Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/D_HwaEwtfGXaJxMDHodDYvBLgBc.roa
File: D_HwaEwtfGXaJxMDHodDYvBLgBc.roa (raw, json)
Hash identifier: rtehXZI6Rp9zCF0QZdZ12hSRaBBq13ac4qkcAZHOYuI=
Subject key identifier: 0F:F1:F0:68:4C:2D:7C:65:DA:27:13:03:1E:87:43:62:F0:4B:80:17
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 018AFA7EA4D0D0AB908E83A92427E2F94935
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/D_HwaEwtfGXaJxMDHodDYvBLgBc.roa
Signing time: Wed 04 Oct 2023 11:41:58 +0000
ROA not before: Wed 04 Oct 2023 11:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/19 maxlen: 19
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.96.0/19 maxlen: 19
194.148.4.0/22 maxlen: 22
194.148.8.0/21 maxlen: 21
195.15.0.0/17 maxlen: 17
194.148.16.0/20 maxlen: 20
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
194.148.32.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:7e:a4:d0:d0:ab:90:8e:83:a9:24:27:e2:f9:49:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Oct 4 11:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ff1f0684c2d7c65da2713031e874362f04b8017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:e6:2a:af:eb:36:60:6d:bd:fa:5e:6d:91:
fa:2d:28:ae:88:6e:d3:be:0a:f5:a0:ae:ec:90:c7:
94:92:f6:7e:15:5d:d6:f7:4f:8e:b6:04:f5:c9:bb:
e9:91:0d:64:9e:22:22:0b:c0:5d:8c:53:20:45:95:
1a:da:5d:b8:43:f7:d2:7f:22:33:60:40:c6:ae:f0:
da:1c:ad:b4:92:57:7f:76:57:be:f7:b5:0f:97:c5:
d5:84:39:e0:95:a6:38:08:1b:07:d9:f1:dc:37:4e:
8c:10:7c:66:86:52:da:ac:9f:42:e6:6e:91:b5:b8:
84:da:8f:3a:07:75:a2:6d:07:53:17:e6:cb:bd:82:
9b:ad:26:2e:90:24:d0:15:79:c7:f9:c7:bd:3e:4a:
10:cc:13:55:8a:2c:8a:be:18:94:97:bb:8c:00:31:
2c:0a:19:a7:b7:6e:56:4a:05:12:e9:62:c6:6d:ca:
15:f7:70:5a:f1:89:9a:71:cb:5d:4b:47:c1:35:f8:
31:00:43:09:ef:74:31:56:b9:09:4f:24:eb:1a:5c:
e7:e0:69:81:43:1f:ac:e1:ff:4b:09:da:bd:65:37:
c4:90:f5:76:8c:7c:e2:26:ff:c3:29:2a:70:eb:1a:
0d:1f:2c:81:33:39:cb:b5:5e:c2:dd:03:d7:3d:17:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F1:F0:68:4C:2D:7C:65:DA:27:13:03:1E:87:43:62:F0:4B:80:17
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/D_HwaEwtfGXaJxMDHodDYvBLgBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.4.0-194.148.63.255
194.148.96.0/19
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
1d:6d:27:74:31:e3:2d:f5:87:bc:fc:26:68:ee:03:24:3f:23:
0a:74:04:96:77:ce:ff:79:0d:a4:fa:9a:c0:1d:60:f9:db:b2:
9f:d9:f2:7e:36:9f:76:d0:cc:87:59:c0:57:0b:d9:96:67:e2:
32:76:c9:aa:91:23:eb:36:c6:94:15:92:07:cf:a6:d1:57:58:
fa:37:e6:5a:20:e8:d5:73:8e:f5:78:23:69:c4:aa:47:3f:58:
68:65:9e:18:2c:1b:d0:99:37:71:b2:13:4f:69:17:d0:b9:25:
9b:b4:59:00:2c:3a:54:5b:f7:59:04:8b:7c:98:7f:a4:22:32:
56:e8:b2:b6:c9:8e:89:00:48:d6:24:86:ae:68:55:bc:7c:3c:
40:80:36:7f:74:cc:e7:42:02:04:7e:75:27:f4:7a:c7:c8:a8:
8f:a5:e8:34:5c:a6:91:ab:98:ff:7e:64:33:01:da:ef:e4:d2:
d8:78:b2:34:ab:d0:ba:20:ba:df:74:c8:6d:82:ca:e0:b0:9a:
1c:52:72:0d:50:14:a4:77:6d:f5:b1:70:40:12:5c:81:e7:b4:
c8:b0:07:2d:8f:37:12:c3:af:f5:ad:09:31:e4:3d:e7:95:93:
b9:9f:59:d0:ec:96:2e:8a:6e:b1:9b:f3:27:24:60:71:27:30:
7c:9e:02:30
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYr6fqTQ0KuQjoOpJCfi+Uk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjMxMDA0MTE0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmYxZjA2ODRjMmQ3YzY1ZGEyNzEzMDMxZTg3NDM2MmYwNGI4MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlejmKq/rNmBtvfpebZH6LSiuiG7T
vgr1oK7skMeUkvZ+FV3W90+OtgT1ybvpkQ1kniIiC8BdjFMgRZUa2l24Q/fSfyIz
YEDGrvDaHK20kld/dle+97UPl8XVhDnglaY4CBsH2fHcN06MEHxmhlLarJ9C5m6R
tbiE2o86B3WibQdTF+bLvYKbrSYukCTQFXnH+ce9PkoQzBNViiyKvhiUl7uMADEs
Chmnt25WSgUS6WLGbcoV93Ba8YmacctdS0fBNfgxAEMJ73QxVrkJTyTrGlzn4GmB
Qx+s4f9LCdq9ZTfEkPV2jHziJv/DKSpw6xoNHyyBMznLtV7C3QPXPRdCdwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFA/x8GhMLXxl2icTAx6HQ2LwS4AXMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvRF9Id2FFd3RmR1hhSnhNREhvZERZdkJMZ0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGcEAgABMGEDBAdT5IAD
BAK5hRwDBAXCJkADBAXCJqAwDAMEAsKUBAMEBsKUAAMEBcKUYAMEB8MPAAMEBdQc
gAMEBdQoAAMEBdRtQAMEB9STAAMEB9TogAMDANT+AwQD1QWYAwQF1aIAMBQEAgAC
MA4DBQAgAUx4AwUAKgOjYDANBgkqhkiG9w0BAQsFAAOCAQEAHW0ndDHjLfWHvPwm
aO4DJD8jCnQElnfO/3kNpPqawB1g+duyn9nyfjafdtDMh1nAVwvZlmfiMnbJqpEj
6zbGlBWSB8+m0VdY+jfmWiDo1XOO9XgjacSqRz9YaGWeGCwb0Jk3cbITT2kX0Lkl
m7RZACw6VFv3WQSLfJh/pCIyVuiytsmOiQBI1iSGrmhVvHw8QIA2f3TM50ICBH51
J/R6x8ioj6XoNFymkauY/35kMwHa7+TS2HiyNKvQuiC633TIbYLK4LCaHFJyDVAU
pHdt9bFwQBJcgee0yLAHLY83EsOv9a0JMeQ955WTuZ9Z0OyWLopusZvzJyRgcScw
fJ4CMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:30 2024 by rpki-client on console-ams.rpki-client.org