Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h_pCIajC2TjYBRFBV9DhobjB8HM.roa
File: h_pCIajC2TjYBRFBV9DhobjB8HM.roa (raw, json)
Hash identifier: HIYGW6nOCv0AF/I0PrXo4+mNShpttitQOC/eGXg4fvA=
Subject key identifier: 87:FA:42:21:A8:C2:D9:38:D8:05:11:41:57:D0:E1:A1:B8:C1:F0:73
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0186746BF5F142BCAC32F8A2E823DA201234
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h_pCIajC2TjYBRFBV9DhobjB8HM.roa
Signing time: Tue 21 Feb 2023 14:41:17 +0000
ROA not before: Tue 21 Feb 2023 14:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 213.176.68.0/22 maxlen: 24
213.176.72.0/22 maxlen: 24
213.176.88.0/22 maxlen: 24
213.176.112.0/21 maxlen: 24
213.176.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 16:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:6b:f5:f1:42:bc:ac:32:f8:a2:e8:23:da:20:12:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 21 14:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87fa4221a8c2d938d805114157d0e1a1b8c1f073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cc:7c:46:7b:b4:e6:73:a3:cb:0f:13:43:e2:
37:b3:f9:c0:23:dd:bc:00:10:50:f9:b2:49:9d:1c:
d0:97:bf:5f:3e:af:86:ec:95:f3:ea:a1:5f:33:f0:
65:76:eb:a6:d6:82:5a:50:e0:41:eb:7c:ca:30:c0:
02:43:48:1f:16:e0:51:a8:cc:56:a0:f8:a9:35:d2:
af:c9:76:d4:b3:d7:68:a1:da:cc:1c:b4:ac:a0:6d:
1d:58:94:da:d3:46:2f:c5:c9:8c:f6:2d:49:48:92:
cb:1f:f3:87:96:b9:8a:d2:46:f3:08:24:c7:39:09:
03:32:fa:3c:ff:f2:ee:3c:63:4d:7c:96:1e:ad:9a:
6a:8f:81:d9:30:f7:26:9d:cd:72:06:63:b5:28:16:
d4:86:a7:ca:93:53:80:cf:68:42:42:2d:10:5f:3c:
c4:b9:a0:ba:64:16:31:83:41:b7:7b:aa:93:9f:b7:
87:1b:11:aa:19:2b:c2:5d:cf:ae:4a:ef:30:b8:1f:
a4:ba:2d:2e:1c:1b:e8:18:d2:51:39:f7:ea:1e:f3:
e4:bd:25:26:a6:e0:3a:a5:d6:29:9c:88:5a:fc:48:
4b:26:b8:e7:03:5c:06:1c:7f:5b:d7:6b:08:96:03:
4b:04:ba:9e:7a:5c:51:9d:01:65:3e:20:d9:a6:d4:
c8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FA:42:21:A8:C2:D9:38:D8:05:11:41:57:D0:E1:A1:B8:C1:F0:73
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h_pCIajC2TjYBRFBV9DhobjB8HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.20.0/22
213.176.68.0-213.176.75.255
213.176.88.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
be:5f:26:f2:89:b0:5c:b5:b2:86:d4:a4:f0:de:81:f6:94:11:
4d:d7:b6:94:62:cf:de:11:b2:5a:12:f9:f7:2e:36:be:8b:81:
cb:60:32:7c:ea:7b:31:ba:d7:44:57:6f:67:1e:0d:24:04:6b:
a1:91:d9:e0:9e:c1:c7:89:24:a8:95:e9:65:6a:6a:8e:64:03:
a9:28:8f:bb:4b:6f:57:80:a9:c4:be:5c:1e:0b:dd:39:71:25:
05:75:d8:54:02:87:bf:7b:ba:c3:23:44:69:2d:0e:4f:44:fb:
0e:0f:e0:4f:2a:da:d3:1a:ff:c7:ed:8a:92:d3:73:a0:5a:96:
2c:fd:88:2e:1d:61:54:28:db:78:53:43:1b:f8:2a:27:bd:7f:
1d:36:4a:aa:36:b4:d9:84:59:1e:91:17:69:67:bc:2a:42:cd:
e2:1c:a6:02:f9:5f:10:15:d0:1c:2b:71:e5:7f:19:14:2c:0d:
96:ac:50:18:18:13:a3:3c:a3:f5:c2:ad:18:2c:35:f0:ae:80:
66:43:e2:04:17:17:d5:87:f3:86:7d:20:17:44:02:65:32:4f:
91:a1:76:16:36:2a:f4:62:0e:d7:16:60:85:b4:c1:c0:31:9d:
10:63:13:8e:8d:21:8c:3b:b1:f4:68:79:5e:68:69:68:57:25:
58:94:6e:73
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZ0a/XxQrysMvii6CPaIBI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMjIxMTQ0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZhNDIyMWE4YzJkOTM4ZDgwNTExNDE1N2QwZTFhMWI4YzFmMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8x8Rnu05nOjyw8TQ+I3s/nAI928
ABBQ+bJJnRzQl79fPq+G7JXz6qFfM/Blduum1oJaUOBB63zKMMACQ0gfFuBRqMxW
oPipNdKvyXbUs9doodrMHLSsoG0dWJTa00YvxcmM9i1JSJLLH/OHlrmK0kbzCCTH
OQkDMvo8//LuPGNNfJYerZpqj4HZMPcmnc1yBmO1KBbUhqfKk1OAz2hCQi0QXzzE
uaC6ZBYxg0G3e6qTn7eHGxGqGSvCXc+uSu8wuB+kui0uHBvoGNJROffqHvPkvSUm
puA6pdYpnIha/EhLJrjnA1wGHH9b12sIlgNLBLqeelxRnQFlPiDZptTITQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIf6QiGowtk42AURQVfQ4aG4wfBzMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaF9wQ0lhakMyVGpZQlJGQlY5RGhvYmpCOEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQC1bAUMAwD
BALVsEQDBALVsEgDBALVsFgDBAPVsHAwDQYJKoZIhvcNAQELBQADggEBAL5fJvKJ
sFy1sobUpPDegfaUEU3XtpRiz94RsloS+fcuNr6LgctgMnzqezG610RXb2ceDSQE
a6GR2eCewceJJKiV6WVqao5kA6koj7tLb1eAqcS+XB4L3TlxJQV12FQCh797usMj
RGktDk9E+w4P4E8q2tMa/8ftipLTc6Baliz9iC4dYVQo23hTQxv4Kie9fx02Sqo2
tNmEWR6RF2lnvCpCzeIcpgL5XxAV0BwrceV/GRQsDZasUBgYE6M8o/XCrRgsNfCu
gGZD4gQXF9WH84Z9IBdEAmUyT5GhdhY2KvRiDtcWYIW0wcAxnRBjE46NIYw7sfRo
eV5oaWhXJViUbnM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org