Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/HtwA2g_MX0SDSmvqv260Ty4SvK8.roa
File: HtwA2g_MX0SDSmvqv260Ty4SvK8.roa (raw, json)
Hash identifier: nvEgXzY9hGLDceLPu2NhISweeUlp7GM66NQNeEoL/Lc=
Subject key identifier: 1E:DC:00:DA:0F:CC:5F:44:83:4A:6B:EA:BF:6E:B4:4F:2E:12:BC:AF
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018572C38B9E47E5C5E49C91235361CFD46C
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/HtwA2g_MX0SDSmvqv260Ty4SvK8.roa
Signing time: Mon 02 Jan 2023 13:54:55 +0000
ROA not before: Mon 02 Jan 2023 13:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210021
IP address blocks: 185.206.172.0/24 maxlen: 24
185.206.174.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
185.206.175.0/24 maxlen: 24
2a05:27c0:1::/48 maxlen: 48
2a05:27c0:4::/48 maxlen: 64
2a05:27c0:2::/48 maxlen: 64
2a05:27c0::/48 maxlen: 48
2a05:27c0:3::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 08 Feb 2023 19:43:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8b:9e:47:e5:c5:e4:9c:91:23:53:61:cf:d4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 2 13:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1edc00da0fcc5f44834a6beabf6eb44f2e12bcaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fe:bc:0d:c5:12:93:6c:7a:c3:a8:60:57:0a:
e6:96:02:df:79:75:96:76:dd:ca:7d:c9:10:6e:b1:
79:b5:73:ec:d4:24:61:02:e3:13:25:b2:73:47:a1:
0a:24:76:31:63:36:6d:38:70:e3:5c:a3:73:a6:8c:
53:3c:e4:44:b9:d8:d0:e6:ca:18:e6:ff:59:86:6b:
dd:b5:9c:aa:ad:5a:9f:ea:2a:67:cc:a6:e9:b8:bd:
58:ed:c6:0c:c6:be:29:0c:e2:98:94:2a:8b:15:e7:
6b:94:c1:6b:14:d0:d0:93:2a:6d:9e:d6:8b:33:26:
8d:38:69:8d:09:32:6f:2e:bf:e2:02:d9:a9:ab:9a:
0f:9e:92:31:8e:00:4c:9a:ca:16:21:3e:3f:a4:a1:
4f:d1:db:ce:f5:3a:3a:01:72:1a:1a:48:db:26:59:
ce:f9:56:74:64:86:00:b4:b7:6c:51:e3:6b:96:65:
70:b5:7c:e9:1a:84:10:6b:19:57:16:a1:a4:41:52:
5f:d3:f5:ea:52:cf:0b:4e:48:5d:b5:ba:01:58:15:
7e:20:90:78:8d:f8:a9:ec:52:72:7f:51:03:72:3d:
67:dc:0e:50:f6:a1:96:4a:85:ed:9f:d4:61:65:f7:
7a:20:10:51:50:e4:ad:72:0c:31:dc:0f:f6:78:eb:
d9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DC:00:DA:0F:CC:5F:44:83:4A:6B:EA:BF:6E:B4:4F:2E:12:BC:AF
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/HtwA2g_MX0SDSmvqv260Ty4SvK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ce:bb:99:e6:fa:c9:a1:2b:d8:30:f6:e2:c0:79:41:c4:87:80:
50:e0:db:d3:1d:1d:ed:03:07:0f:bf:9b:7c:a7:1b:71:9a:19:
ea:0b:14:df:37:cd:e0:d4:ba:3d:01:f5:45:6c:44:77:08:18:
23:6b:91:3a:b0:9b:24:29:d5:1d:34:1d:9c:7a:f7:76:2f:0d:
51:c6:76:cf:21:c2:2d:89:31:e6:da:6a:0c:19:8d:11:0d:b7:
96:99:22:ab:fe:62:95:2b:26:92:be:dd:c5:f5:3f:f7:df:06:
20:f9:c2:a5:14:d1:3e:da:07:f5:8b:d9:57:f3:39:f1:83:04:
c7:22:90:c6:a7:38:70:ad:93:74:a1:a1:85:84:43:1b:42:b4:
f6:84:f7:9f:a8:ad:3c:59:b7:bc:97:4b:2b:5b:49:e8:6c:e9:
7b:63:cf:2e:58:c1:90:89:b5:f3:a7:ea:ea:cb:78:92:75:d5:
cd:06:74:2e:12:94:c4:7e:59:bd:32:04:41:6c:32:2b:40:a6:
30:28:49:b8:c0:68:21:b7:d5:17:3e:d7:15:e4:20:34:e0:7d:
9e:27:92:e6:2e:e0:b0:f8:53:c3:4d:0d:e3:99:e8:8d:5f:23:
fa:ab:26:a9:f0:49:ca:33:2b:c8:74:18:e5:7c:53:a5:a2:f1:
04:3a:d8:9f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyw4ueR+XF5JyRI1Nhz9RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMwMTAyMTM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRjMDBkYTBmY2M1ZjQ0ODM0YTZiZWFiZjZlYjQ0ZjJlMTJiY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf68DcUSk2x6w6hgVwrmlgLfeXWW
dt3KfckQbrF5tXPs1CRhAuMTJbJzR6EKJHYxYzZtOHDjXKNzpoxTPOREudjQ5soY
5v9ZhmvdtZyqrVqf6ipnzKbpuL1Y7cYMxr4pDOKYlCqLFedrlMFrFNDQkyptntaL
MyaNOGmNCTJvLr/iAtmpq5oPnpIxjgBMmsoWIT4/pKFP0dvO9To6AXIaGkjbJlnO
+VZ0ZIYAtLdsUeNrlmVwtXzpGoQQaxlXFqGkQVJf0/XqUs8LTkhdtboBWBV+IJB4
jfip7FJyf1EDcj1n3A5Q9qGWSoXtn9RhZfd6IBBRUOStcgwx3A/2eOvZmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB7cANoPzF9Eg0pr6r9utE8uEryvMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvSHR3QTJnX01YMFNEU212cXYyNjBUeTRTdks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuc6sMBgE
AgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZIhvcNAQELBQADggEBAM67meb6
yaEr2DD24sB5QcSHgFDg29MdHe0DBw+/m3ynG3GaGeoLFN83zeDUuj0B9UVsRHcI
GCNrkTqwmyQp1R00HZx693YvDVHGds8hwi2JMebaagwZjRENt5aZIqv+YpUrJpK+
3cX1P/ffBiD5wqUU0T7aB/WL2VfzOfGDBMcikManOHCtk3ShoYWEQxtCtPaE95+o
rTxZt7yXSytbSehs6Xtjzy5YwZCJtfOn6urLeJJ11c0GdC4SlMR+Wb0yBEFsMitA
pjAoSbjAaCG31Rc+1xXkIDTgfZ4nkuYu4LD4U8NNDeOZ6I1fI/qrJqnwScozK8h0
GOV8U6Wi8QQ62J8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:51 2024 by rpki-client on console-ams.rpki-client.org