Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/1HH4bNK7XuObWknnjaybUvVWpII.roa
File: 1HH4bNK7XuObWknnjaybUvVWpII.roa (raw, json)
Hash identifier: FJAEwIEvKdFERKmKIQCvhXnEpNNXlAWOg23Zb+heL58=
Subject key identifier: D4:71:F8:6C:D2:BB:5E:E3:9B:5A:49:E7:8D:AC:9B:52:F5:56:A4:82
Certificate issuer: /CN=124f16479e4b72aca589baa01039fc8e923b4cc3
Certificate serial: 018B3EEC77D13FC3A2139A283AC6B11B785E
Authority key identifier: 12:4F:16:47:9E:4B:72:AC:A5:89:BA:A0:10:39:FC:8E:92:3B:4C:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ek8WR55LcqylibqgEDn8jpI7TMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/1HH4bNK7XuObWknnjaybUvVWpII.roa
Signing time: Tue 17 Oct 2023 18:36:06 +0000
ROA not before: Tue 17 Oct 2023 18:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58010
IP address blocks: 185.71.124.0/24 maxlen: 24
185.71.125.0/24 maxlen: 24
185.71.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3e:ec:77:d1:3f:c3:a2:13:9a:28:3a:c6:b1:1b:78:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=124f16479e4b72aca589baa01039fc8e923b4cc3
Validity
Not Before: Oct 17 18:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d471f86cd2bb5ee39b5a49e78dac9b52f556a482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5c:b8:ac:33:6f:e5:60:a0:ce:8b:d9:c5:e3:
67:8f:95:7f:11:7a:09:b7:1e:86:44:4e:0f:d7:e9:
28:63:bf:5c:bb:c6:f7:28:e3:85:b6:c6:62:ec:44:
d9:58:ee:78:23:04:eb:2c:79:96:82:99:cd:0e:d9:
2f:e9:79:7c:4e:5e:bd:a6:02:f6:d7:e8:59:ea:b0:
70:1a:5b:80:10:52:19:06:56:7f:41:dc:17:8b:c6:
fe:17:18:4c:fc:c6:cb:20:57:e8:64:b2:70:dc:c8:
a8:55:a3:de:e7:61:b6:f7:c0:77:2d:3b:df:f2:c1:
42:c0:ce:c2:8e:c0:ba:02:85:93:f0:74:62:be:ff:
78:37:0b:4e:da:64:bd:d1:e2:11:0a:f0:48:73:a4:
89:1a:d6:c5:70:75:ed:d6:c9:e6:f5:86:d0:e3:50:
bd:41:ba:ff:10:be:15:ae:f9:04:1a:14:0e:c1:ca:
96:52:fa:53:b5:8b:5b:83:9e:ed:e7:ed:01:64:be:
e3:6f:bd:5c:52:db:28:1d:8b:ea:18:4f:19:2b:cf:
d7:3e:54:4b:01:0d:cb:2a:73:d8:36:61:f0:e9:df:
ab:a2:c3:70:24:06:22:8e:86:60:bc:0b:65:d8:68:
de:ae:16:4a:a6:d2:f0:2b:92:9f:15:73:b4:c8:fe:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:71:F8:6C:D2:BB:5E:E3:9B:5A:49:E7:8D:AC:9B:52:F5:56:A4:82
X509v3 Authority Key Identifier:
keyid:12:4F:16:47:9E:4B:72:AC:A5:89:BA:A0:10:39:FC:8E:92:3B:4C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ek8WR55LcqylibqgEDn8jpI7TMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/1HH4bNK7XuObWknnjaybUvVWpII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/Ek8WR55LcqylibqgEDn8jpI7TMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.124.0-185.71.126.255
