Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/h-KAPUGADF_FJzBd_2w-oSvv5YE.roa
File: h-KAPUGADF_FJzBd_2w-oSvv5YE.roa (raw, json)
Hash identifier: NoWeYAb972qy/R8dqh6Ys4q55GqIx83+ZMyiIKJtMdw=
Subject key identifier: 87:E2:80:3D:41:80:0C:5F:C5:27:30:5D:FF:6C:3E:A1:2B:EF:E5:81
Certificate issuer: /CN=0a77196340d2144b8ca7b0778984bb04bc1cb378
Certificate serial: 01856C25E9EEB2E40BC636EC0A3207BE355C
Authority key identifier: 0A:77:19:63:40:D2:14:4B:8C:A7:B0:77:89:84:BB:04:BC:1C:B3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CncZY0DSFEuMp7B3iYS7BLwcs3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/h-KAPUGADF_FJzBd_2w-oSvv5YE.roa
Signing time: Sun 01 Jan 2023 07:05:02 +0000
ROA not before: Sun 01 Jan 2023 07:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21140
IP address blocks: 185.212.90.0/24 maxlen: 24
185.212.88.0/23 maxlen: 23
185.212.91.0/24 maxlen: 24
2a0b:7540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:e9:ee:b2:e4:0b:c6:36:ec:0a:32:07:be:35:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a77196340d2144b8ca7b0778984bb04bc1cb378
Validity
Not Before: Jan 1 07:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87e2803d41800c5fc527305dff6c3ea12befe581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d4:d3:f7:a9:c9:78:1f:3a:17:d4:92:7a:aa:
2f:c6:c5:4e:3b:0d:ca:d5:dc:b5:ee:be:d9:9a:d1:
ea:0d:3b:6a:69:43:6c:e3:29:e0:c2:70:2c:4b:88:
f7:06:24:f4:82:8e:ba:b1:60:44:29:d8:95:03:bf:
92:f7:fe:4b:73:8a:89:cb:1f:2f:69:75:0f:64:7f:
bb:e3:fd:3a:d0:35:6b:2c:03:5d:3a:b3:d1:6e:58:
8a:e0:ff:80:69:e7:64:10:24:64:42:32:e5:40:d6:
63:e5:ad:35:4b:ea:49:16:7e:51:04:62:c1:b1:9f:
e3:bd:fd:ac:5c:e8:4a:d6:c5:19:b0:46:5f:1d:e5:
2a:97:ff:1c:f7:b0:88:4c:2f:5f:8c:9c:8a:3e:77:
57:a4:8b:b4:ba:ca:29:d4:b4:be:14:f7:a7:c9:b4:
d4:3a:25:c9:eb:a4:2e:57:d9:56:db:2c:56:c4:3c:
83:03:05:8c:f9:9e:17:30:35:73:97:f9:d4:36:a1:
4e:19:ed:0f:6c:9f:36:45:75:31:b9:75:44:1d:51:
a6:f7:4d:aa:29:50:7b:8d:73:d6:c7:b9:89:ec:b8:
91:8b:95:02:0d:88:1c:77:35:e8:89:f9:ac:9b:2e:
e4:4b:98:15:5c:06:40:eb:2d:7f:f3:ef:4d:c9:f5:
54:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E2:80:3D:41:80:0C:5F:C5:27:30:5D:FF:6C:3E:A1:2B:EF:E5:81
X509v3 Authority Key Identifier:
keyid:0A:77:19:63:40:D2:14:4B:8C:A7:B0:77:89:84:BB:04:BC:1C:B3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CncZY0DSFEuMp7B3iYS7BLwcs3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/h-KAPUGADF_FJzBd_2w-oSvv5YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/CncZY0DSFEuMp7B3iYS7BLwcs3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.88.0/22
IPv6:
2a0b:7540::/29
