Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/HOn50Dl93dHFSt5GlGY8DSSU9-U.roa
File: HOn50Dl93dHFSt5GlGY8DSSU9-U.roa (raw, json)
Hash identifier: BmFycgljayS5QEB7t7b6xFz2j2jeTL08CrzSNR1sWvI=
Subject key identifier: 1C:E9:F9:D0:39:7D:DD:D1:C5:4A:DE:46:94:66:3C:0D:24:94:F7:E5
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 01883C086AFE1F76B313F12F253F5FFA1C7D
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/HOn50Dl93dHFSt5GlGY8DSSU9-U.roa
Signing time: Sun 21 May 2023 01:59:24 +0000
ROA not before: Sun 21 May 2023 01:59:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57391
IP address blocks: 185.233.14.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.40.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
185.132.82.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 May 2023 06:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3c:08:6a:fe:1f:76:b3:13:f1:2f:25:3f:5f:fa:1c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: May 21 01:59:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ce9f9d0397dddd1c54ade4694663c0d2494f7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:d1:f9:3e:8e:9b:b2:7e:8d:8a:eb:41:06:
30:60:de:6d:0a:b0:f7:a5:ef:3e:8f:aa:42:ab:19:
03:ea:ec:2c:dd:39:83:9a:41:1e:b5:15:f1:93:71:
a7:02:ee:fc:9d:2d:65:f4:4b:f3:27:7d:4a:5b:0a:
98:e0:5b:9e:d4:f9:22:29:61:45:d4:c5:dc:1d:fa:
df:96:6f:02:5a:bf:25:af:f1:3a:91:1d:46:e8:a9:
57:f0:00:a1:98:cb:0a:b0:38:76:2b:57:f3:a0:2e:
4a:b0:9c:de:34:cf:72:82:a2:03:cf:01:84:c6:c0:
db:0f:d1:cd:44:dc:4c:e2:3a:9b:30:a0:69:82:47:
be:b3:35:6f:58:1e:55:3a:11:0b:ee:77:eb:5f:61:
e1:f2:e4:af:22:39:49:24:43:4e:d8:e8:35:07:67:
c1:9f:12:7a:8a:ad:ac:bd:18:f1:b3:32:25:13:4a:
ce:32:22:c7:dc:29:85:ab:ed:8c:25:5f:7e:6b:94:
06:2b:10:12:02:c5:8c:b6:cb:f8:7e:a1:cd:2f:78:
0e:27:29:90:11:50:1f:74:6f:52:27:93:ba:97:a4:
a8:61:99:81:2d:03:19:91:39:aa:15:35:af:70:d9:
96:c6:81:dc:dc:ba:73:33:32:10:f2:0a:7b:90:29:
5f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E9:F9:D0:39:7D:DD:D1:C5:4A:DE:46:94:66:3C:0D:24:94:F7:E5
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/HOn50Dl93dHFSt5GlGY8DSSU9-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
88.135.47.0/24
185.67.101.0/24
185.132.80.0/24
185.132.82.0/24
185.233.13.0-185.233.14.255
Signature Algorithm: sha256WithRSAEncryption
06:cc:6b:68:98:4a:5a:37:28:18:2b:05:d8:40:b5:b7:7c:8b:
d6:06:86:20:5e:e4:f2:da:77:fa:45:10:67:0d:d2:b7:dc:99:
a7:6b:32:5c:f8:83:e4:52:b6:bc:7a:e8:ad:fc:38:c1:5d:df:
78:bd:84:b9:a8:f8:3b:35:e8:2b:64:fc:41:3e:d0:3f:e8:e8:
f4:12:0e:23:e7:f4:a3:a0:00:60:6a:42:44:06:cb:05:ad:fc:
f0:d3:e1:1f:50:f5:4c:f9:7f:87:01:04:a7:72:44:45:ca:91:
24:63:ba:c0:3b:d3:8d:4c:36:77:6c:2c:d8:74:be:ba:82:95:
50:8b:44:1a:b4:de:32:a8:a1:46:6e:fb:41:57:7a:0b:01:5b:
9e:cf:66:95:e8:e3:e7:4b:65:d4:63:34:b0:15:dd:3a:54:ff:
59:63:5d:2b:8b:4f:e6:df:ca:09:55:30:c8:03:91:51:43:1f:
a7:2b:56:42:dd:ba:73:0f:b8:b1:a5:aa:2e:6e:48:af:ea:94:
4c:30:18:78:97:50:fe:cd:22:d1:26:41:d6:55:aa:84:82:36:
07:48:d9:2e:0f:84:dc:94:82:38:5c:16:c0:9a:98:51:be:4f:
13:43:38:cd:be:6b:c7:9d:6f:11:93:8f:f7:75:0f:31:52:1a:
af:91:76:46
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYg8CGr+H3azE/EvJT9f+hx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjMwNTIxMDE1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2U5ZjlkMDM5N2RkZGQxYzU0YWRlNDY5NDY2M2MwZDI0OTRmN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05XR+T6Om7J+jYrrQQYwYN5tCrD3
pe8+j6pCqxkD6uws3TmDmkEetRXxk3GnAu78nS1l9EvzJ31KWwqY4Fue1PkiKWFF
1MXcHfrflm8CWr8lr/E6kR1G6KlX8AChmMsKsDh2K1fzoC5KsJzeNM9ygqIDzwGE
xsDbD9HNRNxM4jqbMKBpgke+szVvWB5VOhEL7nfrX2Hh8uSvIjlJJENO2Og1B2fB
nxJ6iq2svRjxszIlE0rOMiLH3CmFq+2MJV9+a5QGKxASAsWMtsv4fqHNL3gOJymQ
EVAfdG9SJ5O6l6SoYZmBLQMZkTmqFTWvcNmWxoHc3LpzMzIQ8gp7kClflQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBzp+dA5fd3RxUreRpRmPA0klPflMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvSE9uNTBEbDkzZEhGU3Q1R2xHWThEU1NVOS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBANYhygD
BABYhywDBABYhy8DBAC5Q2UDBAC5hFADBAC5hFIwDAMEALnpDQMEALnpDjANBgkq
hkiG9w0BAQsFAAOCAQEABsxraJhKWjcoGCsF2EC1t3yL1gaGIF7k8tp3+kUQZw3S
t9yZp2syXPiD5FK2vHrorfw4wV3feL2Euaj4OzXoK2T8QT7QP+jo9BIOI+f0o6AA
YGpCRAbLBa388NPhH1D1TPl/hwEEp3JERcqRJGO6wDvTjUw2d2ws2HS+uoKVUItE
GrTeMqihRm77QVd6CwFbns9mlejj50tl1GM0sBXdOlT/WWNdK4tP5t/KCVUwyAOR
UUMfpytWQt26cw+4saWqLm5Ir+qUTDAYeJdQ/s0i0SZB1lWqhII2B0jZLg+E3JSC
OFwWwJqYUb5PE0M4zb5rx51vEZOP93UPMVIar5F2Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:23 2024 by rpki-client on console-fra.rpki-client.org