Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/e88HZJtTCRmfhl_AuSR5iShMfcs.roa
File: e88HZJtTCRmfhl_AuSR5iShMfcs.roa (raw, json)
Hash identifier: bMpWDrF9yA4a4aFMVqyoOfO1T4W3g892XbwmvfqwNMA=
Subject key identifier: 7B:CF:07:64:9B:53:09:19:9F:86:5F:C0:B9:24:79:89:28:4C:7D:CB
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018570B062F3ED174488F59595EAF6FBFA3A
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/e88HZJtTCRmfhl_AuSR5iShMfcs.roa
Signing time: Mon 02 Jan 2023 04:14:45 +0000
ROA not before: Mon 02 Jan 2023 04:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198412
IP address blocks: 176.124.112.0/24 maxlen: 24
176.124.112.0/23 maxlen: 24
185.187.152.0/24 maxlen: 24
176.124.113.0/24 maxlen: 24
185.187.153.0/24 maxlen: 24
2a05:b0c0::/48 maxlen: 48
2a05:b0c4:1::/48 maxlen: 48
2a05:b0c1::/48 maxlen: 48
2a05:b0c4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:62:f3:ed:17:44:88:f5:95:95:ea:f6:fb:fa:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 04:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bcf07649b5309199f865fc0b9247989284c7dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:cd:30:b8:3b:ac:1e:92:b4:8a:50:31:4f:
93:5d:e7:9a:c9:f2:c0:ee:82:c5:ea:68:c8:8b:f2:
9e:7d:b2:64:79:bf:13:80:6b:f9:9a:52:fd:22:a9:
9f:76:71:9f:d3:3f:4c:5f:78:fb:a6:4a:dc:07:1e:
a5:d2:f5:da:82:66:cd:ac:69:2c:5d:49:a8:5d:d5:
6a:f8:9b:09:8f:19:9d:41:60:b4:d0:3c:bd:93:38:
21:ee:c1:9e:81:77:54:05:8d:50:6a:38:b3:bd:4e:
b0:8e:47:6c:bc:b5:ae:82:16:70:b4:6a:c1:bf:f2:
e9:15:19:28:ae:77:c6:cb:e6:37:41:82:b1:21:12:
12:07:fb:51:1a:d4:bb:e2:1d:5a:4e:48:97:ae:45:
aa:89:bf:56:c9:fa:1b:1b:0e:9a:c6:2a:84:0a:4b:
82:e1:7b:91:53:4c:76:3b:77:54:63:37:1c:4d:7a:
a1:cb:68:6f:58:f9:05:b2:3c:16:7e:c5:87:fc:f2:
24:67:3d:50:4e:a7:38:65:47:87:57:85:ee:75:29:
86:c6:cd:c5:04:35:c9:ed:94:ee:fb:ea:b2:43:e7:
db:51:e0:d9:58:b2:96:57:55:19:be:60:5d:0f:bd:
4c:78:9b:63:0c:ba:84:e7:d4:d1:35:08:43:3b:c4:
4d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CF:07:64:9B:53:09:19:9F:86:5F:C0:B9:24:79:89:28:4C:7D:CB
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/e88HZJtTCRmfhl_AuSR5iShMfcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.112.0/23
185.187.152.0/23
IPv6:
2a05:b0c0::/48
2a05:b0c1::/48
2a05:b0c4::/47
Signature Algorithm: sha256WithRSAEncryption
7c:5e:0b:bb:6c:79:20:7c:5a:22:d1:93:c4:08:c3:d8:82:5d:
4f:95:7f:fc:fc:ee:96:b1:b5:d1:f3:ff:da:06:8c:5c:0d:7b:
0f:ee:4a:cf:e8:c2:18:8e:d3:17:39:3a:95:52:e1:05:8a:0e:
f9:1b:fb:1b:a2:04:4a:a2:7c:c5:c8:f4:90:3a:33:a7:18:bf:
62:75:99:a8:95:e4:79:68:37:56:05:e0:fe:aa:e0:58:f1:df:
3c:9c:1b:28:f1:10:df:fa:80:ce:e6:e1:13:19:32:82:13:96:
ef:83:a6:27:52:6e:36:f9:7b:0f:fc:b7:80:3a:09:c7:5d:20:
f2:ff:45:fc:11:0b:90:ab:e1:3b:d4:dd:45:ff:7c:71:f6:c5:
90:f3:55:c0:27:b9:b7:fa:3c:2a:11:41:63:61:8d:23:67:33:
f4:49:97:82:6d:f8:da:b5:8d:44:66:38:b8:b8:c4:04:e1:aa:
ea:d2:73:ec:24:3a:b5:9d:ac:26:b8:2e:41:a6:d0:94:54:b7:
52:9c:c7:f2:76:3b:01:04:03:c5:1c:2c:45:8a:43:a5:67:73:
58:38:34:68:44:7f:09:d4:9d:af:fa:27:01:2a:9a:21:82:44:
3d:92:39:57:f0:66:ee:56:ea:de:ee:8c:c8:d6:ec:f9:32:75:
c2:c4:b9:74
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVwsGLz7RdEiPWVler2+/o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmNmMDc2NDliNTMwOTE5OWY4NjVmYzBiOTI0Nzk4OTI4NGM3ZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv7NMLg7rB6StIpQMU+TXeeayfLA
7oLF6mjIi/KefbJkeb8TgGv5mlL9IqmfdnGf0z9MX3j7pkrcBx6l0vXagmbNrGks
XUmoXdVq+JsJjxmdQWC00Dy9kzgh7sGegXdUBY1QajizvU6wjkdsvLWughZwtGrB
v/LpFRkornfGy+Y3QYKxIRISB/tRGtS74h1aTkiXrkWqib9WyfobGw6axiqECkuC
4XuRU0x2O3dUYzccTXqhy2hvWPkFsjwWfsWH/PIkZz1QTqc4ZUeHV4XudSmGxs3F
BDXJ7ZTu++qyQ+fbUeDZWLKWV1UZvmBdD71MeJtjDLqE59TRNQhDO8RNqwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHvPB2SbUwkZn4ZfwLkkeYkoTH3LMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvZTg4SFpKdFRDUm1maGxfQXVTUjVpU2hNZmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQBsHxwAwQB
ubuYMCEEAgACMBsDBwAqBbDAAAADBwAqBbDBAAADBwEqBbDEAAAwDQYJKoZIhvcN
AQELBQADggEBAHxeC7tseSB8WiLRk8QIw9iCXU+Vf/z87paxtdHz/9oGjFwNew/u
Ss/owhiO0xc5OpVS4QWKDvkb+xuiBEqifMXI9JA6M6cYv2J1maiV5HloN1YF4P6q
4Fjx3zycGyjxEN/6gM7m4RMZMoITlu+DpidSbjb5ew/8t4A6CcddIPL/RfwRC5Cr
4TvU3UX/fHH2xZDzVcAnubf6PCoRQWNhjSNnM/RJl4Jt+Nq1jURmOLi4xAThqurS
c+wkOrWdrCa4LkGm0JRUt1Kcx/J2OwEEA8UcLEWKQ6Vnc1g4NGhEfwnUna/6JwEq
miGCRD2SOVfwZu5W6t7ujMjW7PkydcLEuXQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:17 2024 by rpki-client on console-ams.rpki-client.org