Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/RHIvg8709qycgD-qPmVrcszvRh8.roa
File: RHIvg8709qycgD-qPmVrcszvRh8.roa (raw, json)
Hash identifier: K2eqcDiq4dk+Lc+HlOFF5DFa2dgFv4wGeuhSkxbejIc=
Subject key identifier: 44:72:2F:83:CE:F4:F6:AC:9C:80:3F:AA:3E:65:6B:72:CC:EF:46:1F
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 0185738FD1AA6C0907E97DE9668127A6D7FB
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/RHIvg8709qycgD-qPmVrcszvRh8.roa
Signing time: Mon 02 Jan 2023 17:38:03 +0000
ROA not before: Mon 02 Jan 2023 17:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47648
IP address blocks: 152.89.188.0/22 maxlen: 24
185.239.196.0/22 maxlen: 24
2a0c:6180::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d1:aa:6c:09:07:e9:7d:e9:66:81:27:a6:d7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Jan 2 17:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44722f83cef4f6ac9c803faa3e656b72ccef461f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:42:a6:c5:02:70:95:32:ea:71:e1:53:25:2f:
89:2a:dc:4e:31:96:25:26:16:52:00:5b:09:5c:24:
10:5b:aa:d2:d0:4d:63:07:f7:1c:e8:ac:51:cf:86:
d1:8a:35:ad:89:df:20:3f:d9:bd:c6:07:08:63:e8:
55:0f:07:b9:03:95:34:b9:25:74:38:23:bb:2f:08:
4c:cc:bc:df:7a:09:80:1f:3c:49:3c:04:0d:1e:18:
94:5d:95:b2:dc:5d:d5:73:df:f1:fe:97:7a:3e:14:
b9:6a:4b:e4:bb:e6:b5:95:cb:32:0c:ee:7b:7a:37:
c4:b8:a2:d0:b9:7c:ef:f1:1d:81:36:52:c9:b6:7d:
ac:6b:77:70:52:36:66:17:d1:fe:1b:de:4a:0b:1e:
56:17:19:de:82:f2:5e:45:99:df:11:55:e4:1a:9c:
62:0f:c1:eb:d4:db:05:15:7e:8e:14:4c:5c:65:2d:
84:30:11:65:ad:ea:15:6c:1d:93:6d:a4:77:94:8a:
23:7a:d7:f6:e3:03:8c:d9:a7:e9:6f:d4:84:10:ba:
6b:8f:19:55:d0:9f:35:86:af:8f:c3:9d:fe:b4:46:
df:26:4d:de:e1:b3:dc:5f:cc:10:45:21:05:90:ba:
0c:69:e8:34:19:87:9d:b1:fa:37:0f:24:7a:63:25:
8e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:72:2F:83:CE:F4:F6:AC:9C:80:3F:AA:3E:65:6B:72:CC:EF:46:1F
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/RHIvg8709qycgD-qPmVrcszvRh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
IPv6:
2a0c:6180::/29
Signature Algorithm: sha256WithRSAEncryption
25:c1:28:e4:61:5b:7b:1f:03:a9:1e:ce:6c:92:01:52:4d:88:
50:6c:98:4a:0a:fc:f6:08:54:dd:e1:03:1c:3e:27:f5:a2:3d:
0f:c2:f9:7d:9f:9c:ef:c2:29:db:16:f3:88:b0:43:35:24:4f:
e7:a5:ca:60:e0:d4:ef:8a:c5:92:48:3c:dd:37:77:1f:b9:53:
80:c0:1f:ca:9c:c2:cc:55:7e:62:64:76:5d:83:04:4f:49:38:
7d:38:3a:2d:6b:85:4b:47:1c:9b:1c:8a:99:69:2b:ef:25:59:
ac:f9:d0:c8:4e:76:0f:68:ce:82:c2:a0:38:07:39:24:21:08:
62:41:aa:9d:b2:d6:00:f3:04:e9:1d:5b:84:5a:57:06:c4:1b:
ed:5f:aa:92:4e:3e:32:7c:32:78:6b:05:78:8f:e4:73:98:97:
4d:72:bc:91:72:86:7c:e1:51:dd:1b:2c:cf:6c:8e:11:65:e6:
30:66:2f:08:dc:29:73:02:b0:f9:e6:6e:3d:4b:79:f4:01:eb:
17:01:a5:2b:22:95:37:d4:2f:3b:79:70:2e:46:d8:ce:0a:7a:
5b:5c:94:98:e3:57:b2:1e:ee:60:5f:3d:9e:01:03:07:c2:b2:
5b:b7:80:e2:d7:f6:14:32:ef:bc:32:c4:5e:ff:71:b7:7d:d1:
d2:22:cd:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzj9GqbAkH6X3pZoEnptf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjMwMTAyMTczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcyMmY4M2NlZjRmNmFjOWM4MDNmYWEzZTY1NmI3MmNjZWY0NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikKmxQJwlTLqceFTJS+JKtxOMZYl
JhZSAFsJXCQQW6rS0E1jB/cc6KxRz4bRijWtid8gP9m9xgcIY+hVDwe5A5U0uSV0
OCO7LwhMzLzfegmAHzxJPAQNHhiUXZWy3F3Vc9/x/pd6PhS5akvku+a1lcsyDO57
ejfEuKLQuXzv8R2BNlLJtn2sa3dwUjZmF9H+G95KCx5WFxnegvJeRZnfEVXkGpxi
D8Hr1NsFFX6OFExcZS2EMBFlreoVbB2TbaR3lIojetf24wOM2afpb9SEELprjxlV
0J81hq+Pw53+tEbfJk3e4bPcX8wQRSEFkLoMaeg0GYedsfo3DyR6YyWOkwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFERyL4PO9PasnIA/qj5la3LM70YfMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvUkhJdmc4NzA5cXljZ0QtcVBtVnJjc3p2Umg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCmFm8AwQC
ue/EMA0EAgACMAcDBQMqDGGAMA0GCSqGSIb3DQEBCwUAA4IBAQAlwSjkYVt7HwOp
Hs5skgFSTYhQbJhKCvz2CFTd4QMcPif1oj0Pwvl9n5zvwinbFvOIsEM1JE/npcpg
4NTvisWSSDzdN3cfuVOAwB/KnMLMVX5iZHZdgwRPSTh9ODota4VLRxybHIqZaSvv
JVms+dDITnYPaM6CwqA4BzkkIQhiQaqdstYA8wTpHVuEWlcGxBvtX6qSTj4yfDJ4
awV4j+RzmJdNcryRcoZ84VHdGyzPbI4RZeYwZi8I3ClzArD55m49S3n0AesXAaUr
IpU31C87eXAuRtjOCnpbXJSY41eyHu5gXz2eAQMHwrJbt4Di1/YUMu+8MsRe/3G3
fdHSIs3i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org