Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/HrmMdBH4t4NC5HNicXs1CmdUFAs.roa
File: HrmMdBH4t4NC5HNicXs1CmdUFAs.roa (raw, json)
Hash identifier: lQ2cG+WBvifcuXBsk3+wVnTf31z5QHicRZ/kEaY/q2M=
Subject key identifier: 1E:B9:8C:74:11:F8:B7:83:42:E4:73:62:71:7B:35:0A:67:54:14:0B
Certificate issuer: /CN=d1f6e4370111cfbf968404854227b8092851450d
Certificate serial: 01864F16F98E9BBBE267F640A96B10823B41
Authority key identifier: D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/HrmMdBH4t4NC5HNicXs1CmdUFAs.roa
Signing time: Tue 14 Feb 2023 08:42:30 +0000
ROA not before: Tue 14 Feb 2023 08:42:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.21.0.0/22 maxlen: 24
37.1.184.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:16:f9:8e:9b:bb:e2:67:f6:40:a9:6b:10:82:3b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f6e4370111cfbf968404854227b8092851450d
Validity
Not Before: Feb 14 08:42:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb98c7411f8b78342e47362717b350a6754140b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:54:6b:12:9c:1f:dc:ac:ec:6c:92:bf:b7:
cb:4e:f3:b5:68:25:d1:36:0f:8f:72:69:21:2f:3a:
9e:5b:28:ea:cc:b0:d3:99:11:79:1b:4a:92:aa:ca:
5b:1f:8d:a1:b5:2e:2f:d5:0f:88:23:9e:5e:9a:70:
c7:23:9d:06:92:29:ec:c2:0c:d9:aa:cf:e3:eb:41:
aa:c1:ce:f0:9e:64:61:5a:fa:95:df:fc:a0:55:32:
63:11:81:0e:9f:c0:8f:70:49:cb:ce:c8:d5:0a:8c:
6b:50:ca:a4:a8:05:e2:d1:cf:31:f4:29:08:97:fb:
ae:0f:ed:97:e9:b4:68:b1:ae:d0:41:97:ab:77:8c:
10:f1:b0:2c:71:74:df:d7:ca:c6:89:ca:57:34:73:
0e:02:c3:5f:46:2b:7c:c3:88:ec:53:da:b6:86:20:
cb:89:1a:e8:d5:46:0e:5d:ff:23:f7:6c:99:83:92:
a0:26:33:3c:cf:6d:81:6d:be:f4:b4:23:30:a4:86:
42:98:a1:85:24:9d:30:6d:1b:dc:1d:78:0b:58:cb:
25:80:92:80:71:77:b4:4a:3a:09:0f:6f:21:b9:4d:
ad:c0:f3:15:f3:50:85:80:c5:77:cf:cd:9f:d4:79:
28:bd:63:21:25:b4:75:cb:ad:54:03:7a:7c:6b:70:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B9:8C:74:11:F8:B7:83:42:E4:73:62:71:7B:35:0A:67:54:14:0B
X509v3 Authority Key Identifier:
keyid:D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/HrmMdBH4t4NC5HNicXs1CmdUFAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.184.0/21
185.21.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:2f:08:c0:dc:42:2c:0c:e0:fe:ca:1b:ae:12:87:19:f8:3b:
a3:27:f6:25:34:83:61:e5:a5:9d:09:8e:02:d9:c0:3b:3f:fa:
bc:cf:f1:e1:b8:81:6a:44:07:6e:0c:db:43:18:18:99:bb:66:
e0:8b:49:1d:fe:f8:59:d4:05:f6:e5:5d:08:c1:0a:85:00:41:
a3:d2:05:57:93:f0:cc:d1:1c:95:b1:03:a3:af:5d:a0:af:f2:
78:45:7a:8f:4a:00:0a:52:99:98:ee:96:a0:98:6c:fc:15:ee:
3f:e5:32:4d:6f:41:66:90:36:4f:f8:16:6b:f0:bd:98:09:8a:
ff:5b:bc:48:08:ef:11:a7:ed:cd:84:6b:28:aa:cf:d7:f8:1b:
2c:62:46:33:a1:de:34:91:33:ac:75:8d:eb:21:42:35:9c:bf:
33:78:71:7a:12:82:35:64:6b:79:78:a5:a0:8b:ff:69:9b:d9:
f5:87:cc:10:23:f1:55:85:2e:89:f3:84:88:17:c5:ba:c9:34:
22:1d:ba:99:db:50:0f:15:78:fe:9c:c8:4e:ff:49:3b:aa:38:
a4:88:4e:09:79:ec:f3:d1:7a:63:d9:1a:d7:5c:d9:7f:ed:fc:
3f:22:dc:54:f3:57:e0:50:79:dd:5e:b4:d9:c0:dd:6c:27:f4:
40:f7:cb:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZPFvmOm7viZ/ZAqWsQgjtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjZlNDM3MDExMWNmYmY5Njg0MDQ4NTQyMjdiODA5Mjg1
MTQ1MGQwHhcNMjMwMjE0MDg0MjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWI5OGM3NDExZjhiNzgzNDJlNDczNjI3MTdiMzUwYTY3NTQxNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8RUaxKcH9ys7GySv7fLTvO1aCXR
Ng+PcmkhLzqeWyjqzLDTmRF5G0qSqspbH42htS4v1Q+II55emnDHI50GkinswgzZ
qs/j60Gqwc7wnmRhWvqV3/ygVTJjEYEOn8CPcEnLzsjVCoxrUMqkqAXi0c8x9CkI
l/uuD+2X6bRosa7QQZerd4wQ8bAscXTf18rGicpXNHMOAsNfRit8w4jsU9q2hiDL
iRro1UYOXf8j92yZg5KgJjM8z22Bbb70tCMwpIZCmKGFJJ0wbRvcHXgLWMslgJKA
cXe0SjoJD28huU2twPMV81CFgMV3z82f1HkovWMhJbR1y61UA3p8a3D5awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB65jHQR+LeDQuRzYnF7NQpnVBQLMB8GA1UdIwQY
MBaAFNH25DcBEc+/loQEhUInuAkoUUUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZia053RVJ6Ny1XaEFTRlFpZTRDU2hSUlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81OWQ0ZTktNjYyYy00MzVhLWIzNTEt
NGFhNTM5YTMwZDIxLzEvSHJtTWRCSDR0NE5DNUhOaWNYczFDbWRVRkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81OWQ0ZTktNjYyYy00MzVhLWIzNTEtNGFhNTM5YTMwZDIx
LzEvMGZia053RVJ6Ny1XaEFTRlFpZTRDU2hSUlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJQG4AwQC
uRUAMA0GCSqGSIb3DQEBCwUAA4IBAQA+LwjA3EIsDOD+yhuuEocZ+DujJ/YlNINh
5aWdCY4C2cA7P/q8z/HhuIFqRAduDNtDGBiZu2bgi0kd/vhZ1AX25V0IwQqFAEGj
0gVXk/DM0RyVsQOjr12gr/J4RXqPSgAKUpmY7pagmGz8Fe4/5TJNb0FmkDZP+BZr
8L2YCYr/W7xICO8Rp+3NhGsoqs/X+BssYkYzod40kTOsdY3rIUI1nL8zeHF6EoI1
ZGt5eKWgi/9pm9n1h8wQI/FVhS6J84SIF8W6yTQiHbqZ21APFXj+nMhO/0k7qjik
iE4Jeezz0Xpj2RrXXNl/7fw/ItxU81fgUHndXrTZwN1sJ/RA98tr
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:48 2024 by rpki-client on console-fra.rpki-client.org