Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa
File: hYmGfIWJab3qJh1sNtW5DWVMrnE.roa (raw, json)
Hash identifier: cRJuRxW6T3SajgGaY+0ONKHCF+RZRN6wdtK6TMYzYqk=
Subject key identifier: 85:89:86:7C:85:89:69:BD:EA:26:1D:6C:36:D5:B9:0D:65:4C:AE:71
Certificate issuer: /CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df
Certificate serial: 01856E01E4E7FE2DE92501B9EFCBD51042E2
Authority key identifier: F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa
Signing time: Sun 01 Jan 2023 15:44:55 +0000
ROA not before: Sun 01 Jan 2023 15:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20570
IP address blocks: 194.127.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:e4:e7:fe:2d:e9:25:01:b9:ef:cb:d5:10:42:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df
Validity
Not Before: Jan 1 15:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8589867c858969bdea261d6c36d5b90d654cae71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c3:b1:3d:00:dd:fd:ee:18:60:6f:90:e9:69:
60:a3:3c:69:6c:81:a8:63:99:49:c1:3a:9c:52:18:
bb:3d:6d:a7:a3:01:1c:2e:53:63:81:78:9d:9d:91:
56:0e:32:07:9b:98:9d:37:ea:89:42:66:25:b9:22:
b2:f5:9b:3e:a0:6a:9c:6e:e6:7d:cf:00:1b:69:40:
ba:17:7a:7e:b2:4b:2a:3e:2e:4a:c7:1b:65:8f:79:
6f:65:03:fa:df:5c:58:15:ea:01:0e:37:9b:83:ee:
a9:7e:75:89:3c:15:fa:16:2c:27:33:24:10:fe:34:
82:48:9d:2a:de:fc:a1:60:dc:bd:3b:96:65:48:fe:
11:4b:f4:04:ec:94:5b:5b:8c:19:e9:4a:b9:15:52:
71:2d:2b:e2:b0:d3:1d:de:9e:76:12:df:f9:86:bb:
0c:a3:03:13:d9:d4:e6:4c:dd:22:1c:78:7e:2f:fa:
9f:24:ce:1b:8a:d9:e1:d5:70:f3:e8:d5:43:20:46:
95:e5:45:5d:97:ab:a5:12:74:f6:23:56:86:92:7f:
6f:af:b0:ed:9e:b8:61:ea:94:ce:c3:e8:38:2b:f8:
e6:91:45:ad:6a:a9:13:63:6c:4c:af:75:05:44:fd:
33:72:95:29:ff:30:32:ba:53:c5:0c:5a:60:4f:e9:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:89:86:7C:85:89:69:BD:EA:26:1D:6C:36:D5:B9:0D:65:4C:AE:71
X509v3 Authority Key Identifier:
keyid:F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/8aBsbBCOlBmyzbIdSLSaa71sFt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.208.0/22
Signature Algorithm: sha256WithRSAEncryption
89:cf:e8:0a:66:13:4f:77:57:35:85:dc:fa:a7:bc:7a:97:98:
e9:c5:96:36:2c:c8:c8:3a:12:c5:20:4a:f7:da:6b:a4:3d:c8:
40:5d:2d:51:5b:56:f9:6b:c8:21:16:2f:7c:aa:00:9e:1f:35:
b9:0a:22:56:c9:a3:08:0d:d9:02:ec:c5:26:6b:76:4e:c9:c3:
a8:10:3c:24:f6:c2:06:08:6c:be:44:60:87:87:c2:95:73:32:
e6:e3:57:30:17:d2:07:a7:5b:1c:49:99:6e:0e:38:45:04:62:
5e:30:fb:fa:0c:ed:34:ba:5d:25:eb:f5:32:50:f3:ff:62:3d:
a9:36:4b:37:1e:2c:ca:69:5c:f9:8f:77:26:e8:cb:8f:c4:b7:
b7:cc:06:45:16:39:e7:93:4c:8a:53:03:10:d0:a1:00:bb:de:
2e:de:54:e3:13:0a:c5:b5:09:e2:46:c2:80:8c:bd:a1:8d:60:
58:08:73:c7:09:84:fa:d3:4d:07:a0:c5:d4:4c:b8:1f:83:75:
69:1f:ea:d8:fc:cd:9f:03:e3:a1:41:fe:48:fe:8c:7e:16:7a:
96:84:a0:f9:6c:99:4e:8a:b9:c2:d3:65:e1:f5:be:05:82:e6:
b4:f8:d6:6d:07:a3:71:60:81:b7:1c:72:e8:5d:9e:a2:13:eb:
48:ff:2e:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAeTn/i3pJQG578vVEELiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYTA2YzZjMTA4ZTk0MTliMmNkYjIxZDQ4YjQ5YTZiYmQ2
YzE2ZGYwHhcNMjMwMTAxMTU0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg5ODY3Yzg1ODk2OWJkZWEyNjFkNmMzNmQ1YjkwZDY1NGNhZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMOxPQDd/e4YYG+Q6WlgozxpbIGo
Y5lJwTqcUhi7PW2nowEcLlNjgXidnZFWDjIHm5idN+qJQmYluSKy9Zs+oGqcbuZ9
zwAbaUC6F3p+sksqPi5Kxxtlj3lvZQP631xYFeoBDjebg+6pfnWJPBX6FiwnMyQQ
/jSCSJ0q3vyhYNy9O5ZlSP4RS/QE7JRbW4wZ6Uq5FVJxLSvisNMd3p52Et/5hrsM
owMT2dTmTN0iHHh+L/qfJM4bitnh1XDz6NVDIEaV5UVdl6ulEnT2I1aGkn9vr7Dt
nrhh6pTOw+g4K/jmkUWtaqkTY2xMr3UFRP0zcpUp/zAyulPFDFpgT+kAUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWJhnyFiWm96iYdbDbVuQ1lTK5xMB8GA1UdIwQY
MBaAFPGgbGwQjpQZss2yHUi0mmu9bBbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTkt
MTQyZWJlODY5MzE2LzEvaFltR2ZJV0phYjNxSmgxc050VzVEV1ZNcm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTktMTQyZWJlODY5MzE2
LzEvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwn/QMA0G
CSqGSIb3DQEBCwUAA4IBAQCJz+gKZhNPd1c1hdz6p7x6l5jpxZY2LMjIOhLFIEr3
2mukPchAXS1RW1b5a8ghFi98qgCeHzW5CiJWyaMIDdkC7MUma3ZOycOoEDwk9sIG
CGy+RGCHh8KVczLm41cwF9IHp1scSZluDjhFBGJeMPv6DO00ul0l6/UyUPP/Yj2p
Nks3HizKaVz5j3cm6MuPxLe3zAZFFjnnk0yKUwMQ0KEAu94u3lTjEwrFtQniRsKA
jL2hjWBYCHPHCYT6000HoMXUTLgfg3VpH+rY/M2fA+OhQf5I/ox+FnqWhKD5bJlO
irnC02Xh9b4Fgua0+NZtB6NxYIG3HHLoXZ6iE+tI/y7o
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:42 2024 by rpki-client on console-ams.rpki-client.org