Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hsn3qV7TiolT1pqRcu6qFqqc3fc.roa
File: Hsn3qV7TiolT1pqRcu6qFqqc3fc.roa (raw, json)
Hash identifier: w3yb2sDn8ifhBLqbpX5tvhJfvtbL71WdRwYSswVa+6c=
Subject key identifier: 1E:C9:F7:A9:5E:D3:8A:89:53:D6:9A:91:72:EE:AA:16:AA:9C:DD:F7
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186B6DA8AC97FADE7C788DA706A296184EF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hsn3qV7TiolT1pqRcu6qFqqc3fc.roa
Signing time: Mon 06 Mar 2023 12:17:00 +0000
ROA not before: Mon 06 Mar 2023 12:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 85.255.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 20:55:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:da:8a:c9:7f:ad:e7:c7:88:da:70:6a:29:61:84:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 6 12:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ec9f7a95ed38a8953d69a9172eeaa16aa9cddf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a9:37:d0:83:58:c3:13:bf:43:09:45:e3:bd:
27:62:e4:1f:27:0a:f3:2f:39:33:ba:b1:69:94:6c:
cf:ad:5b:cf:b9:50:c1:6e:fe:66:0b:28:e0:f2:15:
89:48:de:c9:c7:03:fe:c1:5b:67:46:a3:1d:61:41:
46:ea:6a:33:f8:5b:14:6e:a7:b4:6e:59:d6:9d:bd:
d3:0c:10:53:fd:9e:bd:52:c3:59:b3:fc:87:08:fb:
60:d6:84:26:b6:4d:97:e6:1e:ef:58:03:1e:32:82:
e0:dd:7b:43:7e:fa:b2:80:35:a7:27:79:bb:31:2c:
6b:3d:53:90:17:43:35:7e:ca:9f:f0:5a:5f:22:28:
d9:ef:c0:11:0d:c1:eb:12:7f:d2:df:e5:dc:e9:85:
93:56:e3:e3:38:b8:e7:7c:1d:98:bb:2c:11:ac:63:
08:df:64:02:6b:6e:6f:1c:c7:b4:77:14:8b:61:60:
85:65:8e:72:47:9e:4c:4c:14:04:a9:b5:d9:77:e2:
93:36:f1:3e:1a:90:f3:91:2a:f1:b7:6e:76:36:53:
84:e7:95:fb:8c:c6:0f:c6:f2:f6:e5:6c:39:bf:d2:
37:95:3e:8c:eb:c5:36:64:f9:72:24:39:81:67:42:
85:f5:7f:dd:fb:2d:a0:5a:a4:09:e8:db:db:4c:b5:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C9:F7:A9:5E:D3:8A:89:53:D6:9A:91:72:EE:AA:16:AA:9C:DD:F7
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Hsn3qV7TiolT1pqRcu6qFqqc3fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.180.0/22
Signature Algorithm: sha256WithRSAEncryption
48:60:85:33:b4:e6:c1:24:6c:21:58:84:0d:23:60:1a:b7:10:
ad:58:eb:08:06:73:46:88:57:07:b3:df:4d:d5:f5:0f:81:13:
56:9c:7e:08:04:3c:b6:a6:f5:ac:9e:38:83:44:c3:a3:60:ff:
2d:0b:c1:37:97:8e:bd:d6:39:af:42:93:9a:95:c9:5a:5d:66:
1e:ca:9b:d4:e0:57:d3:a7:07:2e:f7:16:90:65:f6:50:c9:64:
1d:13:ff:ae:c2:f0:ed:a4:bf:dd:06:59:aa:bb:4e:76:91:a3:
b3:f4:c8:a3:2d:38:7d:d1:30:51:9b:cd:52:4b:6c:3a:a9:09:
cd:bd:4a:27:d0:5a:6c:be:2a:c0:59:48:e0:92:b0:8e:6f:f4:
2a:83:9e:09:93:3a:a8:c4:a7:96:9d:4f:f0:36:4d:e8:e2:15:
74:64:8f:67:e3:8d:44:4d:21:60:c7:00:69:d5:ff:5f:6f:18:
1c:c8:da:07:ee:a2:b9:b0:a0:d5:fc:84:a8:91:bb:7e:e8:c5:
d6:77:14:88:e0:62:7d:8b:f1:27:9d:92:33:38:70:05:ea:1a:
fb:50:5f:d2:f9:7c:b8:43:7d:a3:01:36:74:7e:9a:60:49:6f:
e1:15:d0:ec:87:93:81:95:d4:49:d3:da:1e:8c:b0:59:c4:1f:
aa:8b:46:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa22orJf63nx4jacGopYYTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzA2MTIxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM5ZjdhOTVlZDM4YTg5NTNkNjlhOTE3MmVlYWExNmFhOWNkZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Kk30INYwxO/QwlF470nYuQfJwrz
LzkzurFplGzPrVvPuVDBbv5mCyjg8hWJSN7JxwP+wVtnRqMdYUFG6moz+FsUbqe0
blnWnb3TDBBT/Z69UsNZs/yHCPtg1oQmtk2X5h7vWAMeMoLg3XtDfvqygDWnJ3m7
MSxrPVOQF0M1fsqf8FpfIijZ78ARDcHrEn/S3+Xc6YWTVuPjOLjnfB2YuywRrGMI
32QCa25vHMe0dxSLYWCFZY5yR55MTBQEqbXZd+KTNvE+GpDzkSrxt252NlOE55X7
jMYPxvL25Ww5v9I3lT6M68U2ZPlyJDmBZ0KF9X/d+y2gWqQJ6NvbTLVn8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7J96le04qJU9aakXLuqhaqnN33MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSHNuM3FWN1Rpb2xUMXBxUmN1NnFGcXFjM2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVf+0MA0G
CSqGSIb3DQEBCwUAA4IBAQBIYIUztObBJGwhWIQNI2AatxCtWOsIBnNGiFcHs99N
1fUPgRNWnH4IBDy2pvWsnjiDRMOjYP8tC8E3l4691jmvQpOalclaXWYeypvU4FfT
pwcu9xaQZfZQyWQdE/+uwvDtpL/dBlmqu052kaOz9MijLTh90TBRm81SS2w6qQnN
vUon0FpsvirAWUjgkrCOb/Qqg54JkzqoxKeWnU/wNk3o4hV0ZI9n441ETSFgxwBp
1f9fbxgcyNoH7qK5sKDV/ISokbt+6MXWdxSI4GJ9i/EnnZIzOHAF6hr7UF/S+Xy4
Q32jATZ0fppgSW/hFdDsh5OBldRJ09oejLBZxB+qi0aP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:56 2024 by rpki-client on console-ams.rpki-client.org