Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/hqxUg1wFIkPNaqFALGadqkg61Rc.roa
File: hqxUg1wFIkPNaqFALGadqkg61Rc.roa (raw, json)
Hash identifier: YM8DPVGqBdsIZIjHmLosQ1OR4G63Pgaz+5w6204EcAs=
Subject key identifier: 86:AC:54:83:5C:05:22:43:CD:6A:A1:40:2C:66:9D:AA:48:3A:D5:17
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 01856E5417FFEA3AF37345AF0010013C4671
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/hqxUg1wFIkPNaqFALGadqkg61Rc.roa
Signing time: Sun 01 Jan 2023 17:14:42 +0000
ROA not before: Sun 01 Jan 2023 17:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 185.18.120.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:17:ff:ea:3a:f3:73:45:af:00:10:01:3c:46:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Jan 1 17:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86ac54835c052243cd6aa1402c669daa483ad517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:71:53:28:b6:c7:f1:ab:b5:c9:3c:10:68:
42:6f:c5:21:93:54:72:ce:6d:3a:c3:3c:3b:3e:30:
49:51:b1:f1:4c:16:53:92:08:c4:48:91:b1:e9:7d:
6f:de:da:f7:fe:6d:65:88:16:f2:a0:77:1e:08:aa:
07:cb:92:e6:9d:45:e0:f5:3b:11:fb:50:7d:b1:93:
19:11:fa:aa:2e:b7:8d:d9:54:4b:c0:8f:4f:85:f6:
c9:48:67:e2:07:13:a7:78:1f:4b:2f:fa:19:4a:14:
41:0c:7e:c2:f0:fb:6a:43:1c:30:41:3d:00:2a:e2:
e4:2e:67:ad:1e:e7:32:32:bf:cd:b5:6a:2c:f8:93:
d8:cd:43:26:e5:72:c2:ff:5c:30:e0:25:68:57:93:
c9:fc:f3:fa:a2:1d:c7:71:8f:00:35:1e:14:ae:d3:
76:fc:35:4e:14:49:fa:83:91:08:7c:17:45:5e:e7:
b7:08:0b:49:6e:d9:73:bc:1e:88:84:91:fb:16:84:
a9:39:35:a8:be:7b:91:5a:b5:be:d2:3b:2e:e6:60:
a2:f4:04:d9:62:67:57:43:30:0a:f3:83:a4:55:d8:
24:48:29:ef:67:e7:ac:31:1c:85:20:1a:5e:90:04:
63:d4:1d:76:d6:26:38:f9:96:8e:a4:72:01:18:f7:
2b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AC:54:83:5C:05:22:43:CD:6A:A1:40:2C:66:9D:AA:48:3A:D5:17
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/hqxUg1wFIkPNaqFALGadqkg61Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.120.0/23
Signature Algorithm: sha256WithRSAEncryption
41:ba:71:5e:e3:ec:bf:d8:e5:46:6d:d8:64:8f:a9:74:a8:7a:
fa:6c:e6:29:21:30:0b:2d:32:1d:98:27:5d:50:bb:53:3b:a7:
ae:9e:04:22:0e:5e:2b:d3:49:36:a6:9a:3f:a4:0d:54:cf:ae:
15:45:40:21:7c:5f:7a:e0:3b:04:ab:5e:75:2f:2d:4d:5b:28:
11:ba:fc:96:9e:64:30:a1:64:53:ee:45:af:f0:d5:f3:27:5f:
9b:ed:41:9f:7f:61:96:17:9d:4e:b2:30:80:5c:50:f2:1d:b0:
ef:23:fc:9c:85:bb:09:18:e5:e7:c1:74:88:ed:d9:04:5f:56:
16:a6:68:5d:62:d5:00:ab:1b:30:f5:60:35:1b:67:fe:e7:1a:
d1:9f:e4:7b:35:da:30:56:7b:44:cf:b5:30:f0:98:65:cd:61:
80:67:0f:3a:8a:82:3b:cb:b8:8f:99:82:c2:56:96:7d:22:cb:
f8:53:a1:19:db:ff:e6:a4:e2:86:b3:50:33:db:72:9a:72:0b:
27:98:6c:c6:63:2d:c0:f8:02:e3:e7:07:fd:26:e0:58:60:a5:
8f:b4:ee:2b:af:0b:a0:14:80:72:09:4f:86:44:1d:bc:e9:fa:
b7:69:e3:71:68:c9:22:f7:04:4e:f4:c2:68:34:c6:c1:f3:46:
bb:37:bc:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVBf/6jrzc0WvABABPEZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2MzOWQxODk5ZTY5OWJmNTE3NzQxOGVlMzgxNDg5ZWRm
ZjQzODAwHhcNMjMwMTAxMTcxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFjNTQ4MzVjMDUyMjQzY2Q2YWExNDAyYzY2OWRhYTQ4M2FkNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGdxUyi2x/Grtck8EGhCb8Uhk1Ry
zm06wzw7PjBJUbHxTBZTkgjESJGx6X1v3tr3/m1liBbyoHceCKoHy5LmnUXg9TsR
+1B9sZMZEfqqLreN2VRLwI9PhfbJSGfiBxOneB9LL/oZShRBDH7C8PtqQxwwQT0A
KuLkLmetHucyMr/NtWos+JPYzUMm5XLC/1ww4CVoV5PJ/PP6oh3HcY8ANR4UrtN2
/DVOFEn6g5EIfBdFXue3CAtJbtlzvB6IhJH7FoSpOTWovnuRWrW+0jsu5mCi9ATZ
YmdXQzAK84OkVdgkSCnvZ+esMRyFIBpekARj1B121iY4+ZaOpHIBGPcrKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIasVINcBSJDzWqhQCxmnapIOtUXMB8GA1UdIwQY
MBaAFHw8OdGJnmmb9Rd0GO44FInt/0OAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAt
MDYzZmNkZDNhMDU3LzEvaHF4VWcxd0ZJa1BOYXFGQUxHYWRxa2c2MVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAtMDYzZmNkZDNhMDU3
LzEvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQBBunFe4+y/2OVGbdhkj6l0qHr6bOYpITALLTIdmCdd
ULtTO6eungQiDl4r00k2ppo/pA1Uz64VRUAhfF964DsEq151Ly1NWygRuvyWnmQw
oWRT7kWv8NXzJ1+b7UGff2GWF51OsjCAXFDyHbDvI/ychbsJGOXnwXSI7dkEX1YW
pmhdYtUAqxsw9WA1G2f+5xrRn+R7NdowVntEz7Uw8JhlzWGAZw86ioI7y7iPmYLC
VpZ9Isv4U6EZ2//mpOKGs1Az23KacgsnmGzGYy3A+ALj5wf9JuBYYKWPtO4rrwug
FIByCU+GRB286fq3aeNxaMki9wRO9MJoNMbB80a7N7yH
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:18 2024 by rpki-client on console-fra.rpki-client.org