Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/HSA8UTnmBn8WfyPCxzJ38uu6OVk.roa
File: HSA8UTnmBn8WfyPCxzJ38uu6OVk.roa (raw, json)
Hash identifier: B07Ivb3jEwjHTQI2q/2cu1K1DYJDYJXQYsYUnNpYX+o=
Subject key identifier: 1D:20:3C:51:39:E6:06:7F:16:7F:23:C2:C7:32:77:F2:EB:BA:39:59
Certificate issuer: /CN=162bc6f6bac142a03abb1a7ad91690683f03a4dc
Certificate serial: 01856D01C85C0CA13FE77411976F86F04D68
Authority key identifier: 16:2B:C6:F6:BA:C1:42:A0:3A:BB:1A:7A:D9:16:90:68:3F:03:A4:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FivG9rrBQqA6uxp62RaQaD8DpNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/HSA8UTnmBn8WfyPCxzJ38uu6OVk.roa
Signing time: Sun 01 Jan 2023 11:05:11 +0000
ROA not before: Sun 01 Jan 2023 11:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60245
IP address blocks: 185.54.238.0/23 maxlen: 23
185.54.237.0/24 maxlen: 24
185.54.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c8:5c:0c:a1:3f:e7:74:11:97:6f:86:f0:4d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162bc6f6bac142a03abb1a7ad91690683f03a4dc
Validity
Not Before: Jan 1 11:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d203c5139e6067f167f23c2c73277f2ebba3959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d1:f7:b9:ca:7f:2f:b6:43:ba:7c:e9:d9:3d:
37:a6:28:7d:85:1a:28:83:54:65:d7:c5:26:64:b6:
8b:a3:24:2a:eb:d5:c0:89:2f:d7:ae:81:43:c8:58:
4e:1a:9d:65:6e:2b:10:a1:a0:d6:9d:76:68:de:ed:
72:ca:ed:64:5e:c8:e6:93:c4:0a:21:86:3d:5f:43:
0c:37:13:0d:64:f5:2d:22:ad:e6:79:07:ba:81:5f:
33:16:cd:53:f1:a4:9b:80:49:bc:08:c0:6a:dd:b6:
f2:74:19:52:57:36:76:bc:14:36:2e:b3:33:fc:14:
30:6f:f2:36:81:e4:f7:fc:3c:34:f1:cd:c0:d6:a8:
43:fd:1c:94:9e:49:c9:a5:ea:07:53:dd:84:79:4a:
9c:7c:93:6a:54:e0:cd:b3:11:ad:e9:ce:5d:17:23:
41:8c:b5:50:a1:0d:40:84:35:0b:a7:0f:48:3a:5c:
54:86:59:a9:11:c8:34:aa:f3:f1:17:d7:b2:7c:8a:
71:5d:6f:35:b7:1d:c8:06:39:ba:83:1e:25:5e:a1:
02:df:7c:c2:9f:f7:45:cf:a6:14:6d:05:79:0e:8b:
f8:03:59:77:31:ad:78:50:4e:3e:2d:a7:af:c6:fe:
80:fa:3b:fa:85:a5:f1:23:23:27:1b:ff:76:5d:f0:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:20:3C:51:39:E6:06:7F:16:7F:23:C2:C7:32:77:F2:EB:BA:39:59
X509v3 Authority Key Identifier:
keyid:16:2B:C6:F6:BA:C1:42:A0:3A:BB:1A:7A:D9:16:90:68:3F:03:A4:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FivG9rrBQqA6uxp62RaQaD8DpNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/HSA8UTnmBn8WfyPCxzJ38uu6OVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/20581f-bd5e-4ea1-8217-0be7aae8a0d1/1/FivG9rrBQqA6uxp62RaQaD8DpNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.236.0/22
