Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/hLdVHPFlaNYTO0pv6-EIHb_2Yf0.roa
File: hLdVHPFlaNYTO0pv6-EIHb_2Yf0.roa (raw, json)
Hash identifier: Lk78SB8LpfBo8SsFSYMo5+5YoSmU1xn8MrHCGHuZiko=
Subject key identifier: 84:B7:55:1C:F1:65:68:D6:13:3B:4A:6F:EB:E1:08:1D:BF:F6:61:FD
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 018570FBA7ED62CCDD7B464CDB4B8CA9D507
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/hLdVHPFlaNYTO0pv6-EIHb_2Yf0.roa
Signing time: Mon 02 Jan 2023 05:36:58 +0000
ROA not before: Mon 02 Jan 2023 05:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49685
IP address blocks: 193.148.20.0/22 maxlen: 24
45.86.176.0/22 maxlen: 24
185.54.180.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a7:ed:62:cc:dd:7b:46:4c:db:4b:8c:a9:d5:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 2 05:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84b7551cf16568d6133b4a6febe1081dbff661fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:6c:fa:6f:43:4a:5c:a0:85:e8:70:04:ab:
bf:f7:4c:ef:8e:d8:69:70:f1:f6:ef:f2:7f:aa:73:
57:46:f5:c0:2e:66:9a:78:c7:1e:1b:ac:19:27:3c:
c1:e1:32:cb:03:44:8a:f8:47:9c:a7:c6:36:d7:4e:
ac:82:5f:c6:7a:e7:d4:a9:e5:a7:2e:6c:54:80:40:
b7:2a:1b:94:80:55:3e:c5:f1:ab:b5:3a:b1:bc:e3:
cc:91:12:11:44:39:46:43:49:26:0e:69:3f:15:66:
93:f5:5a:42:5d:0b:cf:f7:49:34:b1:0b:b1:4f:6d:
41:8a:32:29:7a:46:5c:99:24:40:0d:2e:99:6b:11:
05:5f:7a:6c:b4:b3:bf:61:c6:17:be:21:b8:53:8a:
a5:3e:c4:1d:18:7b:e3:ea:e5:f1:cd:c1:8c:85:d5:
94:1d:71:ae:b2:9a:fb:d5:39:09:8c:55:bb:60:1c:
d3:01:9b:69:05:a5:20:8e:72:ed:e7:92:8f:ff:c3:
2b:65:bc:a4:d7:6e:8b:12:07:37:1f:c9:35:d7:8b:
71:5e:3b:b1:6f:1f:de:95:e3:d1:fe:84:3a:72:76:
02:da:43:0f:da:65:c0:21:82:5c:cf:d7:7f:3f:44:
dc:c2:9b:81:67:85:1c:13:56:48:f0:fc:f3:e8:b5:
7b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B7:55:1C:F1:65:68:D6:13:3B:4A:6F:EB:E1:08:1D:BF:F6:61:FD
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/hLdVHPFlaNYTO0pv6-EIHb_2Yf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
94:8b:df:75:43:9a:b6:00:57:a0:01:6b:40:24:d3:d2:a9:e4:
82:54:41:5b:f8:19:72:3b:f1:1c:56:f9:4d:1e:fb:02:bc:d4:
69:1c:02:68:52:5a:7d:44:05:18:ed:fc:d4:d0:d7:de:21:30:
61:dd:f5:a0:af:fa:af:5c:68:84:43:39:b8:0f:cc:0f:04:ea:
a5:26:c6:b6:4f:1f:98:99:26:37:89:a9:ae:9b:1c:1b:e3:29:
a6:bf:a4:93:7c:f3:53:db:99:db:93:50:7c:14:eb:52:6b:00:
69:5b:bc:55:9e:21:5c:1b:5c:7e:9d:eb:90:54:28:72:74:c3:
7a:0d:83:5b:22:31:70:0c:fc:2f:46:00:99:c4:c7:74:96:0b:
ee:e9:52:9f:36:dd:33:55:aa:d3:dc:22:42:95:35:fe:15:96:
13:4d:e1:b0:a0:48:d6:6f:5c:c2:56:68:a8:19:ad:90:2e:3b:
77:af:86:aa:d7:22:8f:cd:88:89:07:d9:59:4e:a4:a8:51:89:
cd:ea:9d:9d:f6:4b:69:94:53:d6:a8:1e:6f:b6:3e:68:0b:f9:
ef:8b:fd:d7:fa:76:64:8a:81:12:40:f3:22:07:29:f1:98:3d:
dd:ad:f4:a1:c4:ac:93:ef:bf:5b:b9:27:13:3c:f4:db:5a:6f:
d9:5a:0b:af
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw+6ftYszde0ZM20uMqdUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjMwMTAyMDUzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI3NTUxY2YxNjU2OGQ2MTMzYjRhNmZlYmUxMDgxZGJmZjY2MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5Bs+m9DSlyghehwBKu/90zvjthp
cPH27/J/qnNXRvXALmaaeMceG6wZJzzB4TLLA0SK+Eecp8Y2106sgl/GeufUqeWn
LmxUgEC3KhuUgFU+xfGrtTqxvOPMkRIRRDlGQ0kmDmk/FWaT9VpCXQvP90k0sQux
T21BijIpekZcmSRADS6ZaxEFX3pstLO/YcYXviG4U4qlPsQdGHvj6uXxzcGMhdWU
HXGuspr71TkJjFW7YBzTAZtpBaUgjnLt55KP/8MrZbyk126LEgc3H8k114txXjux
bx/elePR/oQ6cnYC2kMP2mXAIYJcz9d/P0TcwpuBZ4UcE1ZI8Pzz6LV7QQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIS3VRzxZWjWEztKb+vhCB2/9mH9MB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvaExkVkhQRmxhTllUTzBwdjYtRUlIYl8yWWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQCUi991Q5q2AFegAWtAJNPSqeSCVEFb+BlyO/EcVvlNHvsCvNRpHAJo
Ulp9RAUY7fzU0NfeITBh3fWgr/qvXGiEQzm4D8wPBOqlJsa2Tx+YmSY3iamumxwb
4ymmv6STfPNT25nbk1B8FOtSawBpW7xVniFcG1x+neuQVChydMN6DYNbIjFwDPwv
RgCZxMd0lgvu6VKfNt0zVarT3CJClTX+FZYTTeGwoEjWb1zCVmioGa2QLjt3r4aq
1yKPzYiJB9lZTqSoUYnN6p2d9ktplFPWqB5vtj5oC/nvi/3X+nZkioESQPMiBynx
mD3drfShxKyT779buScTPPTbWm/ZWguv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:34 2024 by rpki-client on console-ams.rpki-client.org