Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HBXSGI2TOog-olK4L5ckw-qY3kQ.roa
File: HBXSGI2TOog-olK4L5ckw-qY3kQ.roa (raw, json)
Hash identifier: C9kENZAlGQGwAOxs6ug5g0qIrWV4pt2CK8Y8b5uy7N0=
Subject key identifier: 1C:15:D2:18:8D:93:3A:88:3E:A2:52:B8:2F:97:24:C3:EA:98:DE:44
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB37EB947E4BE0E6828F4CE361C125
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HBXSGI2TOog-olK4L5ckw-qY3kQ.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206654
IP address blocks: 185.212.11.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
45.88.124.0/22 maxlen: 22
2a0f:fa00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:37:eb:94:7e:4b:e0:e6:82:8f:4c:e3:61:c1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c15d2188d933a883ea252b82f9724c3ea98de44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:a2:f4:85:ef:3c:4e:a0:52:6a:58:6a:f0:
34:fc:e9:1f:72:30:d5:59:ed:2d:c2:e8:25:ad:c8:
94:72:b9:ed:7d:55:1b:cc:77:92:00:c6:97:5a:b1:
c9:20:ca:3c:ee:0e:9b:ed:a8:c8:a8:c5:3b:75:d9:
e7:8b:19:d4:1d:54:3c:10:37:94:95:85:61:06:f5:
d5:34:ff:9b:1b:9e:a5:45:bc:b7:43:79:dd:bb:a9:
bd:77:cd:3c:81:24:6c:4c:49:6f:98:12:e6:7b:33:
d0:1e:a5:27:b9:52:ac:97:4e:5d:b1:c9:26:aa:aa:
cd:05:d0:4e:34:e5:ff:07:31:fa:43:e4:07:c4:96:
09:31:49:0f:b1:7c:0b:1a:f6:bc:05:72:55:38:f9:
92:1e:66:55:f2:5f:e1:a0:d2:63:99:17:4c:90:5d:
40:ea:72:09:4d:45:dd:20:87:83:88:3b:4c:e9:a2:
5d:e5:7e:07:67:d2:a2:52:02:70:0c:fb:00:26:c0:
ce:dd:29:b3:4d:7e:d3:77:9a:ef:84:09:09:33:80:
ab:9d:e8:41:8d:21:7c:26:eb:9a:17:cc:2c:0d:eb:
fd:51:b8:8e:4f:6b:ef:f6:10:22:64:df:78:cf:4f:
64:db:5c:68:eb:0a:bd:ff:1e:27:d4:bf:cf:36:ce:
56:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:15:D2:18:8D:93:3A:88:3E:A2:52:B8:2F:97:24:C3:EA:98:DE:44
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HBXSGI2TOog-olK4L5ckw-qY3kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.124.0/22
185.212.11.0/24
194.213.10.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
44:b1:20:e5:ca:84:7f:9c:63:50:bf:f3:c0:13:ed:f9:fe:d2:
66:b0:a2:7a:35:2c:a9:bd:0c:c8:dd:2d:b0:4d:be:df:17:aa:
80:a6:65:0c:b6:a0:f8:bd:13:98:77:8c:9c:ae:74:cc:7a:1c:
63:bf:a0:9e:fb:47:38:27:5c:eb:06:7b:41:7e:59:12:e4:e7:
87:ff:aa:e5:c5:6b:11:07:55:d8:c4:a1:c1:5c:b4:66:87:f3:
a4:bb:44:9e:43:77:df:4e:c3:62:67:7f:4f:41:88:06:39:ee:
a9:69:14:09:47:a8:a5:d9:be:1c:a7:b5:cf:84:e1:06:d4:83:
0a:08:ed:3c:3a:4d:f5:fb:63:c4:33:aa:6e:2c:6b:61:0a:71:
de:4a:4c:47:b9:43:19:e3:03:7d:9f:8b:e2:e4:c7:2d:b4:96:
55:be:3c:5c:3f:75:f4:03:8b:c5:b0:60:e9:51:9e:4d:c2:0e:
d6:bd:d1:76:a5:f6:a8:1e:f2:b8:ca:49:ce:7f:16:19:d5:e5:
7b:ad:67:62:ea:55:9e:44:d2:da:30:c0:c9:72:38:6b:b8:0d:
e1:3b:d9:a9:52:ce:61:18:54:f8:0f:0d:0a:43:07:2d:12:c7:
7c:25:e4:8c:b9:7c:f6:9e:64:de:be:55:83:c1:83:73:b2:41:
c9:95:4a:81
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2zfrlH5L4OaCj0zjYcElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE1ZDIxODhkOTMzYTg4M2VhMjUyYjgyZjk3MjRjM2VhOThkZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdmi9IXvPE6gUmpYavA0/OkfcjDV
We0twuglrciUcrntfVUbzHeSAMaXWrHJIMo87g6b7ajIqMU7ddnnixnUHVQ8EDeU
lYVhBvXVNP+bG56lRby3Q3ndu6m9d808gSRsTElvmBLmezPQHqUnuVKsl05dsckm
qqrNBdBONOX/BzH6Q+QHxJYJMUkPsXwLGva8BXJVOPmSHmZV8l/hoNJjmRdMkF1A
6nIJTUXdIIeDiDtM6aJd5X4HZ9KiUgJwDPsAJsDO3SmzTX7Td5rvhAkJM4CrnehB
jSF8JuuaF8wsDev9UbiOT2vv9hAiZN94z09k21xo6wq9/x4n1L/PNs5WewIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBwV0hiNkzqIPqJSuC+XJMPqmN5EMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSEJYU0dJMlRPb2ctb2xLNEw1Y2t3LXFZM2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVh8AwQA
udQLAwQAwtUKMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEBCwUAA4IBAQBEsSDl
yoR/nGNQv/PAE+35/tJmsKJ6NSypvQzI3S2wTb7fF6qApmUMtqD4vROYd4ycrnTM
ehxjv6Ce+0c4J1zrBntBflkS5OeH/6rlxWsRB1XYxKHBXLRmh/Oku0SeQ3ffTsNi
Z39PQYgGOe6paRQJR6il2b4cp7XPhOEG1IMKCO08Ok31+2PEM6puLGthCnHeSkxH
uUMZ4wN9n4vi5McttJZVvjxcP3X0A4vFsGDpUZ5Nwg7WvdF2pfaoHvK4yknOfxYZ
1eV7rWdi6lWeRNLaMMDJcjhruA3hO9mpUs5hGFT4Dw0KQwctEsd8JeSMuXz2nmTe
vlWDwYNzskHJlUqB
-----END CERTIFICATE-----
Generated at Thu Jan 4 21:38:11 2024 by rpki-client on console-ams.rpki-client.org