Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Hk0h-9Ec_nks6L4vjghA55lhNa4.roa
File: Hk0h-9Ec_nks6L4vjghA55lhNa4.roa (raw, json)
Hash identifier: ZvaGDpKES14CrnUGlzB0jX+qbcD36q/GD+VLWMYIAKI=
Subject key identifier: 1E:4D:21:FB:D1:1C:FE:79:2C:E8:BE:2F:8E:08:40:E7:99:61:35:AE
Certificate issuer: /CN=0cc8128491db132ccfcd82ade700deb306b2161a
Certificate serial: 018570FBCA9D144545144021A0E459736FA0
Authority key identifier: 0C:C8:12:84:91:DB:13:2C:CF:CD:82:AD:E7:00:DE:B3:06:B2:16:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DMgShJHbEyzPzYKt5wDeswayFho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Hk0h-9Ec_nks6L4vjghA55lhNa4.roa
Signing time: Mon 02 Jan 2023 05:37:07 +0000
ROA not before: Mon 02 Jan 2023 05:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210791
IP address blocks: 92.119.96.0/22 maxlen: 24
185.32.136.0/22 maxlen: 24
185.78.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ca:9d:14:45:45:14:40:21:a0:e4:59:73:6f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cc8128491db132ccfcd82ade700deb306b2161a
Validity
Not Before: Jan 2 05:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e4d21fbd11cfe792ce8be2f8e0840e7996135ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:09:de:6d:c8:f0:b3:b8:6e:ae:ce:cc:a5:8b:
c6:51:2d:b2:78:d8:79:f4:2d:bd:46:a3:db:31:97:
63:68:a7:b8:14:ef:dd:9a:4f:2c:ac:8a:e2:77:10:
7b:03:3e:94:29:1b:4d:58:e2:be:79:d4:86:df:96:
c4:6a:d8:c3:3a:b1:4a:d8:02:b4:80:af:64:b4:43:
3b:ec:ee:02:de:62:45:fe:32:45:18:5c:02:c6:e1:
b3:41:9e:42:90:1c:82:84:b7:8a:14:30:50:8d:c5:
2c:b0:2e:f4:34:bf:87:77:e1:c5:dc:51:1d:c0:c0:
ee:02:45:d3:1b:56:bf:e0:df:23:d1:77:40:f4:e5:
fb:1c:b0:76:11:48:11:95:12:3a:b2:94:c3:6b:b8:
6c:3d:ad:b2:08:ad:35:5c:81:4e:81:1e:98:30:f7:
7c:37:3a:c8:1a:de:1a:39:05:17:4c:97:a8:ed:e0:
93:88:3a:83:13:ec:28:3f:52:24:f9:a7:97:8e:e8:
e1:ef:1d:9e:91:26:00:ff:56:3f:2f:89:f0:df:8c:
55:56:7e:d9:8d:a1:3e:dd:df:de:0d:bf:39:11:46:
f9:4e:cf:a6:28:f5:17:2a:70:aa:b5:ca:80:d3:0e:
d9:0d:15:ad:14:d0:5c:e4:48:ca:80:a4:99:1f:1f:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4D:21:FB:D1:1C:FE:79:2C:E8:BE:2F:8E:08:40:E7:99:61:35:AE
X509v3 Authority Key Identifier:
keyid:0C:C8:12:84:91:DB:13:2C:CF:CD:82:AD:E7:00:DE:B3:06:B2:16:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DMgShJHbEyzPzYKt5wDeswayFho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Hk0h-9Ec_nks6L4vjghA55lhNa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/DMgShJHbEyzPzYKt5wDeswayFho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.96.0/22
185.32.136.0/22
