Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Hew53reaECtulIJk8Uz9hlnpqek.roa
File: Hew53reaECtulIJk8Uz9hlnpqek.roa (raw, json)
Hash identifier: Yv+TyTS38n5mR3l3pJMk9Y/AImxcQMlmX4FfbG8MEkA=
Subject key identifier: 1D:EC:39:DE:B7:9A:10:2B:6E:94:82:64:F1:4C:FD:86:59:E9:A9:E9
Certificate issuer: /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial: 01884D75C9146AC7BB80C40773F29A4A82C4
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Hew53reaECtulIJk8Uz9hlnpqek.roa
Signing time: Wed 24 May 2023 11:12:24 +0000
ROA not before: Wed 24 May 2023 11:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21419
IP address blocks: 185.4.3.0/24 maxlen: 24
185.4.1.0/24 maxlen: 24
185.4.2.0/24 maxlen: 24
178.21.164.0/24 maxlen: 24
178.21.166.0/24 maxlen: 24
178.21.163.0/24 maxlen: 24
178.21.160.0/21 maxlen: 21
178.21.167.0/24 maxlen: 26
Validation: Failed, certificate revoked on Sun 28 May 2023 06:58:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:75:c9:14:6a:c7:bb:80:c4:07:73:f2:9a:4a:82:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Validity
Not Before: May 24 11:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dec39deb79a102b6e948264f14cfd8659e9a9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:93:b3:ce:9a:69:3e:0c:c8:8d:c1:18:32:ab:
b3:79:59:b3:d7:06:5a:54:89:25:98:74:02:14:f9:
15:9c:a8:bc:8c:54:8c:88:d6:89:0f:8a:65:cc:1d:
ca:50:bc:1e:d2:82:ba:83:90:60:ac:c4:4c:1e:dd:
61:38:2d:17:bd:70:39:a1:de:c4:a6:a0:ff:f0:2a:
b2:e1:8c:5a:7a:83:46:f8:f4:ef:0e:17:a6:4d:bf:
c6:90:57:a5:43:6c:d7:09:2c:fd:75:72:04:bb:88:
6b:4d:71:a6:cf:52:5f:8f:82:80:55:09:b5:c9:9c:
ca:3b:e3:60:f8:53:0f:95:9e:88:81:9a:6b:fa:a0:
fa:f9:89:21:43:b6:42:1c:7e:0b:ca:d5:83:46:9f:
27:d4:10:1a:ae:c7:05:ce:0a:f5:0a:88:2e:c0:e8:
1a:0e:eb:d2:42:f4:97:23:7e:05:4f:cf:50:b4:7b:
13:d4:48:56:32:c2:1d:7f:49:88:45:4e:70:6b:d4:
7e:4e:70:25:05:6b:29:42:c1:da:ac:13:b6:71:13:
7e:b3:fd:42:ce:10:96:42:66:f0:b0:dc:84:9d:bc:
a3:33:e7:a0:0a:50:70:5d:b7:f1:bf:3b:13:6a:71:
8e:45:ca:d5:46:19:24:df:5b:dc:78:96:91:95:ad:
82:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EC:39:DE:B7:9A:10:2B:6E:94:82:64:F1:4C:FD:86:59:E9:A9:E9
X509v3 Authority Key Identifier:
keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Hew53reaECtulIJk8Uz9hlnpqek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.160.0/21
185.4.1.0-185.4.3.255
Signature Algorithm: sha256WithRSAEncryption
12:00:33:f9:7c:2d:02:bd:74:8d:da:9b:30:5f:9b:99:c3:7e:
ad:71:c1:37:73:cc:aa:36:7d:fc:80:da:0a:8e:3d:63:7b:a0:
bf:18:94:28:0c:5a:3f:8d:f5:3c:bd:35:6b:3f:20:ea:64:fc:
84:d8:31:48:c6:54:1c:6d:60:9e:02:30:3c:9f:7a:da:d5:71:
62:59:37:1d:ce:e9:63:3a:af:36:46:3f:9e:ee:03:b1:02:98:
68:36:dc:8a:50:56:c6:36:08:9c:f7:b1:42:c3:9b:22:07:5c:
51:d1:0b:f9:43:88:85:4c:7a:52:8e:e7:86:23:11:cd:90:b3:
68:df:67:5c:90:2a:2f:c3:06:27:90:af:34:75:94:1d:6a:2f:
68:6d:15:b2:ae:2f:7b:1b:6a:50:c2:b0:3d:f3:ea:fa:e3:ed:
ac:cc:d1:62:02:a3:cd:82:39:34:91:71:70:70:36:2d:48:9b:
29:2f:ae:cd:0a:d7:8d:90:61:84:19:b0:82:76:06:d0:0d:cc:
63:0d:be:2b:f9:ac:a3:57:0f:17:67:e5:16:50:ce:74:a4:45:
a1:1c:f6:91:c0:f9:d1:44:fe:cd:e6:52:25:c1:e8:b3:94:f4:
b9:24:75:9d:d0:fb:9c:3c:46:5f:5b:3d:6b:a1:88:55:c8:69:
34:db:e2:d5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYhNdckUase7gMQHc/KaSoLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjMwNTI0MTExMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVjMzlkZWI3OWExMDJiNmU5NDgyNjRmMTRjZmQ4NjU5ZTlhOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5OzzpppPgzIjcEYMquzeVmz1wZa
VIklmHQCFPkVnKi8jFSMiNaJD4plzB3KULwe0oK6g5BgrMRMHt1hOC0XvXA5od7E
pqD/8Cqy4YxaeoNG+PTvDhemTb/GkFelQ2zXCSz9dXIEu4hrTXGmz1Jfj4KAVQm1
yZzKO+Ng+FMPlZ6IgZpr+qD6+YkhQ7ZCHH4LytWDRp8n1BAarscFzgr1CoguwOga
DuvSQvSXI34FT89QtHsT1EhWMsIdf0mIRU5wa9R+TnAlBWspQsHarBO2cRN+s/1C
zhCWQmbwsNyEnbyjM+egClBwXbfxvzsTanGORcrVRhkk31vceJaRla2CAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB3sOd63mhArbpSCZPFM/YZZ6anpMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvSGV3NTNyZWFFQ3R1bElKazhVejlobG5wcWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBABIAM/l8LQK9dI3amzBfm5nD
fq1xwTdzzKo2ffyA2gqOPWN7oL8YlCgMWj+N9Ty9NWs/IOpk/ITYMUjGVBxtYJ4C
MDyfetrVcWJZNx3O6WM6rzZGP57uA7ECmGg23IpQVsY2CJz3sULDmyIHXFHRC/lD
iIVMelKO54YjEc2Qs2jfZ1yQKi/DBieQrzR1lB1qL2htFbKuL3sbalDCsD3z6vrj
7azM0WICo82COTSRcXBwNi1Imykvrs0K142QYYQZsIJ2BtANzGMNviv5rKNXDxdn
5RZQznSkRaEc9pHA+dFE/s3mUiXB6LOU9LkkdZ3Q+5w8Rl9bPWuhiFXIaTTb4tU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org