Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/Hx_c3jtCynPXFJBZaTGsfEU2GtY.roa
File: Hx_c3jtCynPXFJBZaTGsfEU2GtY.roa (raw, json)
Hash identifier: fFqw+b3bTdxvTfukeabKzjtwhcI2v0HV5GI2aEXnsc0=
Subject key identifier: 1F:1F:DC:DE:3B:42:CA:73:D7:14:90:59:69:31:AC:7C:45:36:1A:D6
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 01856E6FB8532EB0D464C60E1ABABE928AB7
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/Hx_c3jtCynPXFJBZaTGsfEU2GtY.roa
Signing time: Sun 01 Jan 2023 17:44:53 +0000
ROA not before: Sun 01 Jan 2023 17:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 130.255.16.0/22 maxlen: 22
130.255.16.0/23 maxlen: 23
185.17.44.0/22 maxlen: 22
130.255.18.0/24 maxlen: 24
130.255.20.0/24 maxlen: 24
130.255.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b8:53:2e:b0:d4:64:c6:0e:1a:ba:be:92:8a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Jan 1 17:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f1fdcde3b42ca73d71490596931ac7c45361ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:59:72:7c:5d:d1:72:3f:f9:f6:78:00:47:e3:
b8:2a:8b:b8:78:2e:62:f4:84:e2:5f:af:4f:a4:aa:
d9:e4:5c:7b:99:40:f1:2e:8d:71:01:73:8c:28:91:
8f:ed:ef:4a:32:64:24:bc:04:cd:96:a5:77:1a:a0:
65:04:58:22:c3:c4:3d:aa:10:47:6e:f6:89:5c:7c:
39:00:e8:c4:b1:45:2c:36:55:cd:26:a7:95:c9:f3:
b1:dd:5f:36:b6:6b:51:c2:24:ab:be:fd:36:1f:8b:
85:77:f6:4a:30:43:0e:4b:51:7f:b0:3a:69:7f:91:
b7:27:54:1c:c1:0b:57:b7:2b:db:fa:90:2a:0a:56:
43:73:ab:cd:b6:45:f2:cf:07:f1:e5:78:a4:c3:29:
8a:d6:08:1a:a7:b7:03:78:c2:8d:48:7b:31:2f:5d:
d3:db:1c:f3:46:82:5c:64:0d:c6:be:62:1c:c7:00:
e7:12:75:7c:fd:a3:24:f3:55:8c:3e:16:6b:d9:39:
b8:49:37:da:82:44:93:6c:e0:f2:c2:ef:fc:bf:eb:
4b:0b:2b:22:14:7c:4a:d2:02:b0:80:68:ec:f5:27:
3d:fe:ce:78:f9:28:82:4c:b8:6f:d2:b0:d3:4e:30:
da:72:30:74:e9:89:2b:25:4a:7e:22:50:ea:b7:f1:
db:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1F:DC:DE:3B:42:CA:73:D7:14:90:59:69:31:AC:7C:45:36:1A:D6
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/Hx_c3jtCynPXFJBZaTGsfEU2GtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.16.0-130.255.20.255
130.255.27.0/24
185.17.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:2f:f3:b5:37:15:70:a2:2a:18:3a:0f:30:cc:55:79:ce:9d:
6d:f7:6e:df:41:70:62:63:6c:85:79:7e:b9:3c:5a:bf:1c:47:
08:d6:70:c5:24:db:9d:a3:2a:03:f7:05:6d:d3:9d:ab:b5:62:
29:53:7e:7d:50:4d:8c:35:bb:b6:b9:ca:3f:10:82:21:98:9d:
28:71:54:79:c5:e2:17:c0:e8:3d:f9:ea:c2:62:53:6a:2d:b1:
2c:4a:15:18:27:73:4c:b5:e6:e1:75:50:3f:ad:86:f4:a4:e5:
88:ad:0e:28:79:bd:5c:8c:ef:0d:29:ee:ac:03:a1:c5:b6:58:
ac:d4:43:88:cc:aa:5f:b6:3a:7c:f4:9a:86:4e:2b:01:13:0b:
6b:76:f5:cd:1f:c2:55:b0:41:f1:3a:3b:1e:e6:7f:b9:b3:a2:
72:77:72:c8:71:fa:26:cf:c3:38:7e:10:8c:00:a0:e2:5d:dd:
ae:13:43:72:2e:1c:26:33:6c:37:da:02:68:d1:53:b5:2b:15:
e6:7e:bf:d7:4a:1f:2f:3b:b8:54:06:8f:76:d6:69:c7:30:8d:
fb:29:b3:f0:98:b2:43:5e:a4:13:d0:e3:75:e7:f2:d3:18:be:
29:0c:5f:b5:16:7a:08:81:0e:fc:6b:e8:34:d1:f3:6c:3a:3c:
3f:7a:eb:64
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVub7hTLrDUZMYOGrq+koq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDIxZGZiMjRmN2Q4Y2UyMzExYmE0MDc2Nzc1NDc0YmQ1
MGJlNjQwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjFmZGNkZTNiNDJjYTczZDcxNDkwNTk2OTMxYWM3YzQ1MzYxYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVlyfF3Rcj/59ngAR+O4Kou4eC5i
9ITiX69PpKrZ5Fx7mUDxLo1xAXOMKJGP7e9KMmQkvATNlqV3GqBlBFgiw8Q9qhBH
bvaJXHw5AOjEsUUsNlXNJqeVyfOx3V82tmtRwiSrvv02H4uFd/ZKMEMOS1F/sDpp
f5G3J1QcwQtXtyvb+pAqClZDc6vNtkXyzwfx5XikwymK1ggap7cDeMKNSHsxL13T
2xzzRoJcZA3GvmIcxwDnEnV8/aMk81WMPhZr2Tm4STfagkSTbODywu/8v+tLCysi
FHxK0gKwgGjs9Sc9/s54+SiCTLhv0rDTTjDacjB06YkrJUp+IlDqt/HbYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB8f3N47Qspz1xSQWWkxrHxFNhrWMB8GA1UdIwQY
MBaAFBvSHfsk99jOIxG6QHZ3VHS9UL5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQt
Zjg3YTMyMmE3Nzc2LzEvSHhfYzNqdEN5blBYRkpCWmFUR3NmRVUyR3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQtZjg3YTMyMmE3Nzc2
LzEvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBASC/xAD
BACC/xQDBACC/xsDBAK5ESwwDQYJKoZIhvcNAQELBQADggEBALgv87U3FXCiKhg6
DzDMVXnOnW33bt9BcGJjbIV5frk8Wr8cRwjWcMUk252jKgP3BW3Tnau1YilTfn1Q
TYw1u7a5yj8QgiGYnShxVHnF4hfA6D356sJiU2otsSxKFRgnc0y15uF1UD+thvSk
5YitDih5vVyM7w0p7qwDocW2WKzUQ4jMql+2Onz0moZOKwETC2t29c0fwlWwQfE6
Ox7mf7mzonJ3cshx+ibPwzh+EIwAoOJd3a4TQ3IuHCYzbDfaAmjRU7UrFeZ+v9dK
Hy87uFQGj3bWaccwjfsps/CYskNepBPQ43Xn8tMYvikMX7UWegiBDvxr6DTR82w6
PD9662Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-ams.rpki-client.org