Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hvJPDKGZJGEywemSLsjxMny9uo8.roa
File: hvJPDKGZJGEywemSLsjxMny9uo8.roa (raw, json)
Hash identifier: Z84a8Rwi2JJH+C4RG7UWuKOowkj4f8qLCvOkZCy8HDw=
Subject key identifier: 86:F2:4F:0C:A1:99:24:61:32:C1:E9:92:2E:C8:F1:32:7C:BD:BA:8F
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0187E6F50F3A7F69BE6A6447FE42E80E8D99
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hvJPDKGZJGEywemSLsjxMny9uo8.roa
Signing time: Thu 04 May 2023 13:30:32 +0000
ROA not before: Thu 04 May 2023 13:30:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 91.229.18.0/24 maxlen: 24
91.229.19.0/24 maxlen: 24
93.120.24.0/23 maxlen: 24
192.162.184.0/24 maxlen: 24
192.162.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 18:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:f5:0f:3a:7f:69:be:6a:64:47:fe:42:e8:0e:8d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 4 13:30:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86f24f0ca199246132c1e9922ec8f1327cbdba8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:94:20:73:1f:65:5f:a4:df:3f:97:dc:31:97:
fc:96:3f:ce:8c:40:c3:ac:01:ed:86:37:e4:47:e9:
71:fb:09:16:d9:aa:5a:b9:a7:72:bf:b3:9c:ab:ad:
87:a3:c1:00:bb:10:25:b1:59:fe:b3:0c:f6:df:e5:
9f:a1:1e:80:a5:a2:29:90:82:b4:bf:e7:38:e0:a3:
8e:03:04:d6:92:99:41:f6:ec:95:db:37:58:65:f6:
a5:86:89:df:ce:bd:5a:a8:1b:43:68:a4:28:85:1b:
5b:e9:4b:71:74:9e:df:7c:0a:40:b9:08:3b:8e:db:
d9:f3:01:40:e4:07:46:aa:8c:f7:fa:0c:e9:1d:45:
cb:c6:44:ca:b6:ab:d6:36:eb:6d:30:fa:61:c4:26:
b7:1e:65:d2:d5:a9:bb:19:dd:e3:c4:24:4b:c7:d7:
dc:98:01:2e:f0:f0:b9:8b:2f:81:82:1c:72:f8:65:
73:5d:5e:89:e9:df:27:e1:41:6d:02:6a:58:8a:f3:
56:7d:22:77:90:fc:e4:be:a0:20:53:b3:00:c2:55:
c0:13:95:5e:d5:70:25:15:d0:0b:07:35:90:48:76:
f1:69:51:26:fa:f9:9e:fb:bd:8c:d2:71:ee:7b:23:
ef:c6:09:fa:13:db:20:6b:fb:85:c4:7a:34:02:7c:
09:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F2:4F:0C:A1:99:24:61:32:C1:E9:92:2E:C8:F1:32:7C:BD:BA:8F
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hvJPDKGZJGEywemSLsjxMny9uo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.18.0/23
93.120.24.0/23
192.162.184.0/23
Signature Algorithm: sha256WithRSAEncryption
72:89:35:6f:cc:72:c2:3c:b3:e3:0a:c3:42:a4:c1:04:20:36:
b4:5e:80:d3:b3:65:7e:c7:dd:fb:14:dc:3e:66:10:fe:7c:a7:
c2:35:83:e4:f4:ca:b5:5d:7b:3b:69:45:13:e9:a5:cb:cb:23:
fa:9a:bf:69:80:98:03:86:b4:a0:75:fb:35:7a:94:5f:3c:27:
e1:76:50:b7:47:8f:3c:00:ef:1e:f5:f7:39:1e:63:d2:73:ff:
16:ed:e5:c6:24:5c:e0:d0:00:dd:25:d9:d4:e0:d3:e9:d7:6a:
bc:d6:8b:e4:2e:b2:66:6f:b1:92:9a:2e:40:f1:78:40:c2:00:
62:25:3e:fa:b0:06:2e:aa:70:2a:8c:4c:b1:fe:2b:8e:92:32:
41:e9:4f:9f:38:52:ea:3c:72:b4:2c:1d:b7:f3:42:7d:4a:38:
e8:cb:ff:dc:b9:ec:99:1f:e8:34:6c:3a:4a:bf:f0:20:6a:99:
82:fe:08:48:e4:fa:1f:fb:2e:59:f2:d2:ee:9d:ee:2f:c6:26:
58:db:45:21:69:78:57:52:60:94:4e:3f:08:fb:24:86:7e:8a:
d7:3e:30:2f:1d:50:1e:a2:8f:52:20:2b:7e:79:58:77:6b:47:
ef:88:25:ee:f8:22:30:39:23:d5:d5:88:4d:9a:2c:5e:90:41:
61:ee:46:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfm9Q86f2m+amRH/kLoDo2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTA0MTMzMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYyNGYwY2ExOTkyNDYxMzJjMWU5OTIyZWM4ZjEzMjdjYmRiYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5Qgcx9lX6TfP5fcMZf8lj/OjEDD
rAHthjfkR+lx+wkW2apauadyv7Ocq62Ho8EAuxAlsVn+swz23+WfoR6ApaIpkIK0
v+c44KOOAwTWkplB9uyV2zdYZfalhonfzr1aqBtDaKQohRtb6UtxdJ7ffApAuQg7
jtvZ8wFA5AdGqoz3+gzpHUXLxkTKtqvWNuttMPphxCa3HmXS1am7Gd3jxCRLx9fc
mAEu8PC5iy+Bghxy+GVzXV6J6d8n4UFtAmpYivNWfSJ3kPzkvqAgU7MAwlXAE5Ve
1XAlFdALBzWQSHbxaVEm+vme+72M0nHueyPvxgn6E9sga/uFxHo0AnwJEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIbyTwyhmSRhMsHpki7I8TJ8vbqPMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaHZKUERLR1pKR0V5d2VtU0xzanhNbnk5dW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+USAwQB
XXgYAwQBwKK4MA0GCSqGSIb3DQEBCwUAA4IBAQByiTVvzHLCPLPjCsNCpMEEIDa0
XoDTs2V+x937FNw+ZhD+fKfCNYPk9Mq1XXs7aUUT6aXLyyP6mr9pgJgDhrSgdfs1
epRfPCfhdlC3R488AO8e9fc5HmPSc/8W7eXGJFzg0ADdJdnU4NPp12q81ovkLrJm
b7GSmi5A8XhAwgBiJT76sAYuqnAqjEyx/iuOkjJB6U+fOFLqPHK0LB2380J9Sjjo
y//cueyZH+g0bDpKv/AgapmC/ghI5Pof+y5Z8tLune4vxiZY20UhaXhXUmCUTj8I
+ySGforXPjAvHVAeoo9SICt+eVh3a0fviCXu+CIwOSPV1YhNmixekEFh7kZw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org