Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/H8uo1Q9ki5H3otoxYeOxAzfsj5A.roa
File: H8uo1Q9ki5H3otoxYeOxAzfsj5A.roa (raw, json)
Hash identifier: sjcGJhCylO3XKnpxxZEdxQUnet1hMAMqDJigMsB36GU=
Subject key identifier: 1F:CB:A8:D5:0F:64:8B:91:F7:A2:DA:31:61:E3:B1:03:37:EC:8F:90
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 018572C38A2453B647233F937821099E373D
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/H8uo1Q9ki5H3otoxYeOxAzfsj5A.roa
Signing time: Mon 02 Jan 2023 13:54:55 +0000
ROA not before: Mon 02 Jan 2023 13:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42675
IP address blocks: 217.64.148.0/23 maxlen: 23
185.157.162.0/24 maxlen: 24
217.64.150.0/24 maxlen: 24
185.157.160.0/23 maxlen: 23
2a07:a880:4603::/48 maxlen: 48
2a07:a880:3101::/48 maxlen: 48
2a07:a880:4601::/48 maxlen: 48
2a07:a880:4701::/48 maxlen: 48
2a07:a880:4604::/48 maxlen: 48
2a07:a880:4602::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8a:24:53:b6:47:23:3f:93:78:21:09:9e:37:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Jan 2 13:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fcba8d50f648b91f7a2da3161e3b10337ec8f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:17:55:6c:65:fe:a3:53:45:5a:6a:df:ed:44:
2c:18:67:7d:74:37:9f:c3:fc:1b:50:01:3e:b1:ce:
b7:2d:37:c9:b9:bb:e0:3a:a0:5d:52:a5:d8:c0:8c:
99:f6:de:5b:c7:87:6e:14:58:cb:24:c0:fc:d9:da:
10:9a:43:df:33:73:88:57:18:ab:07:a2:c0:a2:04:
e3:d3:ca:42:7c:ee:58:8d:bd:5f:64:7d:d6:5a:b5:
bc:96:ca:ef:2e:ae:d5:67:3d:32:d9:ff:e6:d4:58:
8f:97:a9:3c:54:2e:f1:cc:54:d2:72:83:6c:1c:2a:
01:56:2b:44:fc:87:7a:2d:bd:a9:c6:b1:3e:cd:0d:
d5:bb:ee:f6:9f:ae:86:5b:36:ce:78:1d:e4:73:ef:
1b:1e:31:75:55:07:38:31:6b:f5:60:cc:89:0f:75:
31:b4:8f:8d:1c:50:34:56:29:21:a9:77:d3:30:1e:
3f:95:9f:ae:20:26:7b:84:c2:48:d0:10:b5:d4:d9:
74:1a:df:86:63:3a:4f:fc:a9:52:28:dd:53:b2:51:
ee:c5:17:89:a6:e9:a9:77:7c:45:1a:05:db:19:e5:
57:c1:e2:96:64:eb:61:05:d7:c3:e4:c3:5e:cf:d4:
d0:3c:ff:25:09:c9:a6:96:d2:48:9e:d4:65:b6:3a:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CB:A8:D5:0F:64:8B:91:F7:A2:DA:31:61:E3:B1:03:37:EC:8F:90
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/H8uo1Q9ki5H3otoxYeOxAzfsj5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.160.0-185.157.162.255
217.64.148.0-217.64.150.255
IPv6:
2a07:a880:3101::/48
2a07:a880:4601::-2a07:a880:4604:ffff:ffff:ffff:ffff:ffff
2a07:a880:4701::/48
Signature Algorithm: sha256WithRSAEncryption
33:53:ea:79:1e:72:a6:8c:2f:50:13:23:0f:c5:00:bf:21:ff:
b0:94:52:b2:48:18:19:56:04:b3:18:b7:80:9b:3f:1a:43:3e:
48:0d:36:01:ff:d7:04:34:f2:7a:17:ed:fe:9d:f0:09:a8:1f:
64:39:a8:b3:c4:8e:f9:81:5c:5a:82:1c:d7:97:19:c7:cd:a0:
f2:2b:67:bd:c1:a9:c6:05:ca:b5:e5:d7:50:83:25:0f:a0:21:
32:74:e2:5b:36:7c:55:c4:a3:1a:2b:29:01:eb:b8:54:91:72:
d6:19:92:bc:62:04:a1:4d:1a:ae:ad:df:47:38:f2:04:0c:1e:
4a:00:aa:a0:b2:a3:b8:d6:96:df:12:36:af:48:13:b2:fd:d0:
2c:89:6c:c0:15:1e:d7:92:dd:42:4d:eb:87:7f:28:82:a4:28:
53:40:6e:29:86:f5:5c:8a:fd:d0:e5:d3:31:41:72:15:c7:63:
e9:53:c8:f5:f0:be:7e:a1:ae:62:3a:38:58:16:39:ae:48:8a:
4d:40:8e:ae:f2:bf:02:91:24:c6:cb:86:b2:60:40:3e:78:7c:
92:dc:43:f2:72:d8:e9:87:4f:ac:aa:04:6d:2f:d6:1d:3a:c5:
b4:bd:96:7c:99:25:3e:1b:d3:14:a6:f6:d7:36:47:de:5c:94:
2f:43:87:8d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVyw4okU7ZHIz+TeCEJnjc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjMwMTAyMTM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNiYThkNTBmNjQ4YjkxZjdhMmRhMzE2MWUzYjEwMzM3ZWM4ZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRdVbGX+o1NFWmrf7UQsGGd9dDef
w/wbUAE+sc63LTfJubvgOqBdUqXYwIyZ9t5bx4duFFjLJMD82doQmkPfM3OIVxir
B6LAogTj08pCfO5Yjb1fZH3WWrW8lsrvLq7VZz0y2f/m1FiPl6k8VC7xzFTScoNs
HCoBVitE/Id6Lb2pxrE+zQ3Vu+72n66GWzbOeB3kc+8bHjF1VQc4MWv1YMyJD3Ux
tI+NHFA0VikhqXfTMB4/lZ+uICZ7hMJI0BC11Nl0Gt+GYzpP/KlSKN1TslHuxReJ
pumpd3xFGgXbGeVXweKWZOthBdfD5MNez9TQPP8lCcmmltJIntRltjpaVwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFB/LqNUPZIuR96LaMWHjsQM37I+QMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvSDh1bzFROWtpNUgzb3RveFllT3hBemZzajVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAiBAIAATAcMAwDBAW5naAD
BAC5naIwDAMEAtlAlAMEANlAljAsBAIAAjAmAwcAKgeogDEBMBIDBwAqB6iARgED
BwAqB6iARgQDBwAqB6iARwEwDQYJKoZIhvcNAQELBQADggEBADNT6nkecqaML1AT
Iw/FAL8h/7CUUrJIGBlWBLMYt4CbPxpDPkgNNgH/1wQ08noX7f6d8AmoH2Q5qLPE
jvmBXFqCHNeXGcfNoPIrZ73BqcYFyrXl11CDJQ+gITJ04ls2fFXEoxorKQHruFSR
ctYZkrxiBKFNGq6t30c48gQMHkoAqqCyo7jWlt8SNq9IE7L90CyJbMAVHteS3UJN
64d/KIKkKFNAbimG9VyK/dDl0zFBchXHY+lTyPXwvn6hrmI6OFgWOa5Iik1Ajq7y
vwKRJMbLhrJgQD54fJLcQ/Jy2OmHT6yqBG0v1h06xbS9lnyZJT4b0xSm9tc2R95c
lC9Dh40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org