Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa
File: hUWTQfvN669dYEWiTaUTEAkRVLU.roa (raw, json)
Hash identifier: yzHnZJypgthDNAbRLT1TurmBhAgvIRm4fpcBZPVWl9g=
Subject key identifier: 85:45:93:41:FB:CD:EB:AF:5D:60:45:A2:4D:A5:13:10:09:11:54:B5
Certificate issuer: /CN=238857660dc7fa60846f765b94cb69576255adb6
Certificate serial: 01856FA6D530F503D30936DA059800F75A55
Authority key identifier: 23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa
Signing time: Sun 01 Jan 2023 23:24:42 +0000
ROA not before: Sun 01 Jan 2023 23:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57118
IP address blocks: 185.104.19.0/24 maxlen: 24
2a00:f740:400::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:d5:30:f5:03:d3:09:36:da:05:98:00:f7:5a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=238857660dc7fa60846f765b94cb69576255adb6
Validity
Not Before: Jan 1 23:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85459341fbcdebaf5d6045a24da51310091154b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9e:7b:36:7d:f0:ff:76:12:22:47:e8:db:88:
00:f1:6b:23:0b:af:11:06:29:a5:9a:ba:10:9c:02:
c4:ec:37:f1:7b:33:6c:53:78:f1:42:81:ea:51:81:
d6:6b:12:36:89:c7:1b:89:b9:2d:4c:67:40:3c:ef:
ae:d2:22:96:12:b0:46:1e:3f:23:ab:6a:bc:44:d7:
36:91:d9:67:61:55:62:31:07:9a:82:bd:57:65:ea:
cd:4e:d2:47:e0:d7:9d:5b:42:4d:c3:4f:eb:06:d8:
47:08:c3:57:4b:83:19:e3:81:2c:4b:fc:09:e3:6a:
28:ad:93:db:4c:e0:7d:02:8c:8a:26:93:6c:22:b1:
8e:af:e4:8c:46:56:8e:f1:8f:0f:c8:65:ab:14:41:
dd:ef:b7:73:17:06:82:eb:13:e2:52:e4:87:16:6e:
cb:f7:63:31:3d:00:af:86:39:0a:7d:05:12:2c:b7:
a3:b0:ae:01:a2:22:82:22:25:75:4c:f6:ff:b0:95:
07:9f:3b:b4:e1:bc:c1:9e:2f:3d:34:e6:77:9a:cf:
3a:0b:0a:20:a5:11:a8:26:55:4d:a5:33:0d:95:c5:
3b:92:02:84:09:6d:8c:d5:a3:95:4c:bc:25:e1:eb:
41:bb:bc:bc:9b:d3:97:21:da:b1:77:aa:52:2a:9c:
45:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:45:93:41:FB:CD:EB:AF:5D:60:45:A2:4D:A5:13:10:09:11:54:B5
X509v3 Authority Key Identifier:
keyid:23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/I4hXZg3H-mCEb3ZblMtpV2JVrbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.19.0/24
IPv6:
2a00:f740:400::/48
Signature Algorithm: sha256WithRSAEncryption
73:11:12:4a:73:4c:b1:93:f9:3a:34:7f:a0:b0:a8:ca:9c:b6:
74:13:2e:78:69:2c:be:99:ae:eb:81:20:45:6a:4e:c1:a0:7e:
d0:11:01:55:a7:fe:78:41:42:90:b4:a5:37:09:72:41:41:d9:
f0:c1:74:56:93:ea:b1:ec:9f:3b:ea:77:24:67:a3:28:0d:6a:
45:d3:70:62:2e:fb:55:80:fd:0b:49:8d:9e:ab:2f:90:8c:04:
68:10:5a:aa:5b:aa:69:71:5d:22:e7:77:8d:a2:69:2f:6c:70:
ae:43:29:e4:ea:fa:89:6b:1c:29:d4:04:94:05:f6:b0:1f:74:
1b:af:b9:4f:14:f5:07:c8:6b:19:03:e3:cd:c3:c5:75:a3:dc:
0e:aa:7e:20:b8:65:24:08:6c:9b:3b:72:66:af:4b:93:c4:52:
d1:cc:8f:a6:58:7d:a9:c7:20:4f:ce:98:9c:cd:1d:c4:f6:d2:
dd:58:0e:bf:c7:aa:e5:0b:a2:27:e3:f1:db:dd:60:1e:83:91:
0a:a0:e4:fc:b8:7f:97:fd:d3:b7:dd:f2:39:d0:6c:69:74:66:
03:61:ee:c6:c0:29:22:aa:fc:da:65:aa:c2:55:e8:ae:2c:5e:
10:6d:76:a0:18:19:4e:b0:28:cb:87:82:10:75:d0:2b:2d:ec:
f8:06:98:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvptUw9QPTCTbaBZgA91pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzODg1NzY2MGRjN2ZhNjA4NDZmNzY1Yjk0Y2I2OTU3NjI1
NWFkYjYwHhcNMjMwMTAxMjMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ1OTM0MWZiY2RlYmFmNWQ2MDQ1YTI0ZGE1MTMxMDA5MTE1NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh557Nn3w/3YSIkfo24gA8WsjC68R
BimlmroQnALE7DfxezNsU3jxQoHqUYHWaxI2iccbibktTGdAPO+u0iKWErBGHj8j
q2q8RNc2kdlnYVViMQeagr1XZerNTtJH4NedW0JNw0/rBthHCMNXS4MZ44EsS/wJ
42oorZPbTOB9AoyKJpNsIrGOr+SMRlaO8Y8PyGWrFEHd77dzFwaC6xPiUuSHFm7L
92MxPQCvhjkKfQUSLLejsK4BoiKCIiV1TPb/sJUHnzu04bzBni89NOZ3ms86Cwog
pRGoJlVNpTMNlcU7kgKECW2M1aOVTLwl4etBu7y8m9OXIdqxd6pSKpxFQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVFk0H7zeuvXWBFok2lExAJEVS1MB8GA1UdIwQY
MBaAFCOIV2YNx/pghG92W5TLaVdiVa22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEt
MGY4NzZhYmQxZTMwLzEvaFVXVFFmdk42NjlkWUVXaVRhVVRFQWtSVkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEtMGY4NzZhYmQxZTMw
LzEvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWgTMA8E
AgACMAkDBwAqAPdABAAwDQYJKoZIhvcNAQELBQADggEBAHMREkpzTLGT+To0f6Cw
qMqctnQTLnhpLL6ZruuBIEVqTsGgftARAVWn/nhBQpC0pTcJckFB2fDBdFaT6rHs
nzvqdyRnoygNakXTcGIu+1WA/QtJjZ6rL5CMBGgQWqpbqmlxXSLnd42iaS9scK5D
KeTq+olrHCnUBJQF9rAfdBuvuU8U9QfIaxkD483DxXWj3A6qfiC4ZSQIbJs7cmav
S5PEUtHMj6ZYfanHIE/OmJzNHcT20t1YDr/HquULoifj8dvdYB6DkQqg5Py4f5f9
07fd8jnQbGl0ZgNh7sbAKSKq/NplqsJV6K4sXhBtdqAYGU6wKMuHghB10Cst7PgG
mFI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:14 2024 by rpki-client on console-fra.rpki-client.org