Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/H-2ncVg20xGewDq3HHxEELiZZ68.roa
File: H-2ncVg20xGewDq3HHxEELiZZ68.roa (raw, json)
Hash identifier: oDSTyqi6rJ1rxW3l3UVAd6KEGDEsNFYINgEkHrLm5hk=
Subject key identifier: 1F:ED:A7:71:58:36:D3:11:9E:C0:3A:B7:1C:7C:44:10:B8:99:67:AF
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 01856FC291DF342D9404AEC8F334B48DEA77
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/H-2ncVg20xGewDq3HHxEELiZZ68.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12632
IP address blocks: 82.137.12.0/22 maxlen: 22
188.241.252.0/23 maxlen: 23
188.241.252.0/22 maxlen: 24
82.79.114.0/23 maxlen: 23
82.79.119.0/24 maxlen: 24
188.241.254.0/23 maxlen: 23
86.123.114.0/24 maxlen: 24
188.208.136.0/23 maxlen: 23
188.208.136.0/22 maxlen: 24
188.208.138.0/23 maxlen: 23
82.137.8.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:91:df:34:2d:94:04:ae:c8:f3:34:b4:8d:ea:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1feda7715836d3119ec03ab71c7c4410b89967af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:8b:26:bc:f4:f0:e8:d3:1a:3f:64:a3:a5:
79:c5:ac:5e:b3:50:44:d2:92:d3:35:5a:f5:42:4f:
3e:27:5d:a9:6d:0a:d1:4b:1d:39:37:a5:5a:54:0c:
84:9d:57:56:2b:ac:9a:64:59:6d:1d:65:4f:d3:69:
4a:86:f7:95:33:34:04:22:c7:1c:7f:dc:5e:0d:21:
f5:15:80:06:ca:cc:2a:1f:ae:b0:b5:a7:0c:7d:9f:
31:0d:d8:e3:06:fb:37:f9:58:4a:ff:cc:3e:f2:04:
72:ef:f9:f9:ed:57:af:f9:f9:3c:8f:da:1a:57:7e:
e4:bb:d2:46:3f:a0:a2:20:32:e3:19:3e:ca:3c:08:
9c:24:8c:b4:e2:0b:bd:5e:53:bf:94:45:a9:f5:4c:
8a:df:20:17:2f:2f:b4:3b:7e:97:0f:16:46:e6:3d:
1f:54:02:3f:13:f9:b9:74:a2:d1:8b:8a:df:45:c6:
2c:ff:4f:2b:d4:f9:0e:c4:e3:31:6d:49:94:39:4b:
34:48:2d:ca:1a:95:81:fd:49:6c:b4:0f:91:aa:fb:
d2:c2:23:04:c9:c0:63:c3:1f:ed:26:db:75:fa:de:
34:9a:48:c4:28:ee:10:9c:a5:bf:a6:ef:f6:73:46:
58:e4:e1:b0:9d:d4:e4:31:e9:da:84:e2:1c:13:22:
df:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:ED:A7:71:58:36:D3:11:9E:C0:3A:B7:1C:7C:44:10:B8:99:67:AF
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/H-2ncVg20xGewDq3HHxEELiZZ68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.79.114.0/23
82.79.119.0/24
82.137.8.0/21
86.123.114.0/24
188.208.136.0/22
188.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
20:f0:47:82:f0:74:c8:7c:ec:4a:72:0c:57:bd:8a:f4:f9:16:
44:f4:f0:c4:63:0c:42:0d:53:b3:9d:01:72:19:f6:44:fc:1b:
d6:12:6c:62:41:a7:35:68:c1:43:73:6d:e9:e3:d5:52:43:31:
de:32:00:5a:d8:46:b5:81:6f:e1:1d:86:53:34:a6:99:82:24:
b9:cd:7e:e7:68:b9:9d:07:db:15:56:da:8d:26:64:09:2a:b8:
3d:60:bf:71:b4:24:d5:fd:ff:e5:a9:83:33:18:98:f9:c5:74:
3f:d8:ea:f3:00:8f:a9:02:2c:53:34:12:f8:2b:35:21:ed:4d:
5d:ea:3f:2c:b9:c5:df:13:6e:c1:ef:14:9f:4e:54:98:6b:81:
f4:89:2d:12:88:b5:2e:6b:e9:84:18:50:69:2e:9f:d1:a6:bb:
07:c2:7b:be:81:c5:23:24:e7:a3:ae:3e:38:48:7a:71:b4:8e:
db:77:90:63:9a:1a:68:37:49:76:e9:2b:76:04:5e:9b:ff:01:
ef:4e:3f:32:3c:98:db:54:21:dd:22:3f:bb:dc:b0:ee:01:3d:
10:4f:08:16:61:fc:6b:19:51:a0:14:66:d1:71:ef:88:0a:fe:
1e:5c:d9:1a:1b:65:18:0e:d6:1c:e8:d2:22:87:03:23:4b:b9:
75:08:86:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvwpHfNC2UBK7I8zS0jep3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVkYTc3MTU4MzZkMzExOWVjMDNhYjcxYzdjNDQxMGI4OTk2N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze2LJrz08OjTGj9ko6V5xaxes1BE
0pLTNVr1Qk8+J12pbQrRSx05N6VaVAyEnVdWK6yaZFltHWVP02lKhveVMzQEIscc
f9xeDSH1FYAGyswqH66wtacMfZ8xDdjjBvs3+VhK/8w+8gRy7/n57Vev+fk8j9oa
V37ku9JGP6CiIDLjGT7KPAicJIy04gu9XlO/lEWp9UyK3yAXLy+0O36XDxZG5j0f
VAI/E/m5dKLRi4rfRcYs/08r1PkOxOMxbUmUOUs0SC3KGpWB/UlstA+RqvvSwiME
ycBjwx/tJtt1+t40mkjEKO4QnKW/pu/2c0ZY5OGwndTkMenahOIcEyLfAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB/tp3FYNtMRnsA6txx8RBC4mWevMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvSC0ybmNWZzIweEdld0RxM0hIeEVFTGlaWjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUk9yAwQA
Uk93AwQDUokIAwQAVntyAwQCvNCIAwQCvPH8MA0GCSqGSIb3DQEBCwUAA4IBAQAg
8EeC8HTIfOxKcgxXvYr0+RZE9PDEYwxCDVOznQFyGfZE/BvWEmxiQac1aMFDc23p
49VSQzHeMgBa2Ea1gW/hHYZTNKaZgiS5zX7naLmdB9sVVtqNJmQJKrg9YL9xtCTV
/f/lqYMzGJj5xXQ/2OrzAI+pAixTNBL4KzUh7U1d6j8sucXfE27B7xSfTlSYa4H0
iS0SiLUua+mEGFBpLp/RprsHwnu+gcUjJOejrj44SHpxtI7bd5BjmhpoN0l26St2
BF6b/wHvTj8yPJjbVCHdIj+73LDuAT0QTwgWYfxrGVGgFGbRce+ICv4eXNkaG2UY
DtYc6NIihwMjS7l1CIZE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:19 2023 by rpki-client on console-ams.rpki-client.org