Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/huWdoaaTh8pDZKdIhIXvxw8rylU.roa
File: huWdoaaTh8pDZKdIhIXvxw8rylU.roa (raw, json)
Hash identifier: mBbb1NltcmHR44LxZnm1DjcZ1mUyoT64rYllyDP3DGI=
Subject key identifier: 86:E5:9D:A1:A6:93:87:CA:43:64:A7:48:84:85:EF:C7:0F:2B:CA:55
Certificate issuer: /CN=15ffa042114301368b4069abd68a1efbac47fdce
Certificate serial: 01856F5DC1046BE06FC9BF20C49CBA59B303
Authority key identifier: 15:FF:A0:42:11:43:01:36:8B:40:69:AB:D6:8A:1E:FB:AC:47:FD:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff-gQhFDATaLQGmr1ooe-6xH_c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/huWdoaaTh8pDZKdIhIXvxw8rylU.roa
Signing time: Sun 01 Jan 2023 22:04:53 +0000
ROA not before: Sun 01 Jan 2023 22:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43852
IP address blocks: 62.215.221.0/24 maxlen: 24
185.95.6.0/24 maxlen: 24
62.215.174.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c1:04:6b:e0:6f:c9:bf:20:c4:9c:ba:59:b3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15ffa042114301368b4069abd68a1efbac47fdce
Validity
Not Before: Jan 1 22:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86e59da1a69387ca4364a7488485efc70f2bca55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:93:b3:28:1a:d8:c0:eb:22:f3:c5:a7:68:
70:34:b1:7c:c8:91:b1:fb:04:bf:9f:92:bf:97:8f:
8e:8e:61:63:aa:ae:13:a8:57:74:cb:3f:91:76:a8:
a1:43:0c:4e:d2:09:6d:8d:15:0e:45:6e:9b:d8:f7:
22:d8:04:b9:39:0d:63:42:cf:0e:73:93:0f:db:70:
55:2d:24:3b:1d:e9:ab:60:61:c7:37:2c:ec:48:3e:
02:4a:d9:3e:08:87:e3:1e:18:5c:5d:bd:08:e2:fe:
f8:19:c2:ab:20:73:a3:93:80:d3:cd:9b:e0:69:e2:
60:02:c0:90:1b:b3:47:ba:c2:c1:d2:1d:bb:71:8a:
63:5e:7e:38:73:42:3e:88:8b:2e:40:6f:de:19:4d:
1c:52:b1:9d:0f:05:43:ba:d3:eb:ee:bc:cd:dd:40:
ca:29:73:06:ec:94:42:c2:f3:d1:70:70:8f:22:bf:
8e:6f:7f:3e:1c:03:a5:9a:96:ba:2d:0b:9f:10:bc:
80:27:9e:62:12:d8:ae:37:54:ad:4c:99:e2:96:9b:
96:04:18:d9:0a:13:aa:2e:c2:2e:75:4e:f5:04:24:
44:9a:ec:45:99:aa:8f:57:f9:35:82:d3:3f:58:70:
83:43:25:81:66:f9:a2:85:1a:9a:a5:b9:d3:d7:21:
43:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E5:9D:A1:A6:93:87:CA:43:64:A7:48:84:85:EF:C7:0F:2B:CA:55
X509v3 Authority Key Identifier:
keyid:15:FF:A0:42:11:43:01:36:8B:40:69:AB:D6:8A:1E:FB:AC:47:FD:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff-gQhFDATaLQGmr1ooe-6xH_c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/huWdoaaTh8pDZKdIhIXvxw8rylU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/Ff-gQhFDATaLQGmr1ooe-6xH_c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.215.174.0/24
62.215.221.0/24
