Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hQ73hMN_p8ApSab15XorXB3f7wc.roa
File: hQ73hMN_p8ApSab15XorXB3f7wc.roa (raw, json)
Hash identifier: RVdFkVHFC0t+XYbKgsAfMTOUFCpMBESzrafxypQlJwA=
Subject key identifier: 85:0E:F7:84:C3:7F:A7:C0:29:49:A6:F5:E5:7A:2B:5C:1D:DF:EF:07
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018BB55F828785FB16189EA510244DE0B6CF
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hQ73hMN_p8ApSab15XorXB3f7wc.roa
Signing time: Thu 09 Nov 2023 18:36:57 +0000
ROA not before: Thu 09 Nov 2023 18:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216127
IP address blocks: 185.221.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:5f:82:87:85:fb:16:18:9e:a5:10:24:4d:e0:b6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Nov 9 18:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=850ef784c37fa7c02949a6f5e57a2b5c1ddfef07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:36:a5:9e:d2:0e:c0:d0:98:6b:8e:01:23:33:
0e:7f:7f:1d:a1:b7:92:3a:1f:d3:50:14:34:4f:8d:
37:2a:a8:bb:16:ba:68:a7:81:5c:d2:c1:3f:fd:6c:
3a:4f:ad:38:f1:8b:fd:72:67:78:4e:3b:7a:ca:89:
b1:14:47:dc:91:ef:6d:58:8c:68:78:7a:3c:6d:6d:
a2:d6:c0:c3:9a:54:1d:29:53:1a:28:cc:c4:bf:4e:
57:6a:03:0c:b9:f9:be:c7:5b:18:f5:55:ae:30:86:
97:90:4f:cf:97:42:87:69:77:b4:dc:d2:27:87:92:
c3:23:36:18:c7:e0:06:bc:f9:5b:76:d6:92:5d:9d:
5f:27:9a:a5:30:54:3e:62:20:9d:38:9f:d7:6b:79:
7b:13:c2:98:17:fd:ff:78:ce:e3:af:5e:9f:88:ad:
ef:a3:43:86:d6:5b:c5:76:38:eb:b0:4a:ba:f0:a4:
c2:d9:7a:f2:d2:92:9e:fc:18:cc:85:45:f7:43:b3:
5b:8d:aa:4c:6d:cf:a4:03:69:43:e3:66:3e:a5:ef:
b5:93:46:3f:96:64:61:ef:71:8a:cd:3d:aa:20:9f:
15:16:31:5c:ba:53:8e:c7:b5:dd:c6:03:e3:8e:89:
27:d1:9e:6a:78:01:a5:c7:87:73:85:02:8e:b8:36:
a2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0E:F7:84:C3:7F:A7:C0:29:49:A6:F5:E5:7A:2B:5C:1D:DF:EF:07
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hQ73hMN_p8ApSab15XorXB3f7wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:72:93:8c:58:bd:02:da:a1:eb:d7:1f:2a:47:a6:43:44:32:
5c:98:af:20:3a:37:af:f0:3d:66:2a:84:5f:a4:5a:53:30:27:
24:56:73:06:91:61:9a:6f:b9:62:86:86:65:72:8d:65:9a:a1:
55:08:12:b6:51:d5:ab:f7:af:29:ba:7c:c1:e1:ec:9f:61:3e:
78:22:23:8b:f7:5f:99:11:b2:52:c5:76:ae:c2:9a:ef:c2:fd:
01:26:ae:28:e0:bc:91:55:64:12:cc:ff:9c:ea:c5:b1:58:ff:
b6:81:83:2b:98:c3:ec:a9:b5:90:6d:79:73:23:96:b6:ad:2c:
2a:30:74:b8:7b:67:04:80:d2:f3:2a:35:62:16:64:a3:fa:07:
c8:64:f3:3e:83:fa:93:68:c4:35:9c:c6:15:40:20:3f:64:b6:
dd:a9:9c:6a:05:8d:bc:78:df:26:21:1b:8c:9b:68:ce:ab:10:
26:42:54:9b:8b:d6:d8:6e:86:c6:99:a3:b0:44:e1:e3:b2:0f:
0e:17:eb:27:27:7d:73:2c:5f:b7:73:98:24:eb:9d:6c:24:3c:
11:f0:96:a2:6b:87:e0:d1:74:19:f9:e8:c4:b3:48:ea:e4:69:
34:c0:40:e0:a9:8c:5f:04:a8:7c:61:6d:9d:b0:57:f4:65:9f:
e4:ec:f2:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu1X4KHhfsWGJ6lECRN4LbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMxMTA5MTgzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBlZjc4NGMzN2ZhN2MwMjk0OWE2ZjVlNTdhMmI1YzFkZGZlZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTalntIOwNCYa44BIzMOf38dobeS
Oh/TUBQ0T403Kqi7Frpop4Fc0sE//Ww6T6048Yv9cmd4Tjt6yomxFEfcke9tWIxo
eHo8bW2i1sDDmlQdKVMaKMzEv05XagMMufm+x1sY9VWuMIaXkE/Pl0KHaXe03NIn
h5LDIzYYx+AGvPlbdtaSXZ1fJ5qlMFQ+YiCdOJ/Xa3l7E8KYF/3/eM7jr16fiK3v
o0OG1lvFdjjrsEq68KTC2Xry0pKe/BjMhUX3Q7NbjapMbc+kA2lD42Y+pe+1k0Y/
lmRh73GKzT2qIJ8VFjFculOOx7XdxgPjjokn0Z5qeAGlx4dzhQKOuDaihQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUO94TDf6fAKUmm9eV6K1wd3+8HMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvaFE3M2hNTl9wOEFwU2FiMTVYb3JYQjNmN3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3GMA0G
CSqGSIb3DQEBCwUAA4IBAQAscpOMWL0C2qHr1x8qR6ZDRDJcmK8gOjev8D1mKoRf
pFpTMCckVnMGkWGab7lihoZlco1lmqFVCBK2UdWr968punzB4eyfYT54IiOL91+Z
EbJSxXauwprvwv0BJq4o4LyRVWQSzP+c6sWxWP+2gYMrmMPsqbWQbXlzI5a2rSwq
MHS4e2cEgNLzKjViFmSj+gfIZPM+g/qTaMQ1nMYVQCA/ZLbdqZxqBY28eN8mIRuM
m2jOqxAmQlSbi9bYbobGmaOwROHjsg8OF+snJ31zLF+3c5gk651sJDwR8Jaia4fg
0XQZ+ejEs0jq5Gk0wEDgqYxfBKh8YW2dsFf0ZZ/k7PJQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:30 2024 by rpki-client on console-fra.rpki-client.org