Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/HK3W0A8YJxaLcYy0qMFiC3biZGo.roa
File: HK3W0A8YJxaLcYy0qMFiC3biZGo.roa (raw, json)
Hash identifier: iW0EqpDcVFQr1i62vt2T2HvruiGZOKsJn+NHpr+Kc7U=
Subject key identifier: 1C:AD:D6:D0:0F:18:27:16:8B:71:8C:B4:A8:C1:62:0B:76:E2:64:6A
Certificate issuer: /CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Certificate serial: 01856FC294EC4F1CCBF2BF62B45B786A8EC2
Authority key identifier: 14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/HK3W0A8YJxaLcYy0qMFiC3biZGo.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200944
IP address blocks: 185.90.117.0/24 maxlen: 24
185.90.116.0/22 maxlen: 22
185.90.116.0/24 maxlen: 24
185.90.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:94:ec:4f:1c:cb:f2:bf:62:b4:5b:78:6a:8e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cadd6d00f1827168b718cb4a8c1620b76e2646a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:18:c6:7a:ae:c1:1f:67:93:2f:40:76:ee:
64:59:d1:41:ad:ac:5d:38:2e:a3:8e:ad:83:91:21:
a9:e4:e2:f6:d8:30:43:3f:83:6e:1e:d8:fc:9f:92:
13:d5:c4:6a:22:94:54:25:6a:74:a8:3c:35:b7:bd:
ba:03:5b:22:93:cc:6b:eb:85:35:19:1e:a6:0f:2b:
6b:a3:0b:bf:de:45:68:33:0b:a1:6b:0b:56:d7:79:
da:7b:e2:2a:6b:81:8d:79:a9:65:6f:8c:ba:e2:a4:
6a:24:02:72:14:fe:03:14:a9:53:c5:21:69:ba:a8:
fc:e4:b3:b2:f0:cb:e1:ac:4c:72:18:27:65:85:46:
b4:ee:1c:bb:14:5b:b7:af:af:e0:8a:88:41:92:c9:
15:3f:61:0c:64:6e:04:eb:90:18:50:6b:74:02:f7:
64:c9:83:0f:c8:54:8b:52:88:36:59:2e:ac:33:ed:
a3:96:44:46:00:66:cd:b5:15:73:41:11:16:30:cf:
74:74:53:6d:b3:7a:ba:6d:4a:7a:1f:06:51:07:cc:
c8:81:7a:8a:76:d8:a2:ae:a3:05:eb:93:04:00:d5:
d8:b8:eb:7a:d6:e2:e2:f9:b3:85:96:58:ed:2d:44:
9d:66:42:60:61:50:19:0c:2d:74:47:18:27:41:f0:
e9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AD:D6:D0:0F:18:27:16:8B:71:8C:B4:A8:C1:62:0B:76:E2:64:6A
X509v3 Authority Key Identifier:
keyid:14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/HK3W0A8YJxaLcYy0qMFiC3biZGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
23:3f:fb:94:db:0f:1b:e9:b7:f9:32:21:04:52:9b:54:70:07:
3e:f1:7c:f7:7b:66:13:53:73:48:12:b1:68:5f:a0:51:5f:ae:
bd:ea:32:c3:aa:2e:11:c4:6f:56:5d:f9:1a:da:b5:c6:ac:9c:
fe:9a:5b:40:29:f4:64:f8:81:85:e8:f4:59:0e:6b:06:31:22:
3a:f2:6a:5c:01:54:65:06:5b:69:c8:bd:b2:75:03:27:75:5d:
ea:a7:b3:1c:12:f5:08:00:75:23:6e:c5:cf:b7:92:2d:85:06:
60:19:1b:e8:95:13:11:ba:78:bd:94:9b:58:f8:61:69:33:b4:
88:89:f6:c3:cc:80:9a:e8:d5:17:c1:25:ac:1b:0f:a0:49:98:
73:de:d4:b6:34:74:fb:44:00:1e:72:f2:06:c7:9e:70:d0:97:
90:3e:f5:14:42:6f:8f:56:cb:36:4e:ba:ad:7b:f2:c7:50:62:
c4:26:37:f5:8d:38:76:90:59:df:70:23:04:d5:a5:85:e1:be:
ad:49:1b:a8:c3:68:ff:06:8a:39:39:e6:c5:2f:ac:4c:8e:8f:
48:26:6e:e7:ce:91:48:7a:08:70:f0:74:8f:52:39:12:09:c5:
ec:e4:34:72:e0:33:2c:88:b2:02:f6:aa:b0:0a:90:cc:73:c3:
13:e8:fe:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwpTsTxzL8r9itFt4ao7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZmI3YzMzMzZhY2Q0MTg5ZDNmYWM2MzlhMjgwZDliMDAy
MGYyOTgwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FkZDZkMDBmMTgyNzE2OGI3MThjYjRhOGMxNjIwYjc2ZTI2NDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXQYxnquwR9nky9Adu5kWdFBraxd
OC6jjq2DkSGp5OL22DBDP4NuHtj8n5IT1cRqIpRUJWp0qDw1t726A1sik8xr64U1
GR6mDytrowu/3kVoMwuhawtW13nae+Iqa4GNeallb4y64qRqJAJyFP4DFKlTxSFp
uqj85LOy8MvhrExyGCdlhUa07hy7FFu3r6/giohBkskVP2EMZG4E65AYUGt0Avdk
yYMPyFSLUog2WS6sM+2jlkRGAGbNtRVzQREWMM90dFNts3q6bUp6HwZRB8zIgXqK
dtiirqMF65MEANXYuOt61uLi+bOFlljtLUSdZkJgYVAZDC10RxgnQfDpJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByt1tAPGCcWi3GMtKjBYgt24mRqMB8GA1UdIwQY
MBaAFBT7fDM2rNQYnT+sY5ooDZsAIPKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0Njct
OTkzOWRmMWQwZDA5LzEvSEszVzBBOFlKeGFMY1l5MHFNRmlDM2JpWkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0NjctOTkzOWRmMWQwZDA5
LzEvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVp0MA0G
CSqGSIb3DQEBCwUAA4IBAQAjP/uU2w8b6bf5MiEEUptUcAc+8Xz3e2YTU3NIErFo
X6BRX6696jLDqi4RxG9WXfka2rXGrJz+mltAKfRk+IGF6PRZDmsGMSI68mpcAVRl
BltpyL2ydQMndV3qp7McEvUIAHUjbsXPt5IthQZgGRvolRMRuni9lJtY+GFpM7SI
ifbDzICa6NUXwSWsGw+gSZhz3tS2NHT7RAAecvIGx55w0JeQPvUUQm+PVss2Trqt
e/LHUGLEJjf1jTh2kFnfcCME1aWF4b6tSRuow2j/Boo5OebFL6xMjo9IJm7nzpFI
eghw8HSPUjkSCcXs5DRy4DMsiLIC9qqwCpDMc8MT6P7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:21 2024 by rpki-client on console-fra.rpki-client.org