Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hs6Y7oVmqB4hMW9NH7mChVsNEgo.roa
File: hs6Y7oVmqB4hMW9NH7mChVsNEgo.roa (raw, json)
Hash identifier: ytwMPUJ1vYohAMtsZRswNzeyZevF4x2XzFtjr88TKXM=
Subject key identifier: 86:CE:98:EE:85:66:A8:1E:21:31:6F:4D:1F:B9:82:85:5B:0D:12:0A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C1AD5648B905525619AC187FD410AEF4F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hs6Y7oVmqB4hMW9NH7mChVsNEgo.roa
Signing time: Wed 29 Nov 2023 11:27:21 +0000
ROA not before: Wed 29 Nov 2023 11:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.88.137.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:d5:64:8b:90:55:25:61:9a:c1:87:fd:41:0a:ef:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 29 11:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86ce98ee8566a81e21316f4d1fb982855b0d120a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fe:58:6d:9b:ad:ae:81:4d:8f:02:8b:3f:72:
28:86:29:10:72:fb:67:bf:04:a6:68:b4:8d:47:d5:
4c:82:4d:3a:59:72:00:a5:23:42:7f:fe:87:a2:a8:
0d:5d:0b:6f:f1:43:fe:58:c9:3a:9a:3f:c7:87:63:
27:fd:9e:88:69:49:05:6b:8f:51:78:e8:0e:32:5f:
d9:a9:ee:7f:62:08:96:74:bb:50:4c:71:98:36:5c:
71:f0:97:45:08:42:33:11:0c:9e:a0:9a:0e:92:7e:
8a:63:7d:0f:9a:ce:3b:95:9a:1c:3a:29:78:9d:63:
0c:53:80:f6:48:d4:50:48:54:07:c8:d3:e7:48:b9:
58:fa:73:e6:fd:06:81:d5:2d:81:45:c9:96:86:9b:
08:6e:29:30:e1:01:04:07:e0:1a:d9:22:f0:e8:33:
69:4b:1d:01:55:0a:e3:35:d5:68:fd:da:64:a7:48:
38:44:ec:82:a9:0a:2f:20:9e:4a:fd:7b:87:0b:9b:
c9:0d:0c:d3:53:22:1b:4e:d3:45:7c:11:3e:8f:51:
89:af:14:d6:12:21:85:ff:74:16:aa:76:cd:5a:94:
37:86:f6:dc:9f:cf:55:7f:82:46:d1:d9:b4:d6:93:
4a:c0:08:f0:b2:75:86:64:ab:26:a9:59:c7:4f:43:
ae:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CE:98:EE:85:66:A8:1E:21:31:6F:4D:1F:B9:82:85:5B:0D:12:0A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hs6Y7oVmqB4hMW9NH7mChVsNEgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.137.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:28:cf:f4:f2:23:a8:14:89:4a:74:80:e2:89:5d:09:88:18:
49:22:90:d2:86:b9:c4:35:f9:21:17:4c:d7:14:0d:b0:ea:6e:
bc:4a:a2:97:fc:97:fc:73:94:d9:df:58:b6:88:5c:8b:55:28:
5f:d7:ae:6e:6b:80:49:b0:bc:23:30:b0:d1:ea:a1:51:87:e0:
5b:61:68:bb:3b:49:0c:e1:1b:7d:85:9d:fe:0f:64:e2:1c:ce:
18:93:28:7d:ec:27:96:6a:13:f8:a3:44:7e:62:db:50:2e:6e:
f6:0f:05:15:1e:b8:bb:93:64:dd:09:19:6b:53:1a:50:78:a7:
1c:2e:6c:86:e6:1a:27:cd:82:87:0e:66:00:13:29:2d:bb:37:
90:3e:83:b4:7d:02:8f:00:48:7b:9a:78:da:93:5e:67:58:7b:
98:df:dc:de:de:47:3d:7c:a5:8f:85:80:79:27:b3:f0:6d:3e:
1e:4f:44:0a:af:78:45:a3:44:bd:d2:0d:4c:7b:d7:d6:4c:e4:
b5:ba:c5:2d:5e:4c:6c:3b:1d:b7:0e:48:78:5b:69:2e:2d:df:
00:24:b3:6f:a7:87:f4:91:2a:20:61:f1:e2:5d:ec:16:61:65:
f8:c8:94:05:74:ac:b6:78:6d:0f:2f:43:fa:72:80:f3:c5:8a:
ca:98:e1:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwa1WSLkFUlYZrBh/1BCu9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTI5MTEyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNlOThlZTg1NjZhODFlMjEzMTZmNGQxZmI5ODI4NTViMGQxMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/5YbZutroFNjwKLP3IohikQcvtn
vwSmaLSNR9VMgk06WXIApSNCf/6HoqgNXQtv8UP+WMk6mj/Hh2Mn/Z6IaUkFa49R
eOgOMl/Zqe5/YgiWdLtQTHGYNlxx8JdFCEIzEQyeoJoOkn6KY30Pms47lZocOil4
nWMMU4D2SNRQSFQHyNPnSLlY+nPm/QaB1S2BRcmWhpsIbikw4QEEB+Aa2SLw6DNp
Sx0BVQrjNdVo/dpkp0g4ROyCqQovIJ5K/XuHC5vJDQzTUyIbTtNFfBE+j1GJrxTW
EiGF/3QWqnbNWpQ3hvbcn89Vf4JG0dm01pNKwAjwsnWGZKsmqVnHT0OuhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIbOmO6FZqgeITFvTR+5goVbDRIKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaHM2WTdvVm1xQjRoTVc5Tkg3bUNoVnNORWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALViJAwQA
wz4YMA0GCSqGSIb3DQEBCwUAA4IBAQB9KM/08iOoFIlKdIDiiV0JiBhJIpDShrnE
NfkhF0zXFA2w6m68SqKX/Jf8c5TZ31i2iFyLVShf165ua4BJsLwjMLDR6qFRh+Bb
YWi7O0kM4Rt9hZ3+D2TiHM4Ykyh97CeWahP4o0R+YttQLm72DwUVHri7k2TdCRlr
UxpQeKccLmyG5honzYKHDmYAEyktuzeQPoO0fQKPAEh7mnjak15nWHuY39ze3kc9
fKWPhYB5J7PwbT4eT0QKr3hFo0S90g1Me9fWTOS1usUtXkxsOx23Dkh4W2kuLd8A
JLNvp4f0kSogYfHiXewWYWX4yJQFdKy2eG0PL0P6coDzxYrKmOGI
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org