44:eb:0d:0a:9d:d0:0b:c0:
59:11:f5:14:4f:28:a4:06:69:76:aa:45:84:78:b1:
dd:1e:8e:c8:aa:9b:1c:12:39:f5:35:cf:90:ad:1c:
66:c4:54:eb:5a:fe:59:5c:7e:27:e7:11:38:72:c1:
59:1d:38:43:b0:2a:06:8b:ba:cf:89:be:dd:7c:c6:
bc:48:3b:93:b3:59:e6:50:ef:9f:5b:c9:6a:c2:bc:
c1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:07:1C:3E:72:17:BA:42:D4:98:13:4A:34:24:C5:39:A5:D7:96:BA
X509v3 Authority Key Identifier:
keyid:33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/HwccPnIXukLUmBNKNCTFOaXXlro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.200.0/22
IPv6:
2a0c:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:1f:a3:df:b2:b4:52:51:78:f8:04:1a:e2:32:35:8e:48:64:
38:c1:3d:04:62:90:98:d0:6b:3c:78:d8:94:0a:c7:6a:bc:08:
62:d5:c2:c7:f0:bd:1b:41:a6:a4:9d:ab:05:bf:5e:b3:16:7c:
61:12:5f:f5:b5:cf:bf:b5:f7:72:d3:29:df:43:1b:42:bf:bd:
30:cd:ba:cf:69:55:7a:be:3c:0d:d1:40:93:82:59:6f:c1:c6:
48:06:4b:27:6d:4c:fc:0a:a7:42:e1:90:27:f1:c9:10:f3:d4:
e7:20:ec:35:6c:21:14:34:cf:60:30:bb:6f:a0:9c:c0:d5:76:
ab:76:15:11:e9:6d:e8:6e:d6:6b:dd:f0:fd:51:25:33:b5:43:
30:48:79:0b:9c:03:23:47:fd:55:ca:cd:31:fc:d3:fa:b7:d3:
85:4f:28:1b:0d:b9:f6:d5:9e:7a:55:ff:73:7e:49:4c:8f:b9:
d4:cb:07:da:f6:3f:61:f8:19:a5:ff:0d:2e:87:33:a1:59:30:
f9:e9:6f:19:9b:e4:bf:42:51:4b:48:00:3e:a9:32:92:c4:a0:
ea:a8:a8:7c:94:2f:01:df:31:fa:6a:68:c9:3d:23:2e:1a:77:
67:9c:3c:18:57:ca:47:b7:29:74:f8:6a:66:63:10:b2:58:6f:
05:e0:42:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQUmCwazaLO5MOBubGLHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZTI3OGJhMjgyNjFhMmQxZTU1M2RiZWY2ZGY4NDA5YTIx
YzFhZWYwHhcNMjMwMTAxMDczNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA3MWMzZTcyMTdiYTQyZDQ5ODEzNGEzNDI0YzUzOWE1ZDc5NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ujF53q25JD28oo+hooCZ11ij2aG
da35xEpRiRplKzVRk/ttY9GjboGhK1ytDaQPeW198PObkBnI1HaYd4fIDTAl0GX2
ER5dcc81VzGiK4xdq88vHibF8ON3UwHbN+zj6GO4mY/zCBxQBb84le8ndDcPlheL
9i8Fq8wvQyeAOu7SFC+koap5K9UZFbZ6hfWxMiNgbLQ0PEWFrwXytFiQHIOw3wYK
A3/5mw4CROsNCp3QC8BZEfUUTyikBml2qkWEeLHdHo7IqpscEjn1Nc+QrRxmxFTr
Wv5ZXH4n5xE4csFZHThDsCoGi7rPib7dfMa8SDuTs1nmUO+fW8lqwrzBXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8HHD5yF7pC1JgTSjQkxTml15a6MB8GA1UdIwQY
MBaAFDPieLooJhotHlU9vvbfhAmiHBrvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEt
MjJlYTNhZDVkZTVjLzEvSHdjY1BuSVh1a0xVbUJOS05DVEZPYVhYbHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEtMjJlYTNhZDVkZTVj
LzEvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwifIMA0E
AgACMAcDBQMqDPDAMA0GCSqGSIb3DQEBCwUAA4IBAQANH6PfsrRSUXj4BBriMjWO
SGQ4wT0EYpCY0Gs8eNiUCsdqvAhi1cLH8L0bQaaknasFv16zFnxhEl/1tc+/tfdy
0ynfQxtCv70wzbrPaVV6vjwN0UCTgllvwcZIBksnbUz8CqdC4ZAn8ckQ89TnIOw1
bCEUNM9gMLtvoJzA1XardhUR6W3obtZr3fD9USUztUMwSHkLnAMjR/1Vys0x/NP6
t9OFTygbDbn21Z56Vf9zfklMj7nUywfa9j9h+Bml/w0uhzOhWTD56W8Zm+S/QlFL
SAA+qTKSxKDqqKh8lC8B3zH6amjJPSMuGndnnDwYV8pHtyl0+GpmYxCyWG8F4EI0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org