Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/fH2TDaoNSXKubpLF7-RohqSeO-Q.roa
File: fH2TDaoNSXKubpLF7-RohqSeO-Q.roa (raw, json)
Hash identifier: vnsxcj+9NkQ7Etk2hKLsMHnyjD23sJTolxEAFW55srs=
Subject key identifier: 7C:7D:93:0D:AA:0D:49:72:AE:6E:92:C5:EF:E4:68:86:A4:9E:3B:E4
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 01861C46D442B570C1AC0D741A8ECFB657BB
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/fH2TDaoNSXKubpLF7-RohqSeO-Q.roa
Signing time: Sat 04 Feb 2023 11:54:09 +0000
ROA not before: Sat 04 Feb 2023 11:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.128.0/23 maxlen: 23
185.173.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 19:14:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1c:46:d4:42:b5:70:c1:ac:0d:74:1a:8e:cf:b6:57:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 4 11:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c7d930daa0d4972ae6e92c5efe46886a49e3be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:67:e6:e9:07:cb:f5:4d:94:55:09:6d:b9:
57:aa:b4:7e:1a:38:2d:a2:62:f9:ce:06:d8:81:62:
66:2f:60:5f:e1:69:ac:06:9f:e7:5e:fe:04:dc:2c:
c6:84:26:71:ae:6e:9b:9f:9f:be:4c:e0:c9:e0:8b:
17:8c:64:5d:b8:93:cb:e4:33:53:f9:2b:52:d6:21:
d0:aa:96:a3:4d:ce:fd:62:0d:72:41:88:25:a1:22:
91:f5:05:e7:9d:24:29:fd:b0:9e:4b:8c:06:d7:65:
bc:31:24:ec:d5:e4:c6:8b:bf:07:b6:68:b8:64:fa:
ba:64:d0:78:31:74:ac:97:31:94:d9:4e:27:49:aa:
90:13:0f:e7:08:2c:cf:2c:03:ab:e7:90:a4:bf:f5:
83:33:b5:c4:b7:0a:b1:7d:aa:ea:7f:2a:e3:5c:29:
bd:21:1f:a7:87:49:0e:7d:69:85:26:3a:5e:ab:a0:
4f:ad:e3:1d:7b:72:a2:51:7a:c7:ba:a6:e4:d4:17:
ac:65:28:89:aa:ca:eb:fb:55:7d:cb:54:76:4f:a8:
5e:c1:f1:28:f3:7a:0b:e1:25:00:ec:82:ec:16:27:
23:92:7c:53:39:15:f1:a2:2b:9c:94:2c:84:bc:79:
0a:fb:73:f0:86:98:3a:09:a5:e9:8c:69:01:e1:dc:
de:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7D:93:0D:AA:0D:49:72:AE:6E:92:C5:EF:E4:68:86:A4:9E:3B:E4
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/fH2TDaoNSXKubpLF7-RohqSeO-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/23
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
23:55:fb:79:05:d7:59:88:bb:eb:9a:c1:35:f3:48:8d:71:0e:
00:eb:9f:58:6c:9a:72:be:dc:05:2b:1d:07:3a:96:8e:63:0a:
58:fc:67:b8:73:a8:12:da:81:4c:d3:fc:cb:2b:6f:0d:37:17:
78:17:e5:70:7c:47:71:5c:2e:fa:2d:36:dc:32:64:f0:39:c0:
51:b1:12:11:d8:5d:d9:be:e2:c0:8a:ff:4a:ee:d8:fc:2c:ae:
40:9c:20:b8:6b:16:60:0c:36:cd:a4:8c:76:0d:e3:54:37:79:
e4:3c:40:ce:5d:34:66:75:6c:cf:df:d6:d3:ee:0c:a4:48:df:
6a:c2:d7:41:41:e6:31:57:58:30:e5:69:41:4b:f6:2a:0a:e9:
54:6a:43:bf:a5:d9:ba:bb:96:de:c6:ac:27:49:8c:67:36:6e:
45:da:c7:02:24:61:56:02:64:fa:8b:7e:0c:8f:62:85:e9:d7:
ea:ed:d6:49:d1:5e:29:38:fe:4d:b5:a8:b6:25:2a:d7:4c:cc:
49:60:bf:e9:d4:4f:47:39:27:0e:08:7d:e6:fb:03:7b:a5:21:
8c:2f:bb:17:84:b0:7c:15:7a:0c:8c:c1:5c:4f:1f:8c:e1:10:
b8:80:16:6b:70:48:a9:a4:79:17:1a:c2:d6:df:31:2a:a9:86:
c3:a7:61:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYcRtRCtXDBrA10Go7Ptle7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA0MTE1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdkOTMwZGFhMGQ0OTcyYWU2ZTkyYzVlZmU0Njg4NmE0OWUzYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dxn5ukHy/VNlFUJbblXqrR+Gjgt
omL5zgbYgWJmL2Bf4WmsBp/nXv4E3CzGhCZxrm6bn5++TODJ4IsXjGRduJPL5DNT
+StS1iHQqpajTc79Yg1yQYgloSKR9QXnnSQp/bCeS4wG12W8MSTs1eTGi78Htmi4
ZPq6ZNB4MXSslzGU2U4nSaqQEw/nCCzPLAOr55Ckv/WDM7XEtwqxfarqfyrjXCm9
IR+nh0kOfWmFJjpeq6BPreMde3KiUXrHuqbk1BesZSiJqsrr+1V9y1R2T6hewfEo
83oL4SUA7ILsFicjknxTORXxoiuclCyEvHkK+3Pwhpg6CaXpjGkB4dzeuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHx9kw2qDUlyrm6Sxe/kaIaknjvkMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvZkgyVERhb05TWEt1YnBMRjctUm9ocVNlTy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQAjVft5BddZiLvrmsE180iNcQ4A
659YbJpyvtwFKx0HOpaOYwpY/Ge4c6gS2oFM0/zLK28NNxd4F+VwfEdxXC76LTbc
MmTwOcBRsRIR2F3ZvuLAiv9K7tj8LK5AnCC4axZgDDbNpIx2DeNUN3nkPEDOXTRm
dWzP39bT7gykSN9qwtdBQeYxV1gw5WlBS/YqCulUakO/pdm6u5bexqwnSYxnNm5F
2scCJGFWAmT6i34Mj2KF6dfq7dZJ0V4pOP5Ntai2JSrXTMxJYL/p1E9HOScOCH3m
+wN7pSGML7sXhLB8FXoMjMFcTx+M4RC4gBZrcEippHkXGsLW3zEqqYbDp2Gk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:18 2024 by rpki-client on console-ams.rpki-client.org