Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa
File: hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa (raw, json)
Hash identifier: qNfCzl/s+4xD1k5q/6oMfR+tAQpE/5g+rVoepu2deuw=
Subject key identifier: 85:34:1D:73:BB:64:80:02:DB:93:A9:B1:21:D2:3D:F6:73:10:D9:99
Certificate issuer: /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Certificate serial: 01856D9D43F4AB04CD9E7DCCF6A0062E1A51
Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa
Signing time: Sun 01 Jan 2023 13:55:01 +0000
ROA not before: Sun 01 Jan 2023 13:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 185.4.132.0/22 maxlen: 24
185.138.40.0/22 maxlen: 24
2a02:c500::/29 maxlen: 29
2a07:8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:43:f4:ab:04:cd:9e:7d:cc:f6:a0:06:2e:1a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Validity
Not Before: Jan 1 13:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85341d73bb648002db93a9b121d23df67310d999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:15:4a:78:e1:8b:3b:88:b0:44:4f:ad:c3:30:
2a:28:b0:d3:57:60:16:92:cb:26:fd:3d:ee:df:1d:
61:55:8e:70:30:eb:5b:9e:18:38:e5:50:f0:9b:02:
17:c2:3f:16:58:e3:8a:a3:e5:c4:a2:5b:54:2a:60:
c9:2b:b2:b3:c7:7a:d7:13:2a:07:90:b7:d5:a6:70:
b1:09:22:a6:e1:1c:f6:1b:d8:49:87:cf:d6:3d:8b:
e0:fc:8d:5d:1e:fd:f0:ac:b1:8b:91:b5:d8:60:dd:
c3:d0:25:fb:be:20:92:64:1c:4b:49:81:b4:3d:82:
dc:a9:48:00:62:55:f3:d2:9c:6d:e2:06:92:de:d6:
a9:47:a5:d0:3c:21:6b:b8:26:3c:f6:ab:2e:33:cc:
c7:42:30:ea:06:0a:90:3b:a9:a5:a8:74:67:8a:51:
14:23:f8:14:e4:1f:eb:8b:89:4e:65:a8:fd:9f:be:
d2:b2:39:c2:bc:95:5e:d3:8a:11:88:48:81:b0:85:
67:7d:f9:d6:db:9d:c2:e9:6a:18:4b:01:f5:57:5d:
a0:1e:29:37:fc:c3:11:bd:7b:c2:af:ee:ef:9b:9c:
b0:43:1f:30:7f:f6:b0:7f:3f:cd:72:9b:87:f3:d0:
3c:ae:eb:57:07:ef:f7:ba:8d:38:6f:87:2f:7c:bf:
dc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:34:1D:73:BB:64:80:02:DB:93:A9:B1:21:D2:3D:F6:73:10:D9:99
X509v3 Authority Key Identifier:
keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.132.0/22
185.138.40.0/22
IPv6:
2a02:c500::/29
2a07:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:d7:c0:9e:67:af:76:7d:d3:d8:74:ee:a1:01:35:27:5b:03:
54:c0:5c:04:34:76:96:66:ef:c7:13:ca:c7:35:2d:3c:78:f1:
5a:f8:96:df:a3:7c:aa:f2:22:ac:5d:7e:e7:5a:0f:0f:6c:52:
00:da:7f:0c:67:35:c1:58:dc:fa:53:bf:2d:cd:38:d6:e8:97:
df:71:ed:03:97:14:81:b7:ee:b3:a2:aa:08:65:75:8e:e0:42:
7f:81:37:ce:20:d1:f0:cc:f1:b1:c7:d2:2d:1d:fc:3f:66:b6:
ab:65:43:f9:94:b2:c5:18:b7:54:7f:a0:77:cc:56:56:6d:97:
7d:7d:82:88:dd:ed:66:83:07:53:82:7c:13:f9:20:a7:bb:08:
66:6c:1e:8a:d0:d0:be:a1:c6:4a:68:0a:2e:95:3f:40:eb:51:
45:ad:6a:48:40:de:90:12:db:f7:f2:91:cc:91:15:a1:c1:c2:
9b:a4:e9:9a:be:a2:8b:29:33:6f:8e:cd:8d:59:b1:ce:79:51:
09:71:ae:53:9c:3a:9a:8d:3c:e7:30:b8:75:fb:c3:a1:88:80:
cc:89:ac:43:86:80:b8:9b:91:35:c6:d2:aa:77:f1:00:50:1a:
dc:d3:db:ee:c5:5c:7e:dd:bf:fd:6e:e2:7b:3d:45:6f:c9:e0:
53:d1:ca:ea
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtnUP0qwTNnn3M9qAGLhpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw
MGRiMDIwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM0MWQ3M2JiNjQ4MDAyZGI5M2E5YjEyMWQyM2RmNjczMTBkOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixVKeOGLO4iwRE+twzAqKLDTV2AW
kssm/T3u3x1hVY5wMOtbnhg45VDwmwIXwj8WWOOKo+XEoltUKmDJK7Kzx3rXEyoH
kLfVpnCxCSKm4Rz2G9hJh8/WPYvg/I1dHv3wrLGLkbXYYN3D0CX7viCSZBxLSYG0
PYLcqUgAYlXz0pxt4gaS3tapR6XQPCFruCY89qsuM8zHQjDqBgqQO6mlqHRnilEU
I/gU5B/ri4lOZaj9n77SsjnCvJVe04oRiEiBsIVnffnW253C6WoYSwH1V12gHik3
/MMRvXvCr+7vm5ywQx8wf/awfz/NcpuH89A8rutXB+/3uo04b4cvfL/cbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIU0HXO7ZIAC25OpsSHSPfZzENmZMB8GA1UdIwQY
MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt
NmM4MzIwNTBlNzdhLzEvaFRRZGM3dGtnQUxiazZteElkSTk5bk1RMlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh
LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC
uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEAwNfA
nmevdn3T2HTuoQE1J1sDVMBcBDR2lmbvxxPKxzUtPHjxWviW36N8qvIirF1+51oP
D2xSANp/DGc1wVjc+lO/Lc041uiX33HtA5cUgbfus6KqCGV1juBCf4E3ziDR8Mzx
scfSLR38P2a2q2VD+ZSyxRi3VH+gd8xWVm2XfX2CiN3tZoMHU4J8E/kgp7sIZmwe
itDQvqHGSmgKLpU/QOtRRa1qSEDekBLb9/KRzJEVocHCm6Tpmr6iiykzb47NjVmx
znlRCXGuU5w6mo085zC4dfvDoYiAzImsQ4aAuJuRNcbSqnfxAFAa3NPb7sVcft2/
/W7iez1Fb8ngU9HK6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org