Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/hrpSxAlXi_T_HPp0R-9U0DIdUpk.roa
File: hrpSxAlXi_T_HPp0R-9U0DIdUpk.roa (raw, json)
Hash identifier: fz1U1RuzW/jO/SYEJEuyenSiBJ3MoS0UDUNeZVTWQYs=
Subject key identifier: 86:BA:52:C4:09:57:8B:F4:FF:1C:FA:74:47:EF:54:D0:32:1D:52:99
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 0187930EED8B3926E06F1A02D443DA93257E
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/hrpSxAlXi_T_HPp0R-9U0DIdUpk.roa
Signing time: Tue 18 Apr 2023 06:30:41 +0000
ROA not before: Tue 18 Apr 2023 06:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.132.186.0/24 maxlen: 24
185.132.187.0/24 maxlen: 24
185.212.206.0/23 maxlen: 24
185.212.204.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:0e:ed:8b:39:26:e0:6f:1a:02:d4:43:da:93:25:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Apr 18 06:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86ba52c409578bf4ff1cfa7447ef54d0321d5299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ab:84:f4:a0:2d:34:e5:af:31:41:b2:92:12:
99:e2:37:de:0e:9d:6f:9d:d6:4f:8b:67:58:6c:76:
66:f3:85:51:88:10:cf:eb:ea:1c:04:e9:0c:8d:49:
27:a4:78:c2:15:cd:04:5f:5f:1c:98:97:cf:08:2f:
fc:cf:20:04:5c:62:cb:22:70:ad:52:ff:72:c2:8a:
01:6f:3d:7c:66:e4:4a:a5:f1:d9:d0:f9:da:89:55:
94:68:6a:4b:ee:9a:18:12:3f:f1:d0:ea:45:d8:68:
a8:65:49:62:b6:77:d8:0f:c0:96:e6:ff:c3:e2:87:
12:f8:53:c8:18:93:52:c3:7e:be:15:97:37:ab:e2:
b3:84:f1:50:24:b1:4e:14:19:a4:08:6d:c1:c4:2d:
c4:8c:10:bc:72:45:e1:c7:30:6a:20:44:5d:47:f7:
87:7a:36:54:ab:c7:db:6c:e9:63:d4:2d:dc:17:e2:
26:39:8b:28:8f:ab:c9:6c:f4:bd:5d:a7:a8:88:15:
a8:40:df:0b:f1:2f:91:b4:a4:fb:f1:28:57:f7:df:
b7:a2:32:fe:da:b9:8f:69:fe:5d:74:63:55:51:0e:
c6:80:19:76:3f:c9:1c:2d:e4:3b:2d:3f:ba:60:8e:
a8:83:3f:37:be:09:25:6d:36:c9:ee:57:a3:35:d5:
3a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BA:52:C4:09:57:8B:F4:FF:1C:FA:74:47:EF:54:D0:32:1D:52:99
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/hrpSxAlXi_T_HPp0R-9U0DIdUpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.186.0/23
185.212.204.0/22
Signature Algorithm: sha256WithRSAEncryption
57:d8:83:bd:ab:1c:54:f0:94:2f:bb:f3:7d:c0:d5:c3:0b:3f:
94:0f:9a:c3:82:f9:9d:a8:3b:76:72:ae:57:83:4b:46:71:03:
c7:e6:98:4e:0e:fc:ba:c0:64:cd:07:29:12:6f:20:75:52:16:
57:69:7f:17:b5:78:5a:34:7a:3c:7c:8a:b1:17:aa:8f:5c:b2:
7d:7a:91:18:7e:dc:f2:08:ee:03:56:85:5f:64:fa:5f:3b:77:
54:3d:02:42:05:4d:e6:c4:5f:9a:3f:36:4b:82:a8:d8:4f:1e:
d2:e8:7c:4e:c1:0d:73:4c:bd:66:bf:cc:09:a6:5c:67:74:7f:
7f:7f:f8:b4:14:36:5e:0a:cd:71:cd:4f:eb:fa:de:f9:c7:ba:
df:69:78:c0:eb:ec:3e:4a:0f:cb:00:c8:37:36:46:21:4b:17:
6e:2c:32:18:59:28:4a:63:34:74:f3:8c:3d:6c:1a:b2:fb:6d:
36:e9:db:db:1f:98:4a:f7:d7:95:35:10:26:a8:47:52:94:51:
e9:9d:0f:00:e0:2e:1c:ae:d7:a0:ba:77:a5:b8:54:12:2d:f4:
c7:00:f0:e1:24:a0:ee:71:65:fe:1b:71:76:8f:58:84:6d:6c:
35:b9:3d:f2:86:3d:4c:ec:cf:05:f1:8e:26:fd:ce:da:0f:16:
3a:18:1d:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeTDu2LOSbgbxoC1EPakyV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMwNDE4MDYzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJhNTJjNDA5NTc4YmY0ZmYxY2ZhNzQ0N2VmNTRkMDMyMWQ1Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiquE9KAtNOWvMUGykhKZ4jfeDp1v
ndZPi2dYbHZm84VRiBDP6+ocBOkMjUknpHjCFc0EX18cmJfPCC/8zyAEXGLLInCt
Uv9ywooBbz18ZuRKpfHZ0PnaiVWUaGpL7poYEj/x0OpF2GioZUlitnfYD8CW5v/D
4ocS+FPIGJNSw36+FZc3q+KzhPFQJLFOFBmkCG3BxC3EjBC8ckXhxzBqIERdR/eH
ejZUq8fbbOlj1C3cF+ImOYsoj6vJbPS9XaeoiBWoQN8L8S+RtKT78ShX99+3ojL+
2rmPaf5ddGNVUQ7GgBl2P8kcLeQ7LT+6YI6ogz83vgklbTbJ7lejNdU6jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIa6UsQJV4v0/xz6dEfvVNAyHVKZMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvaHJwU3hBbFhpX1RfSFBwMFItOVUwRElkVXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYS6AwQC
udTMMA0GCSqGSIb3DQEBCwUAA4IBAQBX2IO9qxxU8JQvu/N9wNXDCz+UD5rDgvmd
qDt2cq5Xg0tGcQPH5phODvy6wGTNBykSbyB1UhZXaX8XtXhaNHo8fIqxF6qPXLJ9
epEYftzyCO4DVoVfZPpfO3dUPQJCBU3mxF+aPzZLgqjYTx7S6HxOwQ1zTL1mv8wJ
plxndH9/f/i0FDZeCs1xzU/r+t75x7rfaXjA6+w+Sg/LAMg3NkYhSxduLDIYWShK
YzR084w9bBqy+2026dvbH5hK99eVNRAmqEdSlFHpnQ8A4C4crteguneluFQSLfTH
APDhJKDucWX+G3F2j1iEbWw1uT3yhj1M7M8F8Y4m/c7aDxY6GB1E
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:39 2023 by rpki-client on console-ams.rpki-client.org