Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hhWIxxmuDuANV1a40C8hcv2v-TA.roa
File: hhWIxxmuDuANV1a40C8hcv2v-TA.roa (raw, json)
Hash identifier: dEsFpgaKx3TSJhqNgnzpIKL7pzz6w3sqTjwLC+40gYw=
Subject key identifier: 86:15:88:C7:19:AE:0E:E0:0D:57:56:B8:D0:2F:21:72:FD:AF:F9:30
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0185D96165E9F3E9A357F212F67F1BF2DACA
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hhWIxxmuDuANV1a40C8hcv2v-TA.roa
Signing time: Sun 22 Jan 2023 12:08:36 +0000
ROA not before: Sun 22 Jan 2023 12:08:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39650
IP address blocks: 188.240.196.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
188.212.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d9:61:65:e9:f3:e9:a3:57:f2:12:f6:7f:1b:f2:da:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 22 12:08:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=861588c719ae0ee00d5756b8d02f2172fdaff930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d6:f5:24:e3:55:48:48:8f:f3:74:8f:d3:84:
3c:ec:db:b5:b8:31:05:f9:4f:32:fb:61:15:75:ea:
23:06:15:39:19:fd:1e:87:b2:fe:5f:63:71:56:77:
6f:b5:e7:eb:3f:74:01:18:57:77:98:b6:c5:07:ae:
fc:9b:a2:f3:b0:8c:00:8a:ef:82:1d:d6:49:19:04:
fd:94:9e:7e:74:16:d9:c3:73:09:53:7c:74:ad:19:
b7:eb:40:66:41:1f:c3:5c:b4:55:9c:fc:83:29:04:
70:70:df:ec:34:81:05:c2:ad:95:4e:da:f3:ee:30:
e2:1a:3f:23:3e:44:f2:a8:ff:eb:8b:3c:90:ff:95:
12:43:f6:52:45:7b:79:39:fd:cf:f1:0f:75:f2:44:
65:73:a8:18:8b:2e:44:4b:d9:87:39:36:0c:1c:54:
a7:c8:fb:9a:0a:41:a3:5e:e9:b2:89:bc:aa:43:6e:
8b:32:1b:d7:38:7f:d8:6f:45:1c:83:83:b1:f6:c4:
7d:3f:3a:a5:f1:3e:15:a0:48:5b:0e:47:6f:88:5a:
fb:1f:d0:af:bf:6a:35:75:2e:4d:c5:aa:11:ac:d6:
c9:73:1b:03:23:b7:96:0f:24:39:60:40:13:d1:f1:
a8:7c:fd:ba:4d:88:a2:2a:f7:49:fb:6c:b8:58:ad:
1c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:15:88:C7:19:AE:0E:E0:0D:57:56:B8:D0:2F:21:72:FD:AF:F9:30
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hhWIxxmuDuANV1a40C8hcv2v-TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0/24
45.94.215.0/24
89.46.217.0/24
188.212.96.0/22
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e9:63:74:67:86:3f:5a:7c:e1:6a:33:6c:44:0b:9a:28:3e:
1f:81:52:32:d3:16:13:2b:f8:9d:89:ee:63:e1:a1:c2:01:98:
4a:a3:da:3c:dd:79:4b:59:bf:19:22:b2:96:06:d4:32:b0:7d:
b4:61:a9:ef:7b:4a:a2:65:d8:c4:be:4c:a7:a9:01:ec:3d:54:
dc:46:dd:9f:11:a0:9a:01:0e:6d:6d:c2:f0:f5:c2:9e:e9:4b:
f8:a2:94:72:74:e7:d1:35:ba:dc:9d:b2:b7:1d:37:d6:7e:b8:
98:54:dc:19:4f:60:fd:12:ec:ba:27:13:e5:f3:20:08:d9:33:
2c:8a:df:68:a0:13:df:b5:d1:26:89:93:c4:1a:9f:0a:9a:72:
88:a5:60:22:35:73:de:23:10:fc:83:f3:b7:49:a9:1d:bb:fb:
8d:c8:b4:47:4b:af:33:bc:6c:e6:6d:e5:27:36:46:04:12:b1:
28:7c:7e:89:f0:b6:92:e4:5b:e0:84:83:0b:f7:c5:53:87:dc:
04:3a:11:66:90:09:d8:b9:37:5e:d9:4b:f9:f5:bb:54:c0:15:
25:fe:5e:14:f0:ce:36:48:68:d5:c1:33:c2:04:cd:37:9b:d0:
10:64:dc:33:d8:46:0a:a3:01:16:d7:06:ac:9c:ee:48:ed:38:
66:98:a3:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXZYWXp8+mjV/IS9n8b8trKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTIyMTIwODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE1ODhjNzE5YWUwZWUwMGQ1NzU2YjhkMDJmMjE3MmZkYWZmOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49b1JONVSEiP83SP04Q87Nu1uDEF
+U8y+2EVdeojBhU5Gf0eh7L+X2NxVndvtefrP3QBGFd3mLbFB678m6LzsIwAiu+C
HdZJGQT9lJ5+dBbZw3MJU3x0rRm360BmQR/DXLRVnPyDKQRwcN/sNIEFwq2VTtrz
7jDiGj8jPkTyqP/rizyQ/5USQ/ZSRXt5Of3P8Q918kRlc6gYiy5ES9mHOTYMHFSn
yPuaCkGjXumyibyqQ26LMhvXOH/Yb0Ucg4Ox9sR9Pzql8T4VoEhbDkdviFr7H9Cv
v2o1dS5NxaoRrNbJcxsDI7eWDyQ5YEAT0fGofP26TYiiKvdJ+2y4WK0cSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIYViMcZrg7gDVdWuNAvIXL9r/kwMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaGhXSXh4bXVEdUFOVjFhNDBDOGhjdjJ2LVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV7VAwQA
LV7XAwQAWS7ZAwQCvNRgAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQBC6WN0Z4Y/
WnzhajNsRAuaKD4fgVIy0xYTK/idie5j4aHCAZhKo9o83XlLWb8ZIrKWBtQysH20
Yanve0qiZdjEvkynqQHsPVTcRt2fEaCaAQ5tbcLw9cKe6Uv4opRydOfRNbrcnbK3
HTfWfriYVNwZT2D9Euy6JxPl8yAI2TMsit9ooBPftdEmiZPEGp8KmnKIpWAiNXPe
IxD8g/O3Sakdu/uNyLRHS68zvGzmbeUnNkYEErEofH6J8LaS5FvghIML98VTh9wE
OhFmkAnYuTde2Uv59btUwBUl/l4U8M42SGjVwTPCBM03m9AQZNwz2EYKowEW1was
nO5I7ThmmKPn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:10 2023 by rpki-client on console-ams.rpki-client.org