Signature Algorithm: sha256WithRSAEncryption
69:07:a2:04:47:d6:18:ef:31:77:28:cf:07:c0:2e:55:f7:26:
9f:fc:bc:75:41:29:b2:60:32:fe:56:0f:ed:2a:fb:b1:79:31:
95:c2:61:56:f7:4a:fe:0b:aa:b0:9a:c3:03:f5:dd:70:64:4a:
56:e0:bc:85:2c:3e:8b:bf:a9:0d:f5:84:b6:a8:61:12:e4:cd:
2b:90:53:67:11:48:4b:68:5f:c8:34:ec:b6:c7:73:b9:80:f3:
c2:89:fb:42:40:bb:37:f4:d9:b3:8e:d6:f6:93:c6:a1:2d:b6:
68:03:de:9e:15:7a:b3:d0:36:34:f0:09:f2:80:60:3a:b8:14:
a8:67:af:82:1e:5c:96:56:a7:5b:18:d8:90:ce:89:c6:48:81:
9d:60:92:25:98:e3:f5:35:f1:c3:04:98:e3:02:90:2d:14:e2:
18:e8:75:3a:9b:ae:80:fd:e0:95:14:28:00:c9:a4:41:9c:ae:
6d:d5:da:87:39:1b:a3:70:09:fc:07:9e:8b:23:ef:11:b0:96:
38:e8:ce:5d:8c:43:5f:bc:2e:23:85:b4:53:6e:45:30:66:b9:
6b:13:3a:f8:22:88:97:f4:3b:19:e8:63:6e:f5:c2:67:d5:2d:
9e:c0:5e:4b:db:c0:dc:36:3c:4f:a9:a4:8d:d9:51:ca:77:34:
8e:8f:3d:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsJenusuQLxjbsCjIHvjVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzcxOTYzNDBkMjE0NGI4Y2E3YjA3Nzg5ODRiYjA0YmMx
Y2IzNzgwHhcNMjMwMTAxMDcwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2UyODAzZDQxODAwYzVmYzUyNzMwNWRmZjZjM2VhMTJiZWZlNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNTT96nJeB86F9SSeqovxsVOOw3K
1dy17r7ZmtHqDTtqaUNs4yngwnAsS4j3BiT0go66sWBEKdiVA7+S9/5Lc4qJyx8v
aXUPZH+74/060DVrLANdOrPRbliK4P+AaedkECRkQjLlQNZj5a01S+pJFn5RBGLB
sZ/jvf2sXOhK1sUZsEZfHeUql/8c97CITC9fjJyKPndXpIu0usop1LS+FPenybTU
OiXJ66QuV9lW2yxWxDyDAwWM+Z4XMDVzl/nUNqFOGe0PbJ82RXUxuXVEHVGm902q
KVB7jXPWx7mJ7LiRi5UCDYgcdzXoifmsmy7kS5gVXAZA6y1/8+9NyfVUKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIfigD1BgAxfxScwXf9sPqEr7+WBMB8GA1UdIwQY
MBaAFAp3GWNA0hRLjKewd4mEuwS8HLN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25jWlkwRFNGRXVNcDdCM2lZUzdCTHdjczNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80OTg5YmEtOWFmMy00ZTNkLTg0NWQt
ZWI5NzcxNjRhN2U0LzEvaC1LQVBVR0FERl9GSnpCZF8ydy1vU3Z2NVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80OTg5YmEtOWFmMy00ZTNkLTg0NWQtZWI5NzcxNjRhN2U0
LzEvQ25jWlkwRFNGRXVNcDdCM2lZUzdCTHdjczNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudRYMA0E
AgACMAcDBQMqC3VAMA0GCSqGSIb3DQEBCwUAA4IBAQBpB6IER9YY7zF3KM8HwC5V
9yaf/Lx1QSmyYDL+Vg/tKvuxeTGVwmFW90r+C6qwmsMD9d1wZEpW4LyFLD6Lv6kN
9YS2qGES5M0rkFNnEUhLaF/INOy2x3O5gPPCiftCQLs39Nmzjtb2k8ahLbZoA96e
FXqz0DY08AnygGA6uBSoZ6+CHlyWVqdbGNiQzonGSIGdYJIlmOP1NfHDBJjjApAt
FOIY6HU6m66A/eCVFCgAyaRBnK5t1dqHORujcAn8B56LI+8RsJY46M5djENfvC4j
hbRTbkUwZrlrEzr4IoiX9DsZ6GNu9cJn1S2ewF5L28DcNjxPqaSN2VHKdzSOjz3B
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:08 2024 by rpki-client on console-fra.rpki-client.org