Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Hf9FL93SN_UwtVFYkz-L8MRgEsQ.roa
File: Hf9FL93SN_UwtVFYkz-L8MRgEsQ.roa (raw, json)
Hash identifier: sg7CTdPIvfedt+212PZvHu4bbizJtF5uiuLz/Bil4pI=
Subject key identifier: 1D:FF:45:2F:DD:D2:37:F5:30:B5:51:58:93:3F:8B:F0:C4:60:12:C4
Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial: 01856CF83F8B7CE023897D7699BFA851A31A
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Hf9FL93SN_UwtVFYkz-L8MRgEsQ.roa
Signing time: Sun 01 Jan 2023 10:54:46 +0000
ROA not before: Sun 01 Jan 2023 10:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209505
IP address blocks: 185.250.10.0/23 maxlen: 23
185.250.9.0/24 maxlen: 24
2a0b:9401::/32 maxlen: 32
2a0b:9400:1000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:3f:8b:7c:e0:23:89:7d:76:99:bf:a8:51:a3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
Validity
Not Before: Jan 1 10:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dff452fddd237f530b55158933f8bf0c46012c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:00:cc:0a:42:48:dd:2a:83:e4:49:ec:cc:d8:
57:1a:76:67:c6:85:56:cb:02:b3:95:e8:0f:1d:de:
27:44:56:e2:ae:87:4f:06:5e:96:58:85:84:8d:62:
e5:ce:2c:86:9c:da:b0:59:3a:f7:4f:57:e4:17:b0:
4a:a2:53:be:a8:82:61:b9:dc:37:0d:0f:5e:15:8c:
e9:67:13:5b:0a:5f:48:6e:da:fa:06:e3:4c:6c:ef:
e9:c3:23:b2:ef:9b:9d:cc:17:3c:15:07:3f:ea:09:
23:d5:bd:f5:ca:b3:72:3b:3b:c2:ea:67:69:b8:9e:
6d:09:ab:31:2d:aa:a5:cc:df:65:39:96:ee:8b:89:
e1:67:ee:d7:56:19:eb:1e:6f:ff:4c:de:e4:ec:31:
7b:d8:52:b6:15:38:7f:39:c2:3f:39:66:5e:11:c3:
4f:64:1d:31:d1:8a:99:10:c0:bf:0b:98:bc:b6:23:
bd:a3:ac:f4:1b:4e:b7:19:39:9e:52:bc:83:49:fc:
0c:3d:0b:45:99:6c:11:84:69:7e:35:7f:75:fc:99:
81:e8:09:ee:cd:51:cb:a8:52:a2:ce:8c:23:56:7b:
e6:c8:a3:db:b6:08:c1:fe:35:cb:b9:70:84:a2:fb:
1d:df:3c:0a:22:f0:4d:62:77:ae:e7:2c:d1:17:a7:
99:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FF:45:2F:DD:D2:37:F5:30:B5:51:58:93:3F:8B:F0:C4:60:12:C4
X509v3 Authority Key Identifier:
keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Hf9FL93SN_UwtVFYkz-L8MRgEsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.9.0-185.250.11.255
IPv6:
2a0b:9400:1000::/48
2a0b:9401::/32
Signature Algorithm: sha256WithRSAEncryption
46:1b:5c:e5:4b:c1:8e:4d:52:40:db:24:21:89:0e:a7:8f:94:
80:c3:79:be:0c:cc:31:55:4d:d0:5f:e0:90:4b:59:9c:3d:2b:
06:12:14:39:4d:a4:0b:1f:18:40:66:3e:ce:8a:74:9d:c8:90:
c9:fb:c9:bb:c7:aa:82:0b:4c:c1:a4:6f:ef:58:f4:67:79:84:
5a:bf:bf:0c:b8:47:ba:da:94:3e:2b:a1:b8:47:62:99:2a:9e:
8d:52:1a:51:b1:aa:38:36:50:0f:99:95:f8:70:54:fd:75:45:
8c:ec:7f:67:84:59:69:6f:c5:e3:25:46:fb:d4:60:9e:63:be:
1b:c6:8b:74:7a:c9:28:94:b3:94:0a:19:bb:b7:d1:3f:be:06:
8a:55:4f:e0:e6:d5:66:cd:8b:8e:04:ce:1c:f6:cb:0b:72:88:
44:d9:eb:0c:b3:60:10:e0:4d:c4:11:03:ff:6b:ab:20:17:84:
97:4c:0d:78:f9:85:b6:63:76:f9:ed:9c:d2:4e:b9:3f:ab:fb:
1a:1d:bd:34:6a:59:6f:5c:11:03:c4:7b:78:be:d5:03:f9:2d:
bd:08:15:42:2e:e4:67:3a:88:76:22:0f:f9:17:c7:45:56:de:
bf:82:63:c5:e0:96:a8:6c:67:26:f5:14:70:e6:25:69:b0:87:
51:e2:31:c9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVs+D+LfOAjiX12mb+oUaMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi
MGNlMzkwHhcNMjMwMTAxMTA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZmNDUyZmRkZDIzN2Y1MzBiNTUxNTg5MzNmOGJmMGM0NjAxMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQDMCkJI3SqD5EnszNhXGnZnxoVW
ywKzlegPHd4nRFbirodPBl6WWIWEjWLlziyGnNqwWTr3T1fkF7BKolO+qIJhudw3
DQ9eFYzpZxNbCl9Ibtr6BuNMbO/pwyOy75udzBc8FQc/6gkj1b31yrNyOzvC6mdp
uJ5tCasxLaqlzN9lOZbui4nhZ+7XVhnrHm//TN7k7DF72FK2FTh/OcI/OWZeEcNP
ZB0x0YqZEMC/C5i8tiO9o6z0G063GTmeUryDSfwMPQtFmWwRhGl+NX91/JmB6Anu
zVHLqFKizowjVnvmyKPbtgjB/jXLuXCEovsd3zwKIvBNYneu5yzRF6eZ0wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB3/RS/d0jf1MLVRWJM/i/DEYBLEMB8GA1UdIwQY
MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt
NTFkNzU1NjhhOWUzLzEvSGY5Rkw5M1NOX1V3dFZGWWt6LUw4TVJnRXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz
LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAC5+gkD
BAK5+ggwFgQCAAIwEAMHACoLlAAQAAMFACoLlAEwDQYJKoZIhvcNAQELBQADggEB
AEYbXOVLwY5NUkDbJCGJDqePlIDDeb4MzDFVTdBf4JBLWZw9KwYSFDlNpAsfGEBm
Ps6KdJ3IkMn7ybvHqoILTMGkb+9Y9Gd5hFq/vwy4R7ralD4robhHYpkqno1SGlGx
qjg2UA+ZlfhwVP11RYzsf2eEWWlvxeMlRvvUYJ5jvhvGi3R6ySiUs5QKGbu30T++
BopVT+Dm1WbNi44Ezhz2ywtyiETZ6wyzYBDgTcQRA/9rqyAXhJdMDXj5hbZjdvnt
nNJOuT+r+xodvTRqWW9cEQPEe3i+1QP5Lb0IFUIu5Gc6iHYiD/kXx0VW3r+CY8Xg
lqhsZyb1FHDmJWmwh1HiMck=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:20 2024 by rpki-client on console-fra.rpki-client.org