Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/1hbjmCacRwtySgD7pbJjen7H-gs.roa
File: 1hbjmCacRwtySgD7pbJjen7H-gs.roa (raw, json)
Hash identifier: q6WA2rEN0TLCfUoC0xM1gBiPucRJFIfLW6rcOKSOFLE=
Subject key identifier: D6:16:E3:98:26:9C:47:0B:72:4A:00:FB:A5:B2:63:7A:7E:C7:FA:0B
Certificate issuer: /CN=a84471a66f7907107e4534716bfa4208d406969f
Certificate serial: 01856B0A3A70916856284CE95BB90DD5FBA9
Authority key identifier: A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/1hbjmCacRwtySgD7pbJjen7H-gs.roa
Signing time: Sun 01 Jan 2023 01:55:10 +0000
ROA not before: Sun 01 Jan 2023 01:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198153
IP address blocks: 185.197.0.0/22 maxlen: 22
79.98.64.0/21 maxlen: 30
2a03:ad80::/32 maxlen: 126
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:3a:70:91:68:56:28:4c:e9:5b:b9:0d:d5:fb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84471a66f7907107e4534716bfa4208d406969f
Validity
Not Before: Jan 1 01:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d616e398269c470b724a00fba5b2637a7ec7fa0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d6:9b:fb:ca:80:a8:ba:83:32:05:7c:8c:fe:
dc:76:42:4f:4d:e5:15:3b:b2:b9:7f:7a:d4:5d:1c:
c4:41:1a:80:98:5e:65:9b:f2:b4:9a:64:1c:d4:cf:
5e:02:ba:15:89:22:ac:b1:d1:41:f0:07:f9:2b:76:
93:29:5f:94:23:fa:6a:b8:8c:aa:c3:c5:9f:da:0d:
c9:cb:7a:d6:15:90:56:56:b7:9c:b4:26:07:00:9b:
40:b4:00:b0:3c:a6:d8:65:4d:06:39:6f:3c:34:4c:
74:75:b3:a1:fd:c8:b7:fc:dd:8a:3d:28:69:be:d8:
25:e5:14:17:6f:52:81:cf:c3:56:81:66:05:30:34:
fc:fa:2e:67:34:90:b2:5d:56:21:bf:59:e0:da:cc:
18:f1:b2:65:00:8a:f7:30:6a:78:8b:d9:3d:35:7b:
3d:f2:1e:30:9e:e2:11:da:e3:43:f4:4b:0d:af:5f:
41:71:7b:ac:a4:8d:ed:b5:98:4d:e7:ec:41:95:c5:
ec:3d:d6:b6:ee:45:b0:df:29:64:12:b2:fd:37:09:
a9:f6:9b:4c:6e:85:65:cc:4b:c0:63:18:20:7a:68:
ef:01:6f:b1:a2:3c:2c:8c:9d:7b:9d:88:80:17:94:
a6:6f:ba:0b:a1:bc:06:8c:cd:86:fc:c0:e7:08:9a:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:16:E3:98:26:9C:47:0B:72:4A:00:FB:A5:B2:63:7A:7E:C7:FA:0B
X509v3 Authority Key Identifier:
keyid:A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/1hbjmCacRwtySgD7pbJjen7H-gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/qERxpm95BxB-RTRxa_pCCNQGlp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.64.0/21
185.197.0.0/22
IPv6:
2a03:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
35:b4:cc:aa:1d:75:18:3e:b7:9e:8d:a4:41:ea:31:a6:44:75:
