Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h2m5zf_syzQ7tK15lFCyj6mMcYQ.roa
File: h2m5zf_syzQ7tK15lFCyj6mMcYQ.roa (raw, json)
Hash identifier: H27J7tVIEPc5WvB3husCmmXXIzM+FtlMIfSfmTsqvYU=
Subject key identifier: 87:69:B9:CD:FF:EC:CB:34:3B:B4:AD:79:94:50:B2:8F:A9:8C:71:84
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0186BFE7BCFDD99C65E4AAC2E68DF31F94B3
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h2m5zf_syzQ7tK15lFCyj6mMcYQ.roa
Signing time: Wed 08 Mar 2023 06:28:00 +0000
ROA not before: Wed 08 Mar 2023 06:28:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213107
IP address blocks: 185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 08:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:e7:bc:fd:d9:9c:65:e4:aa:c2:e6:8d:f3:1f:94:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 8 06:28:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8769b9cdffeccb343bb4ad799450b28fa98c7184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:41:f3:b8:2d:52:04:97:6e:e2:59:2e:9d:
76:34:78:92:c5:22:4c:56:e8:75:c7:fd:3e:84:3f:
64:6b:d5:63:83:f8:49:6c:b4:3e:a0:2d:e0:6b:e4:
c6:ba:c2:1d:e3:12:17:18:ce:46:a7:a1:d5:0c:2e:
2b:26:60:8c:84:c3:b4:a4:de:4f:49:d0:b8:69:f3:
2a:92:aa:b9:ab:29:d5:04:6e:2a:3c:63:e9:31:2d:
cd:0f:5a:a8:53:b9:54:15:e2:13:1a:8a:22:ea:2f:
15:56:ea:c0:5b:9c:5e:06:56:35:fd:28:35:9d:e8:
aa:9a:ac:8f:94:e9:03:93:8b:c7:ab:cb:ce:08:0c:
15:ec:35:67:b4:8f:0b:8a:5b:38:c7:2a:a1:f6:86:
51:72:ee:92:c4:fd:32:87:83:89:2c:fb:20:3f:8f:
09:1c:7e:42:95:69:3e:74:c9:06:71:31:b5:f4:ae:
95:68:44:f6:31:7d:4a:64:d5:50:3a:ad:e3:3d:ab:
05:3c:43:43:be:cc:30:11:70:fd:fc:08:42:b4:8e:
3c:71:5a:ea:8f:1f:69:b2:58:d3:db:c6:b5:0c:53:
5b:03:5f:87:39:ff:12:be:69:09:5e:97:c8:73:a6:
b8:f5:d0:12:1c:77:0b:cc:72:cf:3d:f8:bb:2c:4b:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:69:B9:CD:FF:EC:CB:34:3B:B4:AD:79:94:50:B2:8F:A9:8C:71:84
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h2m5zf_syzQ7tK15lFCyj6mMcYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.14.0/24
185.88.174.0/23
Signature Algorithm: sha256WithRSAEncryption
10:42:c4:d6:48:65:d7:c9:5e:8c:36:4f:5c:a7:93:db:b0:35:
6d:83:a2:38:63:e4:dc:85:fe:9f:ad:a9:e6:a7:c4:05:4b:87:
52:45:80:b9:3a:42:73:f8:59:ea:b1:fd:4c:9a:e6:f3:d0:d3:
2b:84:f6:ae:e9:2c:53:f2:de:99:52:77:97:e2:b6:e1:0b:4e:
de:95:31:da:ec:0f:c0:1d:7a:e6:da:cb:0f:db:4b:df:52:7b:
4a:93:5a:41:c0:25:28:eb:ea:e5:a0:db:ca:e3:0b:f2:2e:71:
e9:92:68:be:93:b6:b0:fc:cd:be:dd:ff:fb:8b:68:a4:d4:07:
0b:6d:55:8f:f9:93:90:2f:20:b9:72:75:15:92:30:1f:e8:52:
af:e0:8f:76:32:c3:2d:ae:bd:e4:06:12:5d:80:19:c2:f2:01:
8c:24:dd:92:fc:79:62:fe:b4:b8:3d:12:b0:58:12:b8:6c:b4:
50:13:74:07:9c:75:c0:0a:3b:69:79:23:13:61:9c:ea:24:ff:
9e:4e:fc:98:43:c0:aa:9e:bc:34:05:34:7f:4a:6c:50:e9:a8:
0f:3b:3c:a4:6d:d9:19:43:5d:56:52:53:f4:b2:6d:2b:7b:c2:
e9:5b:46:2e:29:32:56:3d:35:20:9e:63:70:3a:f2:bc:4f:f3:
f9:15:2e:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa/57z92Zxl5KrC5o3zH5SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzA4MDYyODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY5YjljZGZmZWNjYjM0M2JiNGFkNzk5NDUwYjI4ZmE5OGM3MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXxB87gtUgSXbuJZLp12NHiSxSJM
Vuh1x/0+hD9ka9Vjg/hJbLQ+oC3ga+TGusId4xIXGM5Gp6HVDC4rJmCMhMO0pN5P
SdC4afMqkqq5qynVBG4qPGPpMS3ND1qoU7lUFeITGooi6i8VVurAW5xeBlY1/Sg1
neiqmqyPlOkDk4vHq8vOCAwV7DVntI8Lils4xyqh9oZRcu6SxP0yh4OJLPsgP48J
HH5ClWk+dMkGcTG19K6VaET2MX1KZNVQOq3jPasFPENDvswwEXD9/AhCtI48cVrq
jx9psljT28a1DFNbA1+HOf8SvmkJXpfIc6a49dASHHcLzHLPPfi7LEtnPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIdpuc3/7Ms0O7SteZRQso+pjHGEMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvaDJtNXpmX3N5elE3dEsxNWxGQ3lqNm1NY1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVYOAwQB
uViuMA0GCSqGSIb3DQEBCwUAA4IBAQAQQsTWSGXXyV6MNk9cp5PbsDVtg6I4Y+Tc
hf6franmp8QFS4dSRYC5OkJz+Fnqsf1Mmubz0NMrhPau6SxT8t6ZUneX4rbhC07e
lTHa7A/AHXrm2ssP20vfUntKk1pBwCUo6+rloNvK4wvyLnHpkmi+k7aw/M2+3f/7
i2ik1AcLbVWP+ZOQLyC5cnUVkjAf6FKv4I92MsMtrr3kBhJdgBnC8gGMJN2S/Hli
/rS4PRKwWBK4bLRQE3QHnHXACjtpeSMTYZzqJP+eTvyYQ8Cqnrw0BTR/SmxQ6agP
OzykbdkZQ11WUlP0sm0re8LpW0YuKTJWPTUgnmNwOvK8T/P5FS6f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org