Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/DHgZSGvaDE_Y0B__y0H-tj_UrWE.roa
File: DHgZSGvaDE_Y0B__y0H-tj_UrWE.roa (raw, json)
Hash identifier: zih0Qy+EFfgBjPFZc+Af8qudTBOMjX6LP7dMoFV7krU=
Subject key identifier: 0C:78:19:48:6B:DA:0C:4F:D8:D0:1F:FF:CB:41:FE:B6:3F:D4:AD:61
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018AF031ECF6857BCE48DB40159CAACA195D
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/DHgZSGvaDE_Y0B__y0H-tj_UrWE.roa
Signing time: Mon 02 Oct 2023 11:41:58 +0000
ROA not before: Mon 02 Oct 2023 11:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
185.114.204.0/24 maxlen: 24
5.253.187.0/24 maxlen: 24
193.135.220.0/22 maxlen: 22
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.219.160.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
193.111.184.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:31:ec:f6:85:7b:ce:48:db:40:15:9c:aa:ca:19:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Oct 2 11:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c7819486bda0c4fd8d01fffcb41feb63fd4ad61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ca:3a:06:49:1c:92:56:b0:e1:8c:fb:05:e8:
ea:5e:fa:e6:3a:f2:7b:87:f5:1b:bf:3b:61:48:e9:
8b:3f:a6:07:28:3e:ec:c5:db:be:6c:8a:63:4d:6c:
22:53:00:64:03:d9:e5:7c:9c:80:93:5e:d8:53:45:
d7:58:56:f7:28:e5:a5:35:b1:54:7e:ab:6b:21:da:
bf:c4:b2:76:ef:b6:2e:83:94:50:79:f7:5c:9e:85:
50:06:67:11:60:8d:28:45:67:27:6b:a7:05:95:bd:
6e:8f:75:18:28:fe:01:44:85:58:7e:38:71:26:a4:
d6:ae:86:b7:22:21:b5:f7:30:72:09:9f:05:02:6d:
e0:9d:87:a9:82:09:74:c8:fa:09:f1:bd:10:6e:86:
41:e0:8b:f9:47:33:e6:32:91:cc:ca:bc:98:1c:76:
d1:11:d9:24:ef:a7:d6:44:03:60:8d:2c:08:16:bc:
9c:22:8e:28:18:d7:93:ec:87:0a:c6:ad:fd:a6:5e:
11:fc:f6:d3:2f:13:f1:d1:df:a5:9f:e1:18:bc:e3:
7a:85:a1:32:70:34:68:bb:4a:57:ba:e1:ee:d4:69:
b8:87:96:56:55:c6:35:e8:d7:dc:8d:0d:b7:07:28:
4a:b9:c4:39:c3:46:fd:b5:5e:35:d6:00:e6:2f:df:
bd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:78:19:48:6B:DA:0C:4F:D8:D0:1F:FF:CB:41:FE:B6:3F:D4:AD:61
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/DHgZSGvaDE_Y0B__y0H-tj_UrWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/24
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
18:b2:70:04:95:50:d5:19:8b:fa:3d:7a:8b:dd:ca:c4:51:f5:
ef:8a:cd:5c:af:6b:07:26:1f:fc:6f:ae:a1:02:f7:9d:f5:49:
e4:1d:d9:cf:00:6a:db:78:f7:6c:00:50:66:4f:ec:15:5a:7d:
3e:67:88:ad:8b:14:95:d9:cc:7f:34:8a:8c:39:8b:79:74:28:
c8:6d:29:11:5e:2c:84:2b:2f:bf:4c:9c:89:5d:96:2f:b1:d8:
eb:6a:2c:6d:80:d3:dc:d4:4e:94:2a:a2:6e:99:f7:28:01:31:
03:0d:f0:f3:bf:8a:e3:0e:d8:e7:a0:62:f8:c6:65:0c:3d:09:
e3:78:44:9e:a7:86:80:cd:d8:1a:57:bd:4f:ac:a1:c5:9f:f8:
0f:1e:06:71:8a:70:ba:84:64:db:1b:8a:2a:e5:80:54:d2:ba:
6d:3f:9b:9f:e3:fc:04:6e:fb:65:fb:c6:df:c2:2b:96:69:2b:
9a:e4:20:b2:dc:13:4c:2e:c2:7b:c2:5e:3e:c3:14:aa:b1:d0:
3e:b0:cd:e3:e0:68:0d:1d:d8:fe:a7:3f:f3:1d:50:8e:75:6f:
91:b7:12:f6:e3:e8:0c:60:c7:5f:90:92:39:c9:40:c2:76:6b:
a7:54:8f:64:53:c0:2c:31:be:ac:0c:2b:86:58:45:3f:b1:a3:
8d:b8:7e:f0
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYrwMez2hXvOSNtAFZyqyhldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMxMDAyMTE0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc4MTk0ODZiZGEwYzRmZDhkMDFmZmZjYjQxZmViNjNmZDRhZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhso6Bkkcklaw4Yz7BejqXvrmOvJ7
h/UbvzthSOmLP6YHKD7sxdu+bIpjTWwiUwBkA9nlfJyAk17YU0XXWFb3KOWlNbFU
fqtrIdq/xLJ277Yug5RQefdcnoVQBmcRYI0oRWcna6cFlb1uj3UYKP4BRIVYfjhx
JqTWroa3IiG19zByCZ8FAm3gnYepggl0yPoJ8b0QboZB4Iv5RzPmMpHMyryYHHbR
Edkk76fWRANgjSwIFrycIo4oGNeT7IcKxq39pl4R/PbTLxPx0d+ln+EYvON6haEy
cDRou0pXuuHu1Gm4h5ZWVcY16NfcjQ23ByhKucQ5w0b9tV411gDmL9+9YQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAx4GUhr2gxP2NAf/8tB/rY/1K1hMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvREhnWlNHdmFERV9ZMEJfX3kwSC10al9VcldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaAwDAMEAC2CIQMEAi2CIAMEAljWAAMEAljaxAMEALly
zAMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOCAQEAGLJw
BJVQ1RmL+j16i93KxFH174rNXK9rByYf/G+uoQL3nfVJ5B3ZzwBq23j3bABQZk/s
FVp9PmeIrYsUldnMfzSKjDmLeXQoyG0pEV4shCsvv0yciV2WL7HY62osbYDT3NRO
lCqibpn3KAExAw3w87+K4w7Y56Bi+MZlDD0J43hEnqeGgM3YGle9T6yhxZ/4Dx4G
cYpwuoRk2xuKKuWAVNK6bT+bn+P8BG77ZfvG38IrlmkrmuQgstwTTC7Ce8JePsMU
qrHQPrDN4+BoDR3Y/qc/8x1QjnVvkbcS9uPoDGDHX5CSOclAwnZrp1SPZFPALDG+
rAwrhlhFP7Gjjbh+8A==
-----END CERTIFICATE-----
Generated at Thu Oct 19 12:05:09 2023 by rpki-client on console-ams.rpki-client.org