Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/hhZFtoZvu6KA3kTEjlrsVmDyWS0.roa
File: hhZFtoZvu6KA3kTEjlrsVmDyWS0.roa (raw, json)
Hash identifier: /UJyQQgUhUViI8n7JpriPOyPrNUf3UunJ64AMeCe/lw=
Subject key identifier: 86:16:45:B6:86:6F:BB:A2:80:DE:44:C4:8E:5A:EC:56:60:F2:59:2D
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 018CC4251850CE92F90B2B9D44597ECD4A59
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/hhZFtoZvu6KA3kTEjlrsVmDyWS0.roa
Signing time: Mon 01 Jan 2024 08:30:14 +0000
ROA not before: Mon 01 Jan 2024 08:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:18:50:ce:92:f9:0b:2b:9d:44:59:7e:cd:4a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Jan 1 08:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=861645b6866fbba280de44c48e5aec5660f2592d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:03:4a:01:a8:92:41:d4:6f:03:3b:f7:8d:fd:
17:4d:db:71:20:4c:00:c7:c0:5e:34:cf:bd:e7:73:
ea:0f:3a:33:7b:12:8d:bf:7e:7d:de:5b:58:62:ec:
f9:73:89:9f:6e:17:68:e3:f3:53:b4:6c:1a:33:6a:
e7:85:cf:72:16:22:a7:02:c7:f7:82:fe:fc:cd:14:
10:b9:c5:4d:bf:bc:82:48:31:e0:61:a1:f9:5f:78:
ec:16:0c:b9:6b:bd:34:ba:19:59:d3:23:ad:30:75:
ac:b4:86:35:85:da:2a:e0:4e:c6:26:05:f9:77:a7:
ab:93:ea:ee:86:98:2d:0c:99:33:86:b5:c4:c5:22:
92:0e:09:fd:6f:70:3d:8e:bb:53:b1:a0:cc:19:25:
01:c3:ba:58:77:9f:eb:46:9a:af:8f:e8:d2:f4:1a:
21:9a:79:ee:f0:c5:7f:57:f8:4e:53:59:92:da:36:
0a:bd:cf:b0:c8:a6:79:fd:f4:0e:b6:ef:a8:1f:6c:
9b:76:38:51:57:cd:0f:8c:10:da:dc:39:9b:51:66:
b0:dd:e2:d9:9e:0b:80:93:3e:53:95:2b:e8:4d:f6:
97:57:4d:75:5a:06:11:e7:33:7f:19:37:53:e4:9d:
d7:fd:ae:34:b6:c6:b6:ea:a7:fb:59:7f:89:00:35:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:16:45:B6:86:6F:BB:A2:80:DE:44:C4:8E:5A:EC:56:60:F2:59:2D
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/hhZFtoZvu6KA3kTEjlrsVmDyWS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:4b:8c:fc:50:30:36:42:32:7e:db:e8:5a:ae:02:53:3a:34:
0c:bc:fb:fd:24:b1:31:36:8d:7f:a2:05:9f:84:f0:4e:2d:fb:
09:9e:61:b9:8e:c2:da:c3:52:37:5e:da:70:3a:9f:37:95:bb:
24:72:8b:7c:2e:7a:e1:34:c4:ae:85:2c:c0:24:5b:df:48:b8:
cf:a7:4e:07:50:24:d7:14:e0:63:37:b5:8e:1d:e1:94:76:a8:
4d:e2:14:26:b3:87:bf:0a:cb:fc:4f:98:ac:c6:35:5d:6b:72:
f0:66:ef:1f:d2:a8:3a:96:1a:49:c5:e6:75:5a:e5:2b:66:4f:
21:7d:25:c2:8a:91:23:0f:f8:0e:33:4f:4e:46:69:d1:dc:d6:
6c:3f:08:af:45:df:fb:cc:fd:48:bc:b5:6f:13:c4:34:10:1b:
02:06:72:b2:48:8a:8c:ba:ab:21:24:b2:c5:08:67:c7:78:28:
d0:ca:6d:62:0a:f8:51:6f:88:d3:26:1f:3e:5f:7a:81:ce:36:
40:9b:3f:e0:8e:60:f5:25:5e:0b:df:09:e7:44:4f:19:bb:77:
60:ab:65:61:fc:39:ba:81:6e:c1:98:11:2a:ae:4b:e6:c1:b9:
40:5f:7c:3b:3a:5a:a8:dd:1b:d2:5b:4a:63:6a:0e:a9:59:04:
1e:72:37:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJRhQzpL5CyudRFl+zUpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjQwMTAxMDgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE2NDViNjg2NmZiYmEyODBkZTQ0YzQ4ZTVhZWM1NjYwZjI1OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogNKAaiSQdRvAzv3jf0XTdtxIEwA
x8BeNM+953PqDzozexKNv3593ltYYuz5c4mfbhdo4/NTtGwaM2rnhc9yFiKnAsf3
gv78zRQQucVNv7yCSDHgYaH5X3jsFgy5a700uhlZ0yOtMHWstIY1hdoq4E7GJgX5
d6erk+ruhpgtDJkzhrXExSKSDgn9b3A9jrtTsaDMGSUBw7pYd5/rRpqvj+jS9Boh
mnnu8MV/V/hOU1mS2jYKvc+wyKZ5/fQOtu+oH2ybdjhRV80PjBDa3DmbUWaw3eLZ
nguAkz5TlSvoTfaXV011WgYR5zN/GTdT5J3X/a40tsa26qf7WX+JADWF0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYWRbaGb7uigN5ExI5a7FZg8lktMB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvaGhaRnRvWnZ1NktBM2tURWpscnNWbUR5V1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKS4z8UDA2QjJ+2+hargJTOjQMvPv9JLExNo1/ogWf
hPBOLfsJnmG5jsLaw1I3XtpwOp83lbskcot8LnrhNMSuhSzAJFvfSLjPp04HUCTX
FOBjN7WOHeGUdqhN4hQms4e/Csv8T5isxjVda3LwZu8f0qg6lhpJxeZ1WuUrZk8h
fSXCipEjD/gOM09ORmnR3NZsPwivRd/7zP1IvLVvE8Q0EBsCBnKySIqMuqshJLLF
CGfHeCjQym1iCvhRb4jTJh8+X3qBzjZAmz/gjmD1JV4L3wnnRE8Zu3dgq2Vh/Dm6
gW7BmBEqrkvmwblAX3w7Olqo3RvSW0pjag6pWQQecjfa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:46 2024 by rpki-client on console-fra.rpki-client.org