Signature Algorithm: sha256WithRSAEncryption
36:45:53:c4:e1:8e:cf:3e:d3:fc:9e:51:44:bf:76:f6:37:cf:
3b:00:f6:13:65:73:d8:ad:b4:0f:d0:67:ca:62:38:cf:47:71:
a3:e7:04:d0:55:75:a6:de:f9:00:52:f0:d8:47:0e:ca:f2:5f:
04:05:4b:f5:77:40:59:4e:c5:5a:4b:bb:fe:d6:d9:3e:fc:36:
19:39:c5:1e:85:cb:8c:b2:14:8b:be:c1:06:e2:39:07:94:87:
43:44:39:b3:0d:38:8c:db:0b:00:bc:49:a4:0a:34:e4:85:61:
c5:b9:ad:80:6b:9f:46:d4:89:b0:a9:0f:f7:ff:58:ef:f4:90:
d5:bb:d4:48:36:dc:92:c6:fb:62:87:98:da:87:e5:ab:28:92:
8a:52:69:e4:4e:be:19:ad:54:5e:dd:07:fa:b7:ad:71:f4:6d:
00:c6:06:1d:4b:a1:90:77:d6:5a:59:12:1a:7e:4e:32:85:80:
d2:a5:9c:55:1e:6b:43:84:b4:89:11:cd:50:ee:dc:6d:3b:b7:
c0:4b:86:ad:78:1f:e2:01:ad:1c:f8:e3:b3:5c:5e:4b:44:0f:
12:f7:fe:5a:ca:97:72:7e:87:93:8d:0f:6e:98:3d:64:f9:04:
84:0c:1f:eb:74:9e:af:1e:04:ad:2f:e7:63:54:a8:60:b4:85:
5b:d6:8e:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYs+7HfRP8OiE5ooOsaxG3heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNGYxNjQ3OWU0YjcyYWNhNTg5YmFhMDEwMzlmYzhlOTIz
YjRjYzMwHhcNMjMxMDE3MTgzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcxZjg2Y2QyYmI1ZWUzOWI1YTQ5ZTc4ZGFjOWI1MmY1NTZhNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVy4rDNv5WCgzovZxeNnj5V/EXoJ
tx6GRE4P1+koY79cu8b3KOOFtsZi7ETZWO54IwTrLHmWgpnNDtkv6Xl8Tl69pgL2
1+hZ6rBwGluAEFIZBlZ/QdwXi8b+FxhM/MbLIFfoZLJw3MioVaPe52G298B3LTvf
8sFCwM7CjsC6AoWT8HRivv94NwtO2mS90eIRCvBIc6SJGtbFcHXt1snm9YbQ41C9
Qbr/EL4VrvkEGhQOwcqWUvpTtYtbg57t5+0BZL7jb71cUtsoHYvqGE8ZK8/XPlRL
AQ3LKnPYNmHw6d+rosNwJAYijoZgvAtl2GjerhZKptLwK5KfFXO0yP40PQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNRx+GzSu17jm1pJ542sm1L1VqSCMB8GA1UdIwQY
MBaAFBJPFkeeS3KspYm6oBA5/I6SO0zDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWs4V1I1NUxjcXlsaWJxZ0VEbjhqcEk3VE1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MGM3YzEtOGYwZi00YjgwLTg2MzAt
M2U0ZjM1YjY2NDYxLzEvMUhINGJOSzdYdU9iV2tubmpheWJVdlZXcElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MGM3YzEtOGYwZi00YjgwLTg2MzAtM2U0ZjM1YjY2NDYx
LzEvRWs4V1I1NUxjcXlsaWJxZ0VEbjhqcEk3VE1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5R3wD
BAC5R34wDQYJKoZIhvcNAQELBQADggEBADZFU8Thjs8+0/yeUUS/dvY3zzsA9hNl
c9ittA/QZ8piOM9HcaPnBNBVdabe+QBS8NhHDsryXwQFS/V3QFlOxVpLu/7W2T78
Nhk5xR6Fy4yyFIu+wQbiOQeUh0NEObMNOIzbCwC8SaQKNOSFYcW5rYBrn0bUibCp
D/f/WO/0kNW71Eg23JLG+2KHmNqH5asokopSaeROvhmtVF7dB/q3rXH0bQDGBh1L
oZB31lpZEhp+TjKFgNKlnFUea0OEtIkRzVDu3G07t8BLhq14H+IBrRz447NcXktE
DxL3/lrKl3J+h5OND26YPWT5BIQMH+t0nq8eBK0v52NUqGC0hVvWjjM=
-----END CERTIFICATE-----
Generated at Thu Oct 19 22:06:09 2023 by rpki-client on console-ams.rpki-client.org