Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa
File: Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa (raw, json)
Hash identifier: 4FTixVQINPmkxlHJnSAC1aGYtoBUlV7dA2BhN7xJZz8=
Subject key identifier: 1F:3F:EB:41:54:ED:9A:94:B0:02:77:0D:5D:2B:76:77:60:5C:F5:39
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 01856F1D8A9A9E0FF1747511EE930EA64976
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa
Signing time: Sun 01 Jan 2023 20:54:45 +0000
ROA not before: Sun 01 Jan 2023 20:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20765
IP address blocks: 185.84.216.0/22 maxlen: 24
193.96.96.0/21 maxlen: 24
194.115.4.0/24 maxlen: 24
2a05:a880:de10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8a:9a:9e:0f:f1:74:75:11:ee:93:0e:a6:49:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Jan 1 20:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3feb4154ed9a94b002770d5d2b7677605cf539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:47:d3:05:3c:77:54:dc:fb:6a:84:38:98:78:
9b:31:13:18:d8:11:2a:d7:41:cf:cd:15:5c:02:df:
c9:72:09:69:d2:65:c8:4c:53:53:84:2a:4a:d9:1f:
71:0c:fb:0d:5c:a9:d7:af:cc:0d:02:59:ce:a1:94:
a4:be:c6:6f:ab:f5:14:93:5d:81:6f:2f:fb:d0:2b:
34:f9:57:aa:bd:ce:94:ee:83:5d:91:dc:6e:d1:69:
4a:17:cd:b8:93:ed:20:70:4c:07:70:f1:66:3f:36:
f3:28:20:96:07:4b:5c:5f:f8:db:50:76:a4:0a:61:
c1:b0:43:d6:2d:09:d3:c6:47:60:26:e5:8e:a6:81:
c5:11:cf:e8:a2:db:d2:05:e2:e1:1c:1a:2f:4b:7a:
f1:82:42:34:a3:be:41:b4:63:8e:d5:be:69:eb:96:
7f:e3:79:09:22:17:83:ef:81:99:94:2d:bb:2e:27:
51:b6:56:e5:5a:04:2d:72:27:5b:69:81:55:c1:29:
4e:09:86:19:fe:82:da:9f:cd:c0:c8:ca:57:f8:20:
14:50:53:90:db:6f:e0:f6:47:07:25:76:84:1e:f0:
ef:d5:38:d8:19:80:aa:92:34:42:46:fc:b3:c9:e4:
60:3c:69:35:5b:f8:14:5c:d2:63:95:71:de:ef:72:
62:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:EB:41:54:ED:9A:94:B0:02:77:0D:5D:2B:76:77:60:5C:F5:39
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/Hz_rQVTtmpSwAncNXSt2d2Bc9Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.216.0/22
193.96.96.0/21
194.115.4.0/24
IPv6:
2a05:a880:de10::/48
Signature Algorithm: sha256WithRSAEncryption
9c:8a:46:b2:41:d0:03:43:f8:72:95:67:1a:40:80:7c:e9:90:
8b:8d:69:59:21:40:c4:b7:a5:98:95:96:61:31:eb:ea:b8:26:
9f:47:81:69:4c:41:9e:29:b7:81:27:79:d0:98:51:de:9b:04:
69:a5:9f:9c:f1:0a:d2:83:d5:31:41:69:20:5e:3d:60:76:d6:
30:86:64:3e:d8:f0:e8:64:77:03:4a:05:f2:51:93:4e:b5:44:
4f:0a:ee:11:e4:6d:29:00:d2:87:2f:b8:72:68:93:7d:c5:be:
73:63:47:75:6b:4e:ab:42:75:3c:97:8b:6d:d4:11:de:84:d1:
d5:21:c8:40:5a:26:88:b9:bf:02:9d:e0:8f:97:33:a5:56:cc:
77:ec:3d:bd:3e:5d:c7:01:f5:fd:f8:7c:11:9c:2b:7c:79:af:
ed:15:c6:1f:0b:76:59:38:2b:19:b6:5f:31:a4:2c:2c:02:fb:
d8:10:0c:92:11:f1:cf:75:6c:f6:04:64:63:df:3a:89:a4:79:
c5:a1:12:8c:cf:5c:ef:35:cb:fe:90:36:31:2e:1e:b2:53:06:
1c:34:08:d5:da:a9:4b:41:50:a2:5d:0b:3d:c2:ee:ad:10:8f:
09:62:ef:6e:1c:e1:d6:1b:9c:c4:5b:23:66:90:bf:72:1d:94:
1c:50:53:11
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvHYqang/xdHUR7pMOpkl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjMwMTAxMjA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNmZWI0MTU0ZWQ5YTk0YjAwMjc3MGQ1ZDJiNzY3NzYwNWNmNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEfTBTx3VNz7aoQ4mHibMRMY2BEq
10HPzRVcAt/Jcglp0mXITFNThCpK2R9xDPsNXKnXr8wNAlnOoZSkvsZvq/UUk12B
by/70Cs0+Veqvc6U7oNdkdxu0WlKF824k+0gcEwHcPFmPzbzKCCWB0tcX/jbUHak
CmHBsEPWLQnTxkdgJuWOpoHFEc/ootvSBeLhHBovS3rxgkI0o75BtGOO1b5p65Z/
43kJIheD74GZlC27LidRtlblWgQtcidbaYFVwSlOCYYZ/oLan83AyMpX+CAUUFOQ
22/g9kcHJXaEHvDv1TjYGYCqkjRCRvyzyeRgPGk1W/gUXNJjlXHe73JiGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB8/60FU7ZqUsAJ3DV0rdndgXPU5MB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvSHpfclFWVHRtcFN3QW5jTlhTdDJkMkJjOVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuVTYAwQD
wWBgAwQAwnMEMA8EAgACMAkDBwAqBaiA3hAwDQYJKoZIhvcNAQELBQADggEBAJyK
RrJB0AND+HKVZxpAgHzpkIuNaVkhQMS3pZiVlmEx6+q4Jp9HgWlMQZ4pt4EnedCY
Ud6bBGmln5zxCtKD1TFBaSBePWB21jCGZD7Y8OhkdwNKBfJRk061RE8K7hHkbSkA
0ocvuHJok33FvnNjR3VrTqtCdTyXi23UEd6E0dUhyEBaJoi5vwKd4I+XM6VWzHfs
Pb0+XccB9f34fBGcK3x5r+0Vxh8Ldlk4Kxm2XzGkLCwC+9gQDJIR8c91bPYEZGPf
OomkecWhEozPXO81y/6QNjEuHrJTBhw0CNXaqUtBUKJdCz3C7q0Qjwli724c4dYb
nMRbI2aQv3IdlBxQUxE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:01 2024 by rpki-client on console-fra.rpki-client.org