Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hrvQPPVSBu5PH9lX2PSEGfzE_i4.roa
File: hrvQPPVSBu5PH9lX2PSEGfzE_i4.roa (raw, json)
Hash identifier: 8DnENxc/6/iGVIMNezLNSJN4Uqkd5cKt1V3ZTda2m+A=
Subject key identifier: 86:BB:D0:3C:F5:52:06:EE:4F:1F:D9:57:D8:F4:84:19:FC:C4:FE:2E
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0189923AAF206DDC77EAB8DDC9006E65AA9A
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hrvQPPVSBu5PH9lX2PSEGfzE_i4.roa
Signing time: Wed 26 Jul 2023 12:44:26 +0000
ROA not before: Wed 26 Jul 2023 12:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.3.200.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
89.46.217.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jul 2023 15:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:3a:af:20:6d:dc:77:ea:b8:dd:c9:00:6e:65:aa:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 26 12:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86bbd03cf55206ee4f1fd957d8f48419fcc4fe2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:03:22:32:fc:21:94:97:ea:dc:4a:ac:aa:eb:
9e:78:e7:c5:f4:c0:5a:62:ba:d3:bf:8b:25:df:be:
7b:da:15:8e:c7:6a:71:bf:50:b7:86:91:19:ee:a8:
7c:62:a2:5e:a7:c8:a4:75:4b:07:fc:56:85:e2:a0:
09:93:50:a8:f5:43:e7:11:ea:e2:69:35:96:d2:8a:
35:25:1b:80:d3:c4:fd:34:07:5a:8b:0b:7f:ff:b8:
da:3d:e3:d2:4f:f8:dd:75:44:18:50:99:f5:75:1b:
fd:aa:2f:dd:ae:c1:77:f3:92:d8:a7:a8:67:8b:8f:
8e:5c:16:d7:5d:ec:10:18:56:18:09:e6:9c:0e:8d:
e7:1c:5a:39:f0:a9:39:45:93:1d:60:8a:68:74:56:
ef:c2:56:17:1f:66:4c:95:00:88:a7:06:32:81:20:
64:3a:01:46:36:0f:54:09:57:f5:60:51:48:1a:45:
8a:d7:d7:88:b5:c0:d4:72:22:cf:4d:f7:f4:1d:be:
0d:c7:b7:de:96:f7:13:24:84:b9:2b:38:59:1d:b8:
45:e1:e5:3e:8b:0c:e5:2b:75:89:2b:24:87:06:3c:
4b:b4:3c:c5:82:4b:fd:52:28:71:a7:71:80:27:11:
70:d4:8e:c2:02:c6:fc:a4:d1:27:dd:d5:a0:25:42:
13:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BB:D0:3C:F5:52:06:EE:4F:1F:D9:57:D8:F4:84:19:FC:C4:FE:2E
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hrvQPPVSBu5PH9lX2PSEGfzE_i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.44.0/22
89.46.217.0/24
185.3.200.0/24
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:a4:5a:c0:b5:b8:f7:f2:07:dd:a9:23:ef:8a:31:72:a1:f2:
db:bd:c0:78:25:7d:41:da:8b:85:4b:fe:ff:c7:94:54:51:76:
84:10:5b:f2:01:f1:7e:50:08:5f:e1:21:bd:9e:da:31:23:61:
1d:57:68:41:9c:cd:49:46:a7:d4:6c:d2:f9:75:df:61:44:8d:
95:60:6b:d7:68:e9:a3:c5:ee:03:d1:d7:d3:3c:c3:71:ef:f5:
a3:19:0f:3f:75:ee:2a:de:11:25:5a:5a:4e:75:95:54:f2:19:
c6:25:60:ed:17:af:11:3b:e4:8d:d3:d4:1f:4a:78:33:97:5d:
05:08:7c:92:58:38:28:45:96:00:d2:a0:33:9a:92:27:68:f3:
86:d9:f5:97:ee:c2:e1:f7:94:c8:3c:00:58:b9:69:67:1d:b2:
ba:ee:40:2d:06:7e:86:1b:ce:37:bd:be:36:16:20:84:d0:9a:
b7:2f:7f:7f:09:82:be:3c:25:5b:aa:38:3a:7d:a0:ee:1e:f6:
b6:99:66:fd:20:dc:41:c3:ef:14:1b:0a:3a:1b:ee:c4:1a:86:
a5:f5:9b:89:40:b3:89:a3:27:0f:88:36:6d:65:39:e0:67:9a:
97:a0:20:a9:a7:be:9e:70:b2:e9:76:24:2d:c3:6d:6c:03:c8:
7e:90:ff:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmSOq8gbdx36rjdyQBuZaqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzI2MTI0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJiZDAzY2Y1NTIwNmVlNGYxZmQ5NTdkOGY0ODQxOWZjYzRmZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgMiMvwhlJfq3EqsquueeOfF9MBa
YrrTv4sl37572hWOx2pxv1C3hpEZ7qh8YqJep8ikdUsH/FaF4qAJk1Co9UPnEeri
aTWW0oo1JRuA08T9NAdaiwt//7jaPePST/jddUQYUJn1dRv9qi/drsF385LYp6hn
i4+OXBbXXewQGFYYCeacDo3nHFo58Kk5RZMdYIpodFbvwlYXH2ZMlQCIpwYygSBk
OgFGNg9UCVf1YFFIGkWK19eItcDUciLPTff0Hb4Nx7felvcTJIS5KzhZHbhF4eU+
iwzlK3WJKySHBjxLtDzFgkv9Uihxp3GAJxFw1I7CAsb8pNEn3dWgJUIT4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIa70Dz1UgbuTx/ZV9j0hBn8xP4uMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaHJ2UVBQVlNCdTVQSDlsWDJQU0VHZnpFX2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCWSosAwQA
WS7ZAwQAuQPIAwQAvNRgMA0GCSqGSIb3DQEBCwUAA4IBAQAbpFrAtbj38gfdqSPv
ijFyofLbvcB4JX1B2ouFS/7/x5RUUXaEEFvyAfF+UAhf4SG9ntoxI2EdV2hBnM1J
RqfUbNL5dd9hRI2VYGvXaOmjxe4D0dfTPMNx7/WjGQ8/de4q3hElWlpOdZVU8hnG
JWDtF68RO+SN09QfSngzl10FCHySWDgoRZYA0qAzmpInaPOG2fWX7sLh95TIPABY
uWlnHbK67kAtBn6GG843vb42FiCE0Jq3L39/CYK+PCVbqjg6faDuHva2mWb9INxB
w+8UGwo6G+7EGoal9ZuJQLOJoycPiDZtZTngZ5qXoCCpp76ecLLpdiQtw21sA8h+
kP+y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org