Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hoGpz3unrs1rilKKLh8JkxqawOo.roa
File: hoGpz3unrs1rilKKLh8JkxqawOo.roa (raw, json)
Hash identifier: J7EXgEZKBN5oox1OS7+ydGug3YYq10bi9TAsoV9KlYM=
Subject key identifier: 86:81:A9:CF:7B:A7:AE:CD:6B:8A:52:8A:2E:1F:09:93:1A:9A:C0:EA
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 01856D4ACB2EC718D5E7F8A588EDF4CAFC92
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hoGpz3unrs1rilKKLh8JkxqawOo.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39679
IP address blocks: 185.6.138.0/24 maxlen: 24
185.234.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cb:2e:c7:18:d5:e7:f8:a5:88:ed:f4:ca:fc:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8681a9cf7ba7aecd6b8a528a2e1f09931a9ac0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d5:b2:74:1f:76:d1:6f:5f:75:2b:d4:e6:f9:
d8:c9:4d:55:18:3c:ce:61:32:9b:c7:58:7b:ac:31:
b4:8b:7b:85:5e:fa:b4:14:22:15:9f:4e:68:0c:9f:
9b:e7:7c:c1:81:cb:ad:2e:ae:60:34:75:a2:50:13:
6c:19:42:1e:a6:04:b9:68:e5:2d:b0:95:c2:25:66:
27:3b:4c:b2:36:eb:b5:f6:34:28:f8:b3:a2:de:96:
db:40:34:1c:b7:0d:98:8d:33:0a:05:b9:f7:a1:7f:
0b:9c:12:0b:e8:d3:bb:1d:13:f4:a8:06:60:ad:33:
a4:e8:a7:53:7a:6a:93:d0:db:6f:35:14:23:f6:20:
3b:68:0d:0f:42:54:cf:09:d5:2d:db:45:35:28:a3:
87:36:f4:a8:f4:10:7f:eb:14:c8:3c:e6:78:83:a3:
03:33:9b:36:ec:46:42:ad:5e:d7:41:84:14:be:1a:
f2:83:13:58:4a:e0:c9:2a:dc:50:6b:86:51:05:a4:
07:a3:d6:cb:7c:c1:fb:52:8c:7c:9d:bb:fc:11:9f:
59:51:8d:28:33:9e:3e:c1:83:58:e6:9c:29:60:41:
21:c2:24:34:02:4d:1b:14:64:d7:f3:b1:3b:00:20:
18:0d:f7:0a:7a:3c:12:58:a5:77:4b:fd:07:ef:01:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:81:A9:CF:7B:A7:AE:CD:6B:8A:52:8A:2E:1F:09:93:1A:9A:C0:EA
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hoGpz3unrs1rilKKLh8JkxqawOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.138.0/24
185.234.180.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e9:cb:7f:b3:01:3f:cf:8a:fe:e7:3d:74:be:98:e5:62:4a:
33:db:e4:47:13:8e:64:69:37:53:20:75:7a:ee:8e:c5:95:e1:
d3:8a:82:14:0b:f3:77:0b:ae:b8:b0:64:ee:3f:4f:e5:a8:8d:
59:e4:81:9a:1a:d1:99:2d:7d:96:bb:e8:9c:8d:f1:53:f2:9e:
2b:63:e6:4e:c8:bd:81:03:31:63:57:3a:e6:7b:07:ec:e7:97:
ab:3c:e5:75:f2:19:58:18:e1:ef:b2:32:19:82:10:6f:53:d0:
72:88:4f:8b:41:41:e1:dd:e8:a2:8c:40:c0:86:19:ac:6f:2a:
bf:2b:b5:16:55:23:a2:15:f0:e9:4c:a7:c6:1f:c6:cd:96:8a:
32:4c:1f:75:af:fe:38:32:7b:69:5c:e6:69:24:3b:d5:7e:9d:
30:f7:b9:cb:ed:1e:b5:b7:61:f9:e8:ec:5d:5a:45:25:d3:e8:
ee:b1:c8:7f:a9:a6:57:d1:e9:8c:3d:18:45:72:d9:37:3b:9e:
16:93:91:4d:2c:12:cd:8c:0d:85:62:bd:b6:57:dc:60:b7:9e:
f1:c0:9f:94:24:b5:1d:6a:e2:22:94:16:8c:58:79:89:e1:ed:
af:00:89:84:e0:ac:5d:f2:5c:8c:52:43:83:ca:48:86:82:46:
f2:a8:bb:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSssuxxjV5/iliO30yvySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgxYTljZjdiYTdhZWNkNmI4YTUyOGEyZTFmMDk5MzFhOWFjMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNWydB920W9fdSvU5vnYyU1VGDzO
YTKbx1h7rDG0i3uFXvq0FCIVn05oDJ+b53zBgcutLq5gNHWiUBNsGUIepgS5aOUt
sJXCJWYnO0yyNuu19jQo+LOi3pbbQDQctw2YjTMKBbn3oX8LnBIL6NO7HRP0qAZg
rTOk6KdTemqT0NtvNRQj9iA7aA0PQlTPCdUt20U1KKOHNvSo9BB/6xTIPOZ4g6MD
M5s27EZCrV7XQYQUvhrygxNYSuDJKtxQa4ZRBaQHo9bLfMH7Uox8nbv8EZ9ZUY0o
M54+wYNY5pwpYEEhwiQ0Ak0bFGTX87E7ACAYDfcKejwSWKV3S/0H7wE08QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIaBqc97p67Na4pSii4fCZMamsDqMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvaG9HcHozdW5yczFyaWxLS0xoOEpreHFhd09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQaKAwQA
ueq0MA0GCSqGSIb3DQEBCwUAA4IBAQBs6ct/swE/z4r+5z10vpjlYkoz2+RHE45k
aTdTIHV67o7FleHTioIUC/N3C664sGTuP0/lqI1Z5IGaGtGZLX2Wu+icjfFT8p4r
Y+ZOyL2BAzFjVzrmewfs55erPOV18hlYGOHvsjIZghBvU9ByiE+LQUHh3eiijEDA
hhmsbyq/K7UWVSOiFfDpTKfGH8bNlooyTB91r/44MntpXOZpJDvVfp0w97nL7R61
t2H56OxdWkUl0+jusch/qaZX0emMPRhFctk3O54Wk5FNLBLNjA2FYr22V9xgt57x
wJ+UJLUdauIilBaMWHmJ4e2vAImE4Kxd8lyMUkODykiGgkbyqLsV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org