Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/HYwezYwfHadyhe_0fY6Qm9PgdMw.roa
File: HYwezYwfHadyhe_0fY6Qm9PgdMw.roa (raw, json)
Hash identifier: ryQpO2U8F5ofYKx/XiPbHcLmUsoHEFMQJ3b4aWpgV+g=
Subject key identifier: 1D:8C:1E:CD:8C:1F:1D:A7:72:85:EF:F4:7D:8E:90:9B:D3:E0:74:CC
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0189F3A3D6B7027AA4D4FC4F31F7FE48241B
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/HYwezYwfHadyhe_0fY6Qm9PgdMw.roa
Signing time: Mon 14 Aug 2023 10:42:28 +0000
ROA not before: Mon 14 Aug 2023 10:42:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 77744
IP address blocks: 188.190.15.0/24 maxlen: 24
188.190.14.0/24 maxlen: 24
188.190.13.0/24 maxlen: 24
188.190.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Aug 2023 11:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:a3:d6:b7:02:7a:a4:d4:fc:4f:31:f7:fe:48:24:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Aug 14 10:42:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d8c1ecd8c1f1da77285eff47d8e909bd3e074cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:d9:2a:86:b4:6a:5b:67:cc:55:ff:b9:15:
ac:51:bc:13:19:c9:f2:3d:08:ea:58:3f:8e:11:41:
b5:f4:8c:6a:ee:3e:89:e4:70:dd:5e:13:2a:5f:db:
4b:79:0d:fd:73:98:81:aa:bc:91:07:f9:2c:49:9d:
8d:c3:45:35:85:bb:0f:9d:b8:3d:a9:10:dc:c3:94:
97:be:e0:1d:e3:d7:71:43:20:0a:96:8e:a3:30:11:
a9:5a:22:90:31:15:99:90:87:78:1c:7a:18:cb:cc:
33:71:15:47:30:82:b4:fa:3e:23:b0:c3:79:65:c5:
d0:2c:0d:1e:ed:2d:09:3f:30:1e:cc:46:e6:06:34:
b3:d4:78:e6:85:fe:8d:f2:9d:33:1b:18:79:08:24:
d4:db:58:34:7c:c7:c5:05:ea:10:50:fe:d0:ec:3f:
1f:98:c1:e2:8a:25:20:65:f9:6c:d5:91:7a:3a:62:
d1:65:8f:40:41:06:51:87:f1:01:32:04:34:a2:46:
55:cc:be:3c:9f:44:fd:0b:db:d4:5b:95:53:f1:70:
2b:b3:34:dc:44:8d:c5:81:1c:a6:f1:8a:2f:4f:88:
10:54:23:5b:b5:03:38:9d:47:8d:e1:0d:cb:45:bd:
ee:1d:90:87:cf:4c:ab:cc:6a:aa:a6:92:f1:b5:22:
a8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8C:1E:CD:8C:1F:1D:A7:72:85:EF:F4:7D:8E:90:9B:D3:E0:74:CC
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/HYwezYwfHadyhe_0fY6Qm9PgdMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.12.0/22
Signature Algorithm: sha256WithRSAEncryption
24:28:ab:22:35:58:ab:66:63:2f:4e:5d:de:fa:98:33:00:ed:
1d:8d:67:b4:8c:96:dd:ac:b0:e7:38:3c:f0:43:2c:4f:d3:7a:
f6:58:00:7b:d2:cf:6f:7f:b9:be:b2:69:77:7e:e4:01:43:10:
9c:10:ee:ac:d4:8b:b4:f9:02:8e:06:22:59:24:fd:f2:d6:36:
42:3c:69:9c:f1:6f:91:13:7f:df:87:1f:38:21:a9:f7:25:fb:
58:3e:65:13:67:8e:e3:b2:e4:28:de:d6:40:38:a7:8c:79:ca:
1b:9f:24:b9:9c:ca:d4:e9:53:e7:ec:0e:12:41:77:72:fb:fe:
97:b7:40:e0:22:04:f4:72:7a:ba:56:30:69:13:20:62:d3:9f:
79:95:4a:42:57:62:75:9f:16:0d:fa:a0:1a:b9:ac:62:98:f4:
ec:c7:e2:2a:d5:17:96:a2:e4:f2:9a:41:d1:26:33:28:40:0f:
ed:5f:81:89:f2:e3:6c:88:e2:b0:a2:18:f7:43:3b:23:16:28:
df:6e:fc:25:70:7d:b2:ea:40:8d:71:e5:af:68:43:29:fd:f5:
bd:90:59:e5:f4:77:74:b0:7e:68:f8:a3:93:a7:54:1b:7c:c0:
fe:ca:d7:53:b7:42:31:d2:34:5f:16:e4:0f:f4:15:5c:e2:74:
86:59:3c:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnzo9a3Anqk1PxPMff+SCQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjMwODE0MTA0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhjMWVjZDhjMWYxZGE3NzI4NWVmZjQ3ZDhlOTA5YmQzZTA3NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDTZKoa0altnzFX/uRWsUbwTGcny
PQjqWD+OEUG19Ixq7j6J5HDdXhMqX9tLeQ39c5iBqryRB/ksSZ2Nw0U1hbsPnbg9
qRDcw5SXvuAd49dxQyAKlo6jMBGpWiKQMRWZkId4HHoYy8wzcRVHMIK0+j4jsMN5
ZcXQLA0e7S0JPzAezEbmBjSz1Hjmhf6N8p0zGxh5CCTU21g0fMfFBeoQUP7Q7D8f
mMHiiiUgZfls1ZF6OmLRZY9AQQZRh/EBMgQ0okZVzL48n0T9C9vUW5VT8XArszTc
RI3FgRym8YovT4gQVCNbtQM4nUeN4Q3LRb3uHZCHz0yrzGqqppLxtSKoUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2MHs2MHx2ncoXv9H2OkJvT4HTMMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvSFl3ZXpZd2ZIYWR5aGVfMGZZNlFtOVBnZE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvL4MMA0G
CSqGSIb3DQEBCwUAA4IBAQAkKKsiNVirZmMvTl3e+pgzAO0djWe0jJbdrLDnODzw
QyxP03r2WAB70s9vf7m+sml3fuQBQxCcEO6s1Iu0+QKOBiJZJP3y1jZCPGmc8W+R
E3/fhx84Ian3JftYPmUTZ47jsuQo3tZAOKeMecobnyS5nMrU6VPn7A4SQXdy+/6X
t0DgIgT0cnq6VjBpEyBi0595lUpCV2J1nxYN+qAauaximPTsx+Iq1ReWouTymkHR
JjMoQA/tX4GJ8uNsiOKwohj3QzsjFijfbvwlcH2y6kCNceWvaEMp/fW9kFnl9Hd0
sH5o+KOTp1QbfMD+ytdTt0Ix0jRfFuQP9BVc4nSGWTyP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:21 2024 by rpki-client on console-ams.rpki-client.org