185.78.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:b0:ce:00:4f:ea:21:2c:65:8e:ac:bb:69:4b:0f:eb:ee:6f:
2e:58:03:79:5e:a9:da:f1:ed:9d:bf:9a:f7:95:67:84:de:04:
44:03:40:84:b1:89:7e:36:76:ab:f4:af:88:5f:5e:45:3d:e0:
27:d3:6a:68:f8:d9:e9:2a:0b:11:e3:bc:81:da:b8:de:6f:2a:
2a:d2:bd:be:ae:9a:f3:62:6d:fd:c5:fe:42:f7:c0:d0:5e:b4:
f2:ef:ed:fa:62:3d:4b:08:7f:29:b4:d3:90:bc:08:5d:a0:4c:
d9:a3:64:ca:07:9e:ab:9a:06:bf:e4:64:a7:d4:59:42:7e:59:
df:d5:cd:7b:9c:91:df:60:97:87:82:1e:a2:0a:97:c2:b9:36:
f6:c8:fb:c2:e4:53:c1:cd:4f:89:38:f1:d6:57:2e:25:97:f5:
26:0b:6c:bd:9e:66:02:34:4a:f7:41:13:13:e5:b7:a0:3b:95:
eb:04:1c:1b:04:b6:23:a2:33:a2:74:9e:c2:d6:22:cb:c5:ea:
7f:79:73:bb:24:bd:42:b0:21:03:98:b4:d5:8e:07:d2:df:0a:
ac:dd:62:e2:e6:39:0a:3c:99:5a:cd:bf:fe:3f:21:4c:47:85:
27:bb:29:6f:9f:44:b8:01:9d:14:4d:83:da:ed:d6:04:f3:1e:
01:56:ce:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw+8qdFEVFFEAhoORZc2+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYzgxMjg0OTFkYjEzMmNjZmNkODJhZGU3MDBkZWIzMDZi
MjE2MWEwHhcNMjMwMTAyMDUzNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRkMjFmYmQxMWNmZTc5MmNlOGJlMmY4ZTA4NDBlNzk5NjEzNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wnebcjws7hurs7MpYvGUS2yeNh5
9C29RqPbMZdjaKe4FO/dmk8srIridxB7Az6UKRtNWOK+edSG35bEatjDOrFK2AK0
gK9ktEM77O4C3mJF/jJFGFwCxuGzQZ5CkByChLeKFDBQjcUssC70NL+Hd+HF3FEd
wMDuAkXTG1a/4N8j0XdA9OX7HLB2EUgRlRI6spTDa7hsPa2yCK01XIFOgR6YMPd8
NzrIGt4aOQUXTJeo7eCTiDqDE+woP1Ik+aeXjujh7x2ekSYA/1Y/L4nw34xVVn7Z
jaE+3d/eDb85EUb5Ts+mKPUXKnCqtcqA0w7ZDRWtFNBc5EjKgKSZHx+T/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB5NIfvRHP55LOi+L44IQOeZYTWuMB8GA1UdIwQY
MBaAFAzIEoSR2xMsz82CrecA3rMGshYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE1nU2hKSGJFeXpQellLdDV3RGVzd2F5RmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYzNmNTMtMWJhYi00ZDMyLTgzODAt
ZDU5MTA4YjU3MjE0LzEvSGswaC05RWNfbmtzNkw0dmpnaEE1NWxoTmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYzNmNTMtMWJhYi00ZDMyLTgzODAtZDU5MTA4YjU3MjE0
LzEvRE1nU2hKSGJFeXpQellLdDV3RGVzd2F5RmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXHdgAwQC
uSCIAwQCuU4AMA0GCSqGSIb3DQEBCwUAA4IBAQCMsM4AT+ohLGWOrLtpSw/r7m8u
WAN5Xqna8e2dv5r3lWeE3gREA0CEsYl+Nnar9K+IX15FPeAn02po+NnpKgsR47yB
2rjebyoq0r2+rprzYm39xf5C98DQXrTy7+36Yj1LCH8ptNOQvAhdoEzZo2TKB56r
mga/5GSn1FlCflnf1c17nJHfYJeHgh6iCpfCuTb2yPvC5FPBzU+JOPHWVy4ll/Um
C2y9nmYCNEr3QRMT5begO5XrBBwbBLYjojOidJ7C1iLLxep/eXO7JL1CsCEDmLTV
jgfS3wqs3WLi5jkKPJlazb/+PyFMR4Unuylvn0S4AZ0UTYPa7dYE8x4BVs4l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:00 2024 by rpki-client on console-ams.rpki-client.org