Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hS7OdpfzqwDzbU80H3L2TyA1UOk.roa
File: hS7OdpfzqwDzbU80H3L2TyA1UOk.roa (raw, json)
Hash identifier: 0Pgg/6Ki0x7+Rn12eU9B1a4LfB68RbmajmN9vgrS8Gs=
Subject key identifier: 85:2E:CE:76:97:F3:AB:00:F3:6D:4F:34:1F:72:F6:4F:20:35:50:E9
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 0187C18CC6FEF217D722741B4BD22D29A5A3
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hS7OdpfzqwDzbU80H3L2TyA1UOk.roa
Signing time: Thu 27 Apr 2023 07:10:41 +0000
ROA not before: Thu 27 Apr 2023 07:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29522
IP address blocks: 185.140.120.0/22 maxlen: 22
194.60.251.0/24 maxlen: 24
195.149.224.0/21 maxlen: 21
185.11.100.0/22 maxlen: 24
94.152.0.0/16 maxlen: 24
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:8c:c6:fe:f2:17:d7:22:74:1b:4b:d2:2d:29:a5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Apr 27 07:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852ece7697f3ab00f36d4f341f72f64f203550e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0b:44:6b:2e:30:7b:c8:97:94:ed:42:51:d4:
11:d9:54:b3:d6:82:f0:d6:cb:a8:b8:c4:3d:e0:c7:
cb:ad:e5:0c:09:62:c1:3b:d8:2a:95:16:16:cc:f1:
38:06:0f:70:8b:20:a7:45:b2:b6:94:26:d0:6e:4f:
53:23:68:5b:bd:c5:3c:ac:a7:89:4b:6f:a5:08:9e:
b9:39:fb:d0:27:95:28:f9:68:d6:a2:a1:ea:e3:78:
ec:c0:74:bb:5f:d9:80:a8:11:36:15:40:e0:00:d6:
25:f4:f9:bc:cb:9c:fc:c8:d6:88:0d:82:9b:e2:ec:
94:a4:f1:c2:8b:8f:48:50:b5:1f:c0:94:56:36:3f:
d8:3f:65:8b:18:5a:fc:94:d2:21:a6:06:63:15:be:
4c:c1:1e:f2:3b:96:09:f3:6a:0a:10:26:37:f5:c8:
3e:d8:5b:4e:99:d5:23:99:f4:fa:bf:e1:ed:b9:49:
7e:c9:9e:4b:6d:e5:c1:14:ce:3c:44:61:b2:50:e5:
5a:7a:99:da:e5:09:2b:84:20:bf:66:65:5d:7b:fa:
c4:64:61:44:c1:a7:cb:78:ee:05:42:7b:91:40:18:
49:a3:2e:63:bb:59:1f:2d:f2:80:ec:4b:62:76:34:
8c:60:13:31:5f:43:86:b3:29:bf:f0:e4:4a:d4:ee:
59:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2E:CE:76:97:F3:AB:00:F3:6D:4F:34:1F:72:F6:4F:20:35:50:E9
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hS7OdpfzqwDzbU80H3L2TyA1UOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.152.0.0/16
185.11.100.0/22
185.140.120.0/22
194.60.251.0/24
195.149.224.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:40:05:3c:4b:3b:cc:38:d2:31:08:53:42:6b:59:c2:af:2e:
d7:3f:1e:35:0e:38:37:6c:b6:c7:f9:2f:ae:64:5d:9c:ec:21:
b7:db:3c:94:90:4d:8c:93:e7:41:34:c1:13:4b:7f:c6:37:f3:
d7:d8:d8:23:6c:6c:13:eb:ea:8e:2f:21:d2:55:f5:59:19:e1:
3b:0d:0b:77:72:ca:ae:68:e9:fc:77:35:c3:25:46:e0:30:cc:
7e:85:2e:3b:2b:e1:a5:5c:11:2f:1a:15:c3:21:4a:f0:2d:5e:
7d:93:a1:02:18:dc:fd:5f:b2:9e:da:2a:11:7e:8c:3a:47:13:
27:20:37:a9:5d:29:f2:c7:06:38:6b:22:2a:8c:68:4a:6e:3d:
8e:99:d1:07:2b:4c:21:b2:13:c9:40:6b:90:6c:20:9a:a0:17:
ad:d2:02:a3:0b:75:fe:fd:99:26:76:c1:ae:31:f4:f8:58:84:
96:ec:33:ad:48:77:95:38:ef:14:56:dd:e8:7f:36:3f:e4:3b:
e5:41:90:7a:aa:15:7a:63:35:75:1e:d7:7f:cc:3d:37:cd:67:
9e:20:08:5c:d3:6b:1a:bc:44:9f:99:c6:f1:06:5a:14:f1:56:
1f:f0:bc:fe:b0:13:b9:60:4a:f5:48:c3:c7:a4:39:59:48:1a:
89:0c:55:0d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYfBjMb+8hfXInQbS9ItKaWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwNDI3MDcxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJlY2U3Njk3ZjNhYjAwZjM2ZDRmMzQxZjcyZjY0ZjIwMzU1MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwtEay4we8iXlO1CUdQR2VSz1oLw
1suouMQ94MfLreUMCWLBO9gqlRYWzPE4Bg9wiyCnRbK2lCbQbk9TI2hbvcU8rKeJ
S2+lCJ65OfvQJ5Uo+WjWoqHq43jswHS7X9mAqBE2FUDgANYl9Pm8y5z8yNaIDYKb
4uyUpPHCi49IULUfwJRWNj/YP2WLGFr8lNIhpgZjFb5MwR7yO5YJ82oKECY39cg+
2FtOmdUjmfT6v+HtuUl+yZ5LbeXBFM48RGGyUOVaepna5QkrhCC/ZmVde/rEZGFE
wafLeO4FQnuRQBhJoy5ju1kfLfKA7EtidjSMYBMxX0OGsym/8ORK1O5ZnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIUuznaX86sA821PNB9y9k8gNVDpMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvaFM3T2RwZnpxd0R6YlU4MEgzTDJUeUExVU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAXpgDBAK5
C2QDBAK5jHgDBADCPPsDBAPDleAwDQYJKoZIhvcNAQELBQADggEBAKNABTxLO8w4
0jEIU0JrWcKvLtc/HjUOODdstsf5L65kXZzsIbfbPJSQTYyT50E0wRNLf8Y389fY
2CNsbBPr6o4vIdJV9VkZ4TsNC3dyyq5o6fx3NcMlRuAwzH6FLjsr4aVcES8aFcMh
SvAtXn2ToQIY3P1fsp7aKhF+jDpHEycgN6ldKfLHBjhrIiqMaEpuPY6Z0QcrTCGy
E8lAa5BsIJqgF63SAqMLdf79mSZ2wa4x9PhYhJbsM61Id5U47xRW3eh/Nj/kO+VB
kHqqFXpjNXUe13/MPTfNZ54gCFzTaxq8RJ+ZxvEGWhTxVh/wvP6wE7lgSvVIw8ek
OVlIGokMVQ0=
-----END CERTIFICATE-----
Generated at Wed Aug 16 23:29:03 2023 by rpki-client on console-ams.rpki-client.org