Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/HSMZpQ1ORVrMjR0r3tbc5JVVvdI.roa
File: HSMZpQ1ORVrMjR0r3tbc5JVVvdI.roa (raw, json)
Hash identifier: 2oXZjGchLniSYyVhkEOu6HWvjJNrinf7wtCmxWn/JNY=
Subject key identifier: 1D:23:19:A5:0D:4E:45:5A:CC:8D:1D:2B:DE:D6:DC:E4:95:55:BD:D2
Certificate issuer: /CN=935c42857e302feb14017301e43c39fe45e7f629
Certificate serial: 018CC64B2CBCA8927C0CCF08E9C8EBD84B58
Authority key identifier: 93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/HSMZpQ1ORVrMjR0r3tbc5JVVvdI.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34766
IP address blocks: 185.214.24.0/22 maxlen: 22
2a0b:9440::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 23 Nov 2024 06:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2c:bc:a8:92:7c:0c:cf:08:e9:c8:eb:d8:4b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=935c42857e302feb14017301e43c39fe45e7f629
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2319a50d4e455acc8d1d2bded6dce49555bdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:55:f5:b5:e7:b4:e3:7e:63:e5:ae:14:6f:74:
75:07:23:9a:c0:59:63:0c:56:bc:47:bd:cc:fa:c7:
5c:32:4f:36:fd:33:4b:c7:e9:4e:66:70:66:dd:0f:
af:37:d5:91:d1:7e:3a:db:3d:01:f3:40:4a:ef:a1:
e8:ee:9b:6a:d7:85:37:7e:6c:d1:c3:96:3c:79:05:
0b:bb:8d:cb:c2:68:af:30:57:e6:3b:54:bb:83:e7:
af:74:cc:2f:f2:d1:6e:2f:8c:ca:73:8b:9c:8c:15:
fa:17:0a:c3:88:42:cd:2b:bd:f1:97:2c:c8:94:f7:
2f:81:e9:9a:e6:ce:67:85:90:94:99:21:e3:83:8d:
9c:0d:59:2f:75:8b:24:81:39:ef:a4:90:eb:a3:2a:
87:0a:6b:9d:2f:90:c0:ea:97:36:ff:ae:a9:a9:ed:
73:1b:3f:fd:a9:36:31:2e:57:3a:34:69:99:11:49:
04:3d:9d:18:27:c3:1b:d9:7f:89:46:0a:37:ba:e5:
6f:09:5d:fb:f7:44:bd:c6:b3:db:2b:00:0a:fd:fc:
50:2d:f3:94:c4:39:fa:53:18:99:c8:fa:f0:e8:d2:
4e:17:bb:71:3e:0c:ea:cd:b1:5d:4c:05:71:5d:70:
db:29:7d:7d:5e:f4:cd:79:c2:f3:c2:fd:c2:a7:c5:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:23:19:A5:0D:4E:45:5A:CC:8D:1D:2B:DE:D6:DC:E4:95:55:BD:D2
X509v3 Authority Key Identifier:
keyid:93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/HSMZpQ1ORVrMjR0r3tbc5JVVvdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.24.0/22
IPv6:
2a0b:9440::/29
Signature Algorithm: sha256WithRSAEncryption
0a:b3:5f:86:8b:da:76:4e:fa:d7:13:f6:5c:87:a8:93:fe:07:
7d:70:aa:33:1d:fc:9f:cc:9e:52:f0:12:02:dc:60:9c:c1:18:
18:b2:36:e2:b2:b2:bb:fc:bb:9d:23:92:fd:1f:c2:57:ec:ab:
3f:35:0a:f6:5f:64:d5:87:98:ac:18:48:6c:c8:b3:77:7e:0c:
b8:65:76:d7:25:57:a7:78:6f:c5:43:ca:5d:93:f0:d0:7e:84:
56:91:f2:55:3e:80:8e:13:6c:e7:90:6c:ce:13:bc:e9:ef:67:
73:d1:df:11:0f:89:cc:a7:ad:66:d5:3f:f4:7f:09:04:a8:fe:
4b:24:01:2a:2c:0b:60:88:bf:5b:74:99:2c:91:03:46:81:48:
8a:aa:ca:57:d2:dc:06:21:c0:ae:43:45:45:9a:d2:27:7e:eb:
6e:33:f9:f3:2a:10:b7:76:b7:6e:45:36:b9:5d:0b:5f:73:2c:
3c:42:62:7b:88:e6:87:d8:23:21:41:cf:4c:7d:7a:ae:87:60:
30:84:50:35:49:d7:00:bb:c4:32:03:b3:8c:a8:87:d9:01:00:
1e:21:e5:e3:23:d5:73:5a:d9:13:76:2a:a8:5e:99:a0:39:24:
6d:b1:42:fc:08:6e:5e:ec:f1:3b:44:b9:d5:c2:9e:fa:49:28:
16:e8:14:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSyy8qJJ8DM8I6cjr2EtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNWM0Mjg1N2UzMDJmZWIxNDAxNzMwMWU0M2MzOWZlNDVl
N2Y2MjkwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDIzMTlhNTBkNGU0NTVhY2M4ZDFkMmJkZWQ2ZGNlNDk1NTViZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVX1tee0435j5a4Ub3R1ByOawFlj
DFa8R73M+sdcMk82/TNLx+lOZnBm3Q+vN9WR0X462z0B80BK76Ho7ptq14U3fmzR
w5Y8eQULu43LwmivMFfmO1S7g+evdMwv8tFuL4zKc4ucjBX6FwrDiELNK73xlyzI
lPcvgema5s5nhZCUmSHjg42cDVkvdYskgTnvpJDroyqHCmudL5DA6pc2/66pqe1z
Gz/9qTYxLlc6NGmZEUkEPZ0YJ8Mb2X+JRgo3uuVvCV3790S9xrPbKwAK/fxQLfOU
xDn6UxiZyPrw6NJOF7txPgzqzbFdTAVxXXDbKX19XvTNecLzwv3Cp8WSawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0jGaUNTkVazI0dK97W3OSVVb3SMB8GA1UdIwQY
MBaAFJNcQoV+MC/rFAFzAeQ8Of5F5/YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQt
MWJmZDEwYTg4NDVhLzEvSFNNWnBRMU9SVnJNalIwcjN0YmM1SlZWdmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQtMWJmZDEwYTg4NDVh
LzEvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudYYMA0E
AgACMAcDBQMqC5RAMA0GCSqGSIb3DQEBCwUAA4IBAQAKs1+Gi9p2TvrXE/Zch6iT
/gd9cKozHfyfzJ5S8BIC3GCcwRgYsjbisrK7/LudI5L9H8JX7Ks/NQr2X2TVh5is
GEhsyLN3fgy4ZXbXJVeneG/FQ8pdk/DQfoRWkfJVPoCOE2znkGzOE7zp72dz0d8R
D4nMp61m1T/0fwkEqP5LJAEqLAtgiL9bdJkskQNGgUiKqspX0twGIcCuQ0VFmtIn
futuM/nzKhC3drduRTa5XQtfcyw8QmJ7iOaH2CMhQc9MfXquh2AwhFA1SdcAu8Qy
A7OMqIfZAQAeIeXjI9VzWtkTdiqoXpmgOSRtsUL8CG5e7PE7RLnVwp76SSgW6BSr
Generated at Sat Nov 23 07:51:14 2024 by rpki-client on console-ams.rpki-client.org