Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1HfUdTlu6bDaOHM8xS78eB6ewJY.roa
File: 1HfUdTlu6bDaOHM8xS78eB6ewJY.roa (raw, json)
Hash identifier: g5kGeQ4ECyUYzS1yg9QL/89ALSIOijgUgP1OpQTbjJc=
Subject key identifier: D4:77:D4:75:39:6E:E9:B0:DA:38:73:3C:C5:2E:FC:78:1E:9E:C0:96
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CAC8FDD4F1BD7DF6B3A85CB0D9B5EEC01
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1HfUdTlu6bDaOHM8xS78eB6ewJY.roa
Signing time: Wed 27 Dec 2023 18:35:58 +0000
ROA not before: Wed 27 Dec 2023 18:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210027
IP address blocks: 185.180.145.0/24 maxlen: 24
91.236.195.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:8f:dd:4f:1b:d7:df:6b:3a:85:cb:0d:9b:5e:ec:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 27 18:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d477d475396ee9b0da38733cc52efc781e9ec096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fa:b3:40:56:41:3f:1e:d9:56:c5:7a:1b:fc:
c5:69:3a:3b:48:a4:9f:e1:cf:07:8f:b9:d1:26:3f:
ad:d2:96:f9:43:5d:67:50:be:48:c5:f0:a1:f0:51:
b1:cc:15:12:92:3c:0e:50:5c:b0:fe:bb:11:6c:88:
00:17:fb:83:61:c7:07:ac:2c:b1:ef:4f:23:99:54:
8e:08:9c:27:1a:ea:14:f1:37:60:cc:b9:f3:1f:b7:
c7:2c:a2:eb:f9:ee:10:35:af:c8:00:77:7b:1a:bf:
d2:9c:c1:79:7c:20:d8:b6:12:76:5d:fe:75:3e:c6:
a8:35:93:73:ff:41:08:9f:cd:29:3e:59:9e:71:07:
64:20:2c:22:4f:99:4c:f0:dc:20:41:4c:04:da:31:
84:84:49:5c:49:74:16:58:b7:5a:6c:fc:fe:92:7f:
d0:8e:bb:a2:ba:66:b5:d6:43:a8:45:fd:e6:af:91:
19:10:b7:90:a1:6e:60:de:8b:d8:cd:b8:7f:13:b8:
e3:83:f3:ed:a1:8a:27:dd:b3:55:cf:01:0c:54:a4:
42:42:b5:be:8f:c7:bc:b1:da:f0:12:1c:4c:0d:25:
99:cd:51:e9:0e:8a:88:ce:12:97:29:9b:12:73:33:
b8:0e:3a:81:9b:ac:6d:e2:ac:12:dd:91:54:ef:b0:
9f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:D4:75:39:6E:E9:B0:DA:38:73:3C:C5:2E:FC:78:1E:9E:C0:96
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1HfUdTlu6bDaOHM8xS78eB6ewJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.195.0/24
176.126.223.0/24
185.180.145.0/24
Signature Algorithm: sha256WithRSAEncryption
92:44:af:b1:c3:c9:81:f9:86:4c:ca:d2:0b:58:3a:df:1d:89:
ba:30:80:45:1a:5f:38:77:c8:d5:b5:62:13:e4:96:16:bf:0a:
eb:97:26:6c:e2:00:06:3e:08:a8:78:77:22:be:79:24:1e:85:
ca:e7:c2:b1:64:bb:88:5b:ae:9f:95:f2:ee:f1:7c:dc:de:20:
97:bd:3f:6c:a1:c0:2c:16:da:9e:eb:2e:26:fb:e2:8e:61:ff:
f8:e7:8f:3e:43:77:a3:c2:1f:08:26:a1:58:4f:64:0e:3d:ec:
03:bf:06:02:50:71:a6:4b:20:5f:0e:30:e1:38:46:c0:09:28:
93:9c:df:09:c2:98:3f:d0:cc:5f:a3:a7:93:f6:f7:17:a1:f8:
f1:14:0d:ac:f2:d9:1f:1c:05:01:57:eb:84:34:67:ac:09:c7:
c2:a2:ec:5e:5f:bf:6b:64:95:07:87:00:29:4a:e4:a7:0c:b7:
30:39:14:20:44:cf:24:09:f1:27:c5:fa:bd:10:c1:e2:7d:6d:
a8:46:8d:97:cc:d7:df:61:03:ae:83:9b:1f:78:17:ac:87:39:
32:71:3c:56:71:31:12:4b:11:86:6d:40:9c:fc:5e:56:ce:e6:
14:f2:e1:64:a1:86:de:fb:42:28:f6:b4:72:34:50:a6:82:74:
b0:d0:32:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYysj91PG9ffazqFyw2bXuwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjI3MTgzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc3ZDQ3NTM5NmVlOWIwZGEzODczM2NjNTJlZmM3ODFlOWVjMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vqzQFZBPx7ZVsV6G/zFaTo7SKSf
4c8Hj7nRJj+t0pb5Q11nUL5IxfCh8FGxzBUSkjwOUFyw/rsRbIgAF/uDYccHrCyx
708jmVSOCJwnGuoU8TdgzLnzH7fHLKLr+e4QNa/IAHd7Gr/SnMF5fCDYthJ2Xf51
PsaoNZNz/0EIn80pPlmecQdkICwiT5lM8NwgQUwE2jGEhElcSXQWWLdabPz+kn/Q
jruiuma11kOoRf3mr5EZELeQoW5g3ovYzbh/E7jjg/PtoYon3bNVzwEMVKRCQrW+
j8e8sdrwEhxMDSWZzVHpDoqIzhKXKZsSczO4DjqBm6xt4qwS3ZFU77CfuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNR31HU5bumw2jhzPMUu/HgensCWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMUhmVWRUbHU2YkRhT0hNOHhTNzhlQjZld0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+zDAwQA
sH7fAwQAubSRMA0GCSqGSIb3DQEBCwUAA4IBAQCSRK+xw8mB+YZMytILWDrfHYm6
MIBFGl84d8jVtWIT5JYWvwrrlyZs4gAGPgioeHcivnkkHoXK58KxZLuIW66flfLu
8Xzc3iCXvT9socAsFtqe6y4m++KOYf/4548+Q3ejwh8IJqFYT2QOPewDvwYCUHGm
SyBfDjDhOEbACSiTnN8Jwpg/0Mxfo6eT9vcXofjxFA2s8tkfHAUBV+uENGesCcfC
ouxeX79rZJUHhwApSuSnDLcwORQgRM8kCfEnxfq9EMHifW2oRo2XzNffYQOug5sf
eBeshzkycTxWcTESSxGGbUCc/F5WzuYU8uFkoYbe+0Io9rRyNFCmgnSw0DIR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org