e3:f0:2f:48:54:ad:5c:99:7e:53:a6:0f:26:98:03:5c:6d:c5:
19:de:ae:31:fe:48:3f:6f:70:a7:9b:2d:67:63:f1:43:43:cd:
3f:3b:99:fc:8c:be:e0:63:35:43:99:02:31:17:df:27:31:60:
79:c1:f3:92:8f:3c:c3:d5:69:86:23:c6:2b:65:60:40:04:e0:
16:95:6a:0d:6f:c6:14:6a:ab:f0:03:2f:25:49:40:1c:e4:63:
f0:f0:55:86:7b:94:41:9f:7c:27:5c:fd:03:ed:dd:6b:bc:3a:
ed:7b:37:c7:53:dd:c6:4a:3c:9f:34:ef:5c:f3:a2:dd:9f:61:
bb:d8:a4:b5:35:79:66:b4:62:18:60:fb:9e:43:cb:c4:12:0b:
83:8d:66:c2:4b:9f:4f:56:77:b8:b9:11:a0:b2:16:61:1e:85:
c1:4b:67:70:10:31:cf:fd:8f:1d:dd:20:24:e4:61:7d:17:43:
e2:5a:ab:63:0c:ed:06:ba:fe:6e:f9:f5:36:68:73:3d:7e:6f:
2c:aa:65:31:ce:ad:16:03:f8:a7:33:f2:7c:e6:80:cb:67:68:
4f:7f:6c:27:86:8e:dd:38:f8:2d:bc:65:f2:48:44:e7:c5:b3:
ec:83:39:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrCjpwkWhWKEzpW7kN1fupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDQ3MWE2NmY3OTA3MTA3ZTQ1MzQ3MTZiZmE0MjA4ZDQw
Njk2OWYwHhcNMjMwMTAxMDE1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE2ZTM5ODI2OWM0NzBiNzI0YTAwZmJhNWIyNjM3YTdlYzdmYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptab+8qAqLqDMgV8jP7cdkJPTeUV
O7K5f3rUXRzEQRqAmF5lm/K0mmQc1M9eAroViSKssdFB8Af5K3aTKV+UI/pquIyq
w8Wf2g3Jy3rWFZBWVrectCYHAJtAtACwPKbYZU0GOW88NEx0dbOh/ci3/N2KPShp
vtgl5RQXb1KBz8NWgWYFMDT8+i5nNJCyXVYhv1ng2swY8bJlAIr3MGp4i9k9NXs9
8h4wnuIR2uND9EsNr19BcXuspI3ttZhN5+xBlcXsPda27kWw3ylkErL9Nwmp9ptM
boVlzEvAYxggemjvAW+xojwsjJ17nYiAF5Smb7oLobwGjM2G/MDnCJqyTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNYW45gmnEcLckoA+6WyY3p+x/oLMB8GA1UdIwQY
MBaAFKhEcaZveQcQfkU0cWv6QgjUBpafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVSeHBtOTVCeEItUlRSeGFfcENDTlFHbHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84NWQwOTctMDE1My00OTAyLWFmN2Et
YjhjMzMxYTg0OGFhLzEvMWhiam1DYWNSd3R5U2dEN3BiSmplbjdILWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84NWQwOTctMDE1My00OTAyLWFmN2EtYjhjMzMxYTg0OGFh
LzEvcUVSeHBtOTVCeEItUlRSeGFfcENDTlFHbHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2JAAwQC
ucUAMA0EAgACMAcDBQAqA62AMA0GCSqGSIb3DQEBCwUAA4IBAQA1tMyqHXUYPree
jaRB6jGmRHXj8C9IVK1cmX5Tpg8mmANcbcUZ3q4x/kg/b3Cnmy1nY/FDQ80/O5n8
jL7gYzVDmQIxF98nMWB5wfOSjzzD1WmGI8YrZWBABOAWlWoNb8YUaqvwAy8lSUAc
5GPw8FWGe5RBn3wnXP0D7d1rvDrtezfHU93GSjyfNO9c86Ldn2G72KS1NXlmtGIY
YPueQ8vEEguDjWbCS59PVne4uRGgshZhHoXBS2dwEDHP/Y8d3SAk5GF9F0PiWqtj
DO0Guv5u+fU2aHM9fm8sqmUxzq0WA/inM/J85oDLZ2hPf2wnho7dOPgtvGXySETn
xbPsgzld
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org