185.95.6.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:dc:9d:13:39:69:01:f6:f5:f3:8e:e3:69:0b:c4:06:0d:c6:
27:d1:8d:e8:30:65:e4:22:b1:af:f3:c1:28:f2:65:74:9f:c7:
a8:af:f9:0e:67:22:14:0c:ca:8d:89:f6:89:ea:a5:a1:0b:44:
59:a8:20:c8:7d:79:9d:ea:3f:0c:80:a3:9b:8d:45:d9:ac:0e:
c5:b9:65:10:4c:8b:75:b1:ec:ee:e2:19:60:14:c0:06:29:44:
e6:69:33:07:65:a4:81:7f:d0:71:4e:14:71:76:14:c9:c6:4a:
40:bf:df:40:5f:1d:4a:b8:41:21:f4:51:22:c8:33:a1:f2:42:
14:5b:f2:e9:26:84:b7:02:e6:af:f8:e9:63:b7:20:70:17:97:
24:84:c4:df:b2:62:d9:7e:e5:29:a5:db:65:19:57:44:e5:f6:
78:ca:39:bf:0e:05:89:a7:ab:8a:c9:45:a6:80:5c:6d:2e:28:
f5:38:c8:1f:1a:07:bb:45:48:26:ff:95:a5:44:f3:14:93:78:
f0:70:1e:d5:61:13:94:6d:7f:36:7e:d1:7d:60:dd:b4:db:43:
62:c6:08:4a:cd:6b:a6:46:47:24:7b:88:e2:a9:a0:51:9a:ef:
d2:0b:13:b3:4d:4f:63:ea:b9:6a:24:0f:b5:96:98:c0:05:fe:
f2:35:93:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvXcEEa+Bvyb8gxJy6WbMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmZhMDQyMTE0MzAxMzY4YjQwNjlhYmQ2OGExZWZiYWM0
N2ZkY2UwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU1OWRhMWE2OTM4N2NhNDM2NGE3NDg4NDg1ZWZjNzBmMmJjYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTiTsyga2MDrIvPFp2hwNLF8yJGx
+wS/n5K/l4+OjmFjqq4TqFd0yz+RdqihQwxO0gltjRUORW6b2Pci2AS5OQ1jQs8O
c5MP23BVLSQ7HemrYGHHNyzsSD4CStk+CIfjHhhcXb0I4v74GcKrIHOjk4DTzZvg
aeJgAsCQG7NHusLB0h27cYpjXn44c0I+iIsuQG/eGU0cUrGdDwVDutPr7rzN3UDK
KXMG7JRCwvPRcHCPIr+Ob38+HAOlmpa6LQufELyAJ55iEtiuN1StTJnilpuWBBjZ
ChOqLsIudU71BCREmuxFmaqPV/k1gtM/WHCDQyWBZvmihRqapbnT1yFDpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIblnaGmk4fKQ2SnSISF78cPK8pVMB8GA1UdIwQY
MBaAFBX/oEIRQwE2i0Bpq9aKHvusR/3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYtZ1FoRkRBVGFMUUdtcjFvb2UtNnhIX2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDliYzUtNTFhYS00ZTdiLThmMDMt
YjczYTM2ZDkzOWIyLzEvaHVXZG9hYVRoOHBEWktkSWhJWHZ4dzhyeWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xNDliYzUtNTFhYS00ZTdiLThmMDMtYjczYTM2ZDkzOWIy
LzEvRmYtZ1FoRkRBVGFMUUdtcjFvb2UtNnhIX2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPteuAwQA
PtfdAwQAuV8GMA0GCSqGSIb3DQEBCwUAA4IBAQA93J0TOWkB9vXzjuNpC8QGDcYn
0Y3oMGXkIrGv88Eo8mV0n8eor/kOZyIUDMqNifaJ6qWhC0RZqCDIfXmd6j8MgKOb
jUXZrA7FuWUQTIt1sezu4hlgFMAGKUTmaTMHZaSBf9BxThRxdhTJxkpAv99AXx1K
uEEh9FEiyDOh8kIUW/LpJoS3Auav+OljtyBwF5ckhMTfsmLZfuUppdtlGVdE5fZ4
yjm/DgWJp6uKyUWmgFxtLij1OMgfGge7RUgm/5WlRPMUk3jwcB7VYROUbX82ftF9
YN2020NixghKzWumRkcke4jiqaBRmu/SCxOzTU9j6rlqJA+1lpjABf7yNZOD
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:08 2024 by rpki-client on console-ams.rpki-client.org