Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa
File: HJlWQklEQJEg3puJGHLORXKnJH4.roa (raw, json)
Hash identifier: t2duH7NEUemfK0skZmGjTlg7S7jk/C3Due9Ko79hkKQ=
Subject key identifier: 1C:99:56:42:49:44:40:91:20:DE:9B:89:18:72:CE:45:72:A7:24:7E
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 0185703968A41B320E3C329E54AFD3E66FCA
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60750
IP address blocks: 185.26.109.0/24 maxlen: 24
185.26.108.0/24 maxlen: 24
185.26.108.0/22 maxlen: 24
2a00:8760::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:68:a4:1b:32:0e:3c:32:9e:54:af:d3:e6:6f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c9956424944409120de9b891872ce4572a7247e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b4:f6:5e:5f:34:13:f8:97:0e:59:f6:61:13:
a8:7c:3b:2b:62:d4:66:ca:3e:6a:c2:3e:d6:02:38:
19:9c:9d:73:93:01:f7:a4:10:6e:cb:bb:fa:5a:78:
26:6b:3d:8c:39:bc:28:58:5c:82:53:5b:99:db:ca:
9f:90:d3:bd:d9:cf:df:9b:d0:e1:5b:3b:03:41:55:
3f:7e:8a:6b:87:76:52:05:a5:99:3c:70:3b:58:8f:
e3:51:6c:a8:b5:ad:29:85:ab:5d:fc:83:ea:eb:c2:
97:ed:f8:63:bd:af:e4:39:58:a9:52:a0:b3:fc:c5:
15:db:ca:41:06:53:a5:1d:22:0f:fa:b0:d6:47:b4:
7d:7f:a8:a3:20:87:0a:b4:6e:a6:90:f9:3f:66:15:
bd:d0:fc:34:ae:e0:0b:55:59:09:34:ec:62:74:0b:
c3:e2:8b:7a:ca:c2:f7:7c:06:d9:20:90:4d:05:7e:
1d:d6:fd:86:a0:18:74:6e:34:41:db:60:b4:8b:08:
5b:c7:21:94:63:e3:04:43:7b:b8:fd:f8:40:a6:16:
36:b1:28:a3:2d:45:4e:ef:22:0c:d9:37:cc:a7:62:
e8:e5:ae:73:1c:4d:b8:a1:07:39:52:36:b7:34:4b:
ae:3d:87:c7:ab:26:1a:80:e0:06:e5:71:c0:5c:f4:
5e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:56:42:49:44:40:91:20:DE:9B:89:18:72:CE:45:72:A7:24:7E
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.108.0/22
IPv6:
2a00:8760::/32
Signature Algorithm: sha256WithRSAEncryption
40:6f:df:f5:5a:98:ec:34:84:ab:5f:13:39:db:1f:3c:6b:61:
11:26:23:c1:b0:15:ae:b6:bd:04:77:32:24:c2:dd:64:d1:38:
07:d5:aa:93:a8:c4:6d:c6:39:db:db:d8:9d:17:ce:b5:85:98:
2f:97:9c:78:d7:63:93:ea:a3:21:2b:dd:60:ad:f8:38:88:99:
ef:68:9a:32:e9:5f:98:d3:be:49:b0:d7:44:22:2d:65:a7:a5:
2e:d1:8a:20:4a:30:d3:43:49:ea:3a:19:4f:6d:22:e6:1a:74:
e9:9b:ba:fe:6c:c7:e9:03:cd:56:bc:68:89:22:06:1c:c3:16:
2b:c8:4b:97:53:41:27:60:37:ac:8b:19:00:54:66:d5:0e:5c:
93:73:60:0f:17:b4:3a:3b:de:c6:20:fd:16:47:a6:36:1f:a2:
e5:b3:49:0d:91:68:6f:1b:e7:b0:74:ba:89:78:74:03:1f:43:
31:23:a6:29:08:a4:8f:c2:b6:85:0b:90:83:c9:4d:2c:6d:c8:
5d:83:15:e1:52:fe:02:3e:4f:0b:bf:92:80:96:cf:0d:30:e7:
0d:40:5d:20:60:bd:78:e9:1a:55:0f:83:58:48:ed:7b:09:ba:
88:ed:0a:e9:8d:90:d7:74:71:ce:cc:fd:7d:00:fe:ee:14:32:
39:b7:1f:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwOWikGzIOPDKeVK/T5m/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5NTY0MjQ5NDQ0MDkxMjBkZTliODkxODcyY2U0NTcyYTcyNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7T2Xl80E/iXDln2YROofDsrYtRm
yj5qwj7WAjgZnJ1zkwH3pBBuy7v6Wngmaz2MObwoWFyCU1uZ28qfkNO92c/fm9Dh
WzsDQVU/foprh3ZSBaWZPHA7WI/jUWyota0phatd/IPq68KX7fhjva/kOVipUqCz
/MUV28pBBlOlHSIP+rDWR7R9f6ijIIcKtG6mkPk/ZhW90Pw0ruALVVkJNOxidAvD
4ot6ysL3fAbZIJBNBX4d1v2GoBh0bjRB22C0iwhbxyGUY+MEQ3u4/fhAphY2sSij
LUVO7yIM2TfMp2Lo5a5zHE24oQc5Uja3NEuuPYfHqyYagOAG5XHAXPRe8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFByZVkJJRECRIN6biRhyzkVypyR+MB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvSEpsV1FrbEVRSkVnM3B1SkdITE9SWEtuSkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRpsMA0E
AgACMAcDBQAqAIdgMA0GCSqGSIb3DQEBCwUAA4IBAQBAb9/1WpjsNISrXxM52x88
a2ERJiPBsBWutr0EdzIkwt1k0TgH1aqTqMRtxjnb29idF861hZgvl5x412OT6qMh
K91grfg4iJnvaJoy6V+Y075JsNdEIi1lp6Uu0YogSjDTQ0nqOhlPbSLmGnTpm7r+
bMfpA81WvGiJIgYcwxYryEuXU0EnYDesixkAVGbVDlyTc2APF7Q6O97GIP0WR6Y2
H6Lls0kNkWhvG+ewdLqJeHQDH0MxI6YpCKSPwraFC5CDyU0sbchdgxXhUv4CPk8L
v5KAls8NMOcNQF0gYL146RpVD4NYSO17CbqI7QrpjZDXdHHOzP19AP7uFDI5tx8c
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:46 2024 by rpki-client on console-ams.rpki-client.org