Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/hg8cpf--1_-DKXMIMO1GqCvZbr8.roa
File: hg8cpf--1_-DKXMIMO1GqCvZbr8.roa (raw, json)
Hash identifier: ygYJ1OPBTWT+5FiqfjvgzPIjutHCvSM3NG//EQUn+0U=
Subject key identifier: 86:0F:1C:A5:FF:BE:D7:FF:83:29:73:08:30:ED:46:A8:2B:D9:6E:BF
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0187A36F1FDCABD2304DB75A7BC2BCBC484A
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/hg8cpf--1_-DKXMIMO1GqCvZbr8.roa
Signing time: Fri 21 Apr 2023 10:49:41 +0000
ROA not before: Fri 21 Apr 2023 10:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18811
IP address blocks: 176.117.88.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:6f:1f:dc:ab:d2:30:4d:b7:5a:7b:c2:bc:bc:48:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Apr 21 10:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=860f1ca5ffbed7ff8329730830ed46a82bd96ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:cc:2d:9d:5f:d4:57:3c:65:10:0b:ac:a9:
cf:4e:58:e7:e4:e7:0d:d9:fd:87:a6:d3:0c:2e:55:
ef:bd:78:31:59:56:90:c0:7b:90:72:44:26:89:17:
c5:e5:3f:e0:6d:26:e7:24:e3:73:24:6f:11:06:0b:
d5:f3:99:ae:f1:32:31:85:f7:f3:eb:1c:b7:f8:55:
83:49:e6:8c:f1:96:52:7b:1e:69:ae:48:c2:df:18:
a7:34:d8:29:75:c1:f6:89:fa:79:1b:e1:da:3a:b4:
d9:cc:da:f7:75:49:43:82:1c:da:57:9c:92:80:31:
e0:22:ce:d6:11:01:4e:19:1b:85:55:b0:61:2e:7f:
9b:8d:0a:34:97:8b:a2:19:54:96:de:3a:4c:76:d1:
ba:bf:9c:2e:93:0b:17:28:39:79:65:8c:f0:d8:8a:
f7:58:98:0f:b1:cf:03:c8:ea:d2:46:61:93:c6:e7:
73:bc:a2:4e:ac:39:0a:2f:8d:66:f6:18:ae:70:4f:
7e:32:7e:57:41:6e:00:5c:27:2b:6d:3b:c8:fd:6d:
36:fe:41:18:92:60:6d:ab:d4:4f:42:1c:66:cc:bd:
07:7d:08:43:05:6f:55:a3:10:1e:d8:11:4a:a4:69:
ee:10:17:c6:fc:54:e3:ee:3d:dd:03:33:78:2d:ee:
0b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0F:1C:A5:FF:BE:D7:FF:83:29:73:08:30:ED:46:A8:2B:D9:6E:BF
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/hg8cpf--1_-DKXMIMO1GqCvZbr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.88.0/21
Signature Algorithm: sha256WithRSAEncryption
89:03:9f:6d:a3:9b:59:8f:30:43:98:19:3a:1d:ab:26:20:8a:
ba:f4:ab:46:3a:f5:cd:62:4b:45:de:7c:a2:63:b4:fa:94:e3:
a5:0d:a9:73:b5:92:de:14:49:9b:cf:69:e6:ca:ed:04:6a:96:
b9:ac:3b:a8:d4:3b:e2:b0:88:8f:3e:35:60:ba:e4:6e:0a:10:
67:b5:7e:e3:28:2b:5f:a7:ac:39:62:4b:f6:d4:6d:1a:82:42:
f7:87:9e:42:c3:54:7d:ec:0e:9c:78:48:fc:43:a2:27:7e:f0:
6d:61:9f:6e:2a:8b:4c:b6:1a:70:33:94:07:33:7c:da:0a:e9:
8a:8e:75:42:34:d3:4e:81:00:a7:27:94:98:16:d0:15:be:59:
e9:6b:47:6a:e3:38:5f:cf:0f:46:d3:f6:c9:6b:e8:db:41:0f:
10:b1:b2:2f:c0:60:ed:f6:6d:84:60:c0:4b:05:1a:29:d3:99:
33:e6:3b:8f:87:4d:12:1c:30:2f:cf:1e:c1:2f:0d:2d:93:89:
1f:4e:7d:e4:53:80:a7:10:c3:0b:4a:a8:bc:11:be:e9:77:39:
24:49:15:29:35:bb:3a:38:f2:fc:ac:89:56:92:ea:b8:4a:f5:
5b:52:78:6c:7e:c7:75:b2:82:39:49:31:dc:15:79:eb:77:d2:
60:c6:14:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYejbx/cq9IwTbdae8K8vEhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwNDIxMTA0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBmMWNhNWZmYmVkN2ZmODMyOTczMDgzMGVkNDZhODJiZDk2ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynvMLZ1f1Fc8ZRALrKnPTljn5OcN
2f2HptMMLlXvvXgxWVaQwHuQckQmiRfF5T/gbSbnJONzJG8RBgvV85mu8TIxhffz
6xy3+FWDSeaM8ZZSex5prkjC3xinNNgpdcH2ifp5G+HaOrTZzNr3dUlDghzaV5yS
gDHgIs7WEQFOGRuFVbBhLn+bjQo0l4uiGVSW3jpMdtG6v5wukwsXKDl5ZYzw2Ir3
WJgPsc8DyOrSRmGTxudzvKJOrDkKL41m9hiucE9+Mn5XQW4AXCcrbTvI/W02/kEY
kmBtq9RPQhxmzL0HfQhDBW9VoxAe2BFKpGnuEBfG/FTj7j3dAzN4Le4LswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYPHKX/vtf/gylzCDDtRqgr2W6/MB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvaGc4Y3BmLS0xXy1ES1hNSU1PMUdxQ3ZaYnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHVYMA0G
CSqGSIb3DQEBCwUAA4IBAQCJA59to5tZjzBDmBk6HasmIIq69KtGOvXNYktF3nyi
Y7T6lOOlDalztZLeFEmbz2nmyu0Eapa5rDuo1DvisIiPPjVguuRuChBntX7jKCtf
p6w5Ykv21G0agkL3h55Cw1R97A6ceEj8Q6InfvBtYZ9uKotMthpwM5QHM3zaCumK
jnVCNNNOgQCnJ5SYFtAVvlnpa0dq4zhfzw9G0/bJa+jbQQ8QsbIvwGDt9m2EYMBL
BRop05kz5juPh00SHDAvzx7BLw0tk4kfTn3kU4CnEMMLSqi8Eb7pdzkkSRUpNbs6
OPL8rIlWkuq4SvVbUnhsfsd1soI5STHcFXnrd9JgxhRk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:55 2023 by rpki-client on console-fra.rpki-client.org