Signature Algorithm: sha256WithRSAEncryption
12:50:a9:c4:bb:ae:92:50:ac:d2:8b:27:7e:2c:77:75:d8:cb:
9c:e8:3a:05:ba:16:94:2a:43:1b:65:80:58:49:15:9e:40:68:
6e:6c:76:0d:f4:53:b7:2a:d7:16:31:57:9a:0b:1b:13:66:71:
aa:f8:5d:ee:e8:0b:50:b8:2b:a5:cf:7a:09:61:8f:86:82:bb:
42:a8:1e:b6:ad:f5:23:ec:c7:56:2b:be:72:52:d6:11:00:e7:
95:d3:34:5e:b2:f2:d4:80:ae:16:65:20:0e:0e:ac:3a:13:b3:
39:9a:4a:77:45:fb:ca:a1:fe:96:27:2f:25:d4:93:d9:f1:b5:
81:46:bf:21:c1:7b:73:d2:51:b4:a2:81:58:88:b1:9b:17:a9:
4a:67:d2:c8:d3:ae:b3:ba:93:8d:ce:9a:dc:c5:a2:a3:e3:70:
9f:b4:45:4c:a6:ab:3f:5d:78:76:18:e3:63:aa:46:73:b9:23:
33:67:19:00:34:a3:46:1c:c7:d1:ec:2c:05:b4:d5:1e:44:77:
94:bb:52:54:ff:f8:9a:4b:16:a3:c9:6e:fc:19:6d:69:ad:ec:
ae:04:97:f2:cb:96:24:15:83:26:39:cc:27:52:4e:d4:16:8d:
0f:e6:3e:bf:21:4c:bf:e0:68:d6:26:9b:10:1f:f6:e5:a5:23:
99:de:8a:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAchcDKE/53QRl2+G8E1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmJjNmY2YmFjMTQyYTAzYWJiMWE3YWQ5MTY5MDY4M2Yw
M2E0ZGMwHhcNMjMwMTAxMTEwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDIwM2M1MTM5ZTYwNjdmMTY3ZjIzYzJjNzMyNzdmMmViYmEzOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9H3ucp/L7ZDunzp2T03pih9hRoo
g1Rl18UmZLaLoyQq69XAiS/XroFDyFhOGp1lbisQoaDWnXZo3u1yyu1kXsjmk8QK
IYY9X0MMNxMNZPUtIq3meQe6gV8zFs1T8aSbgEm8CMBq3bbydBlSVzZ2vBQ2LrMz
/BQwb/I2geT3/Dw08c3A1qhD/RyUnknJpeoHU92EeUqcfJNqVODNsxGt6c5dFyNB
jLVQoQ1AhDULpw9IOlxUhlmpEcg0qvPxF9eyfIpxXW81tx3IBjm6gx4lXqEC33zC
n/dFz6YUbQV5Dov4A1l3Ma14UE4+Laevxv6A+jv6haXxIyMnG/92XfDdEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0gPFE55gZ/Fn8jwscyd/LrujlZMB8GA1UdIwQY
MBaAFBYrxva6wUKgOrsaetkWkGg/A6TcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRml2RzlyckJRcUE2dXhwNjJSYVFhRDhEcE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yMDU4MWYtYmQ1ZS00ZWExLTgyMTct
MGJlN2FhZThhMGQxLzEvSFNBOFVUbm1CbjhXZnlQQ3h6SjM4dXU2T1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yMDU4MWYtYmQ1ZS00ZWExLTgyMTctMGJlN2FhZThhMGQx
LzEvRml2RzlyckJRcUE2dXhwNjJSYVFhRDhEcE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTbsMA0G
CSqGSIb3DQEBCwUAA4IBAQASUKnEu66SUKzSiyd+LHd12Muc6DoFuhaUKkMbZYBY
SRWeQGhubHYN9FO3KtcWMVeaCxsTZnGq+F3u6AtQuCulz3oJYY+GgrtCqB62rfUj
7MdWK75yUtYRAOeV0zResvLUgK4WZSAODqw6E7M5mkp3RfvKof6WJy8l1JPZ8bWB
Rr8hwXtz0lG0ooFYiLGbF6lKZ9LI066zupONzprcxaKj43CftEVMpqs/XXh2GONj
qkZzuSMzZxkANKNGHMfR7CwFtNUeRHeUu1JU//iaSxajyW78GW1preyuBJfyy5Yk
FYMmOcwnUk7UFo0P5j6/IUy/4GjWJpsQH/blpSOZ3opW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org