Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/97hmcuHKHFLUnuxBd5Z_C1J4y5U.roa
File: 97hmcuHKHFLUnuxBd5Z_C1J4y5U.roa (raw, json)
Hash identifier: JRCXqhPU909fHFJrzFJMsdyVP4QGZycqHbg5WtyDQXU=
Subject key identifier: F7:B8:66:72:E1:CA:1C:52:D4:9E:EC:41:77:96:7F:0B:52:78:CB:95
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 018AEF1C8B92109AF34B3848947F04DD56F3
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/97hmcuHKHFLUnuxBd5Z_C1J4y5U.roa
Signing time: Mon 02 Oct 2023 06:38:59 +0000
ROA not before: Mon 02 Oct 2023 06:38:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.132.186.0/24 maxlen: 24
185.132.187.0/24 maxlen: 24
185.212.206.0/23 maxlen: 24
93.177.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:1c:8b:92:10:9a:f3:4b:38:48:94:7f:04:dd:56:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Oct 2 06:38:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7b86672e1ca1c52d49eec4177967f0b5278cb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:78:92:22:9a:7e:c8:66:1b:cd:ee:77:9e:
f7:9e:33:00:f6:43:4b:47:8c:bc:7e:0a:c9:6c:f8:
99:ad:59:4a:ca:84:f9:98:00:7b:3e:97:c3:8c:fd:
4c:c3:59:1b:d5:0b:af:67:52:d7:cc:23:a5:02:a5:
78:34:77:79:51:36:be:56:ec:ba:64:a5:56:a3:c7:
a5:1e:9d:65:ec:97:6d:db:ca:00:3b:df:42:38:45:
24:42:e7:b2:3d:db:66:de:93:6f:11:cb:1a:70:f6:
0c:0e:67:bc:4d:d7:0c:e5:2f:3c:b5:86:44:7c:8a:
5a:a2:64:1c:d1:72:56:5f:64:59:bc:5f:8c:74:0d:
52:37:1e:ef:f3:e6:e9:1c:b1:82:65:b9:51:09:04:
d5:38:0a:31:96:65:6e:9f:86:b9:d8:b1:63:ac:27:
08:92:38:03:19:e6:86:5c:40:b7:1f:d2:f6:65:87:
bd:da:25:53:cb:a7:8e:3c:18:2a:c4:2f:b7:3d:33:
39:4c:ad:67:7e:48:15:4e:08:6d:01:f4:df:21:45:
13:c5:02:cf:49:5d:8e:d4:ba:f7:00:32:77:ea:f6:
f2:26:37:f7:2f:77:42:e8:45:ba:e1:a5:55:b4:c3:
9c:ad:a1:78:8e:72:7c:82:5c:89:2c:0f:d9:7a:e2:
9a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B8:66:72:E1:CA:1C:52:D4:9E:EC:41:77:96:7F:0B:52:78:CB:95
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/97hmcuHKHFLUnuxBd5Z_C1J4y5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.114.0/23
185.132.186.0/23
185.212.206.0/23
Signature Algorithm: sha256WithRSAEncryption
61:50:d9:2f:92:11:79:f1:b4:06:6f:fc:c2:be:b1:4c:8b:3d:
b8:64:ce:f6:c7:df:02:a1:34:fb:db:98:ad:e0:07:ef:a9:40:
c4:d7:9f:98:19:ad:d3:24:c0:3d:1b:cd:e9:aa:49:de:14:05:
11:a0:13:84:86:b7:b4:d4:b8:1b:a4:6c:26:5f:4b:8f:f4:c7:
d4:57:39:d1:1a:5c:86:e2:29:54:26:df:1a:00:b0:c2:40:40:
7b:86:14:e2:65:1d:81:73:ed:8a:60:dc:8a:5b:8d:ad:bc:4e:
b9:5e:09:f0:48:19:7f:88:be:19:5c:bb:83:b7:b4:a4:f7:6c:
bb:cd:a8:26:4f:27:28:5a:10:4c:e6:25:3f:38:8a:e6:20:f1:
90:bb:70:7c:1e:5f:0d:f9:89:ab:d8:5e:23:a4:91:88:95:0d:
29:05:6b:5b:ba:be:87:60:98:0f:9b:97:25:5c:be:99:cb:f8:
90:a1:29:67:29:13:bc:0a:ba:9d:06:1a:f5:98:2b:8a:ec:f1:
ff:c6:66:55:53:a6:c0:26:b5:25:c5:ea:b0:c5:bf:55:e1:bc:
1a:1a:af:7c:40:2c:3a:32:6c:b4:37:d4:f1:70:ce:64:c3:c7:
32:a4:4c:a7:73:55:24:85:3c:2c:7e:10:6e:f0:72:da:18:a1:
fb:3b:1a:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrvHIuSEJrzSzhIlH8E3VbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMxMDAyMDYzODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I4NjY3MmUxY2ExYzUyZDQ5ZWVjNDE3Nzk2N2YwYjUyNzhjYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj614kiKafshmG83ud573njMA9kNL
R4y8fgrJbPiZrVlKyoT5mAB7PpfDjP1Mw1kb1QuvZ1LXzCOlAqV4NHd5UTa+Vuy6
ZKVWo8elHp1l7Jdt28oAO99COEUkQueyPdtm3pNvEcsacPYMDme8TdcM5S88tYZE
fIpaomQc0XJWX2RZvF+MdA1SNx7v8+bpHLGCZblRCQTVOAoxlmVun4a52LFjrCcI
kjgDGeaGXEC3H9L2ZYe92iVTy6eOPBgqxC+3PTM5TK1nfkgVTghtAfTfIUUTxQLP
SV2O1Lr3ADJ36vbyJjf3L3dC6EW64aVVtMOcraF4jnJ8glyJLA/ZeuKa2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPe4ZnLhyhxS1J7sQXeWfwtSeMuVMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvOTdobWN1SEtIRkxVbnV4QmQ1Wl9DMUo0eTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXbFyAwQB
uYS6AwQBudTOMA0GCSqGSIb3DQEBCwUAA4IBAQBhUNkvkhF58bQGb/zCvrFMiz24
ZM72x98CoTT725it4AfvqUDE15+YGa3TJMA9G83pqkneFAURoBOEhre01LgbpGwm
X0uP9MfUVznRGlyG4ilUJt8aALDCQEB7hhTiZR2Bc+2KYNyKW42tvE65XgnwSBl/
iL4ZXLuDt7Sk92y7zagmTycoWhBM5iU/OIrmIPGQu3B8Hl8N+Ymr2F4jpJGIlQ0p
BWtbur6HYJgPm5clXL6Zy/iQoSlnKRO8CrqdBhr1mCuK7PH/xmZVU6bAJrUlxeqw
xb9V4bwaGq98QCw6Mmy0N9TxcM5kw8cypEync1UkhTwsfhBu8HLaGKH7OxoK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:02 2024 by rpki-client on console-ams.rpki-client.org