Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Hfzcz7caRv2uk-6oG0uvWkfkF7A.roa
File: Hfzcz7caRv2uk-6oG0uvWkfkF7A.roa (raw, json)
Hash identifier: EciBjhpshnlDjaZz+om6poMi0UjSunLR27o1PVx7zJc=
Subject key identifier: 1D:FC:DC:CF:B7:1A:46:FD:AE:93:EE:A8:1B:4B:AF:5A:47:E4:17:B0
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01856ED4E7105253BCF67D303DCCEDE89FFD
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Hfzcz7caRv2uk-6oG0uvWkfkF7A.roa
Signing time: Sun 01 Jan 2023 19:35:24 +0000
ROA not before: Sun 01 Jan 2023 19:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32780
IP address blocks: 146.185.192.0/22 maxlen: 22
5.188.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 13 Jul 2023 12:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:e7:10:52:53:bc:f6:7d:30:3d:cc:ed:e8:9f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 1 19:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfcdccfb71a46fdae93eea81b4baf5a47e417b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0b:03:d6:08:4f:16:02:e8:c2:f5:ec:6e:c5:
fe:a7:5c:12:4d:7b:36:db:2b:de:14:8c:38:32:4b:
8c:38:10:06:47:7e:e8:30:bf:5a:61:30:9a:d7:6b:
a8:10:20:43:35:0f:09:1a:cb:e4:3f:60:4f:b3:a8:
65:5b:04:78:1d:f3:08:a5:12:1a:ae:da:f8:35:ef:
4c:f4:7d:d4:7b:93:38:ba:78:40:65:56:83:5c:ca:
89:c8:52:87:10:b4:f5:68:90:da:41:a1:9a:cf:55:
b1:8f:fb:20:3c:4e:65:36:03:1a:5f:7d:78:f6:16:
26:d3:cf:a5:60:c7:21:44:ea:eb:55:f0:25:89:db:
0d:53:76:9d:71:b9:67:06:5f:99:72:63:c3:cd:0b:
3b:d8:2e:cf:b3:f7:0c:41:24:7d:20:b8:4b:c9:9c:
e1:19:bb:fa:d4:14:0f:c6:2a:58:f5:37:c5:03:ad:
4b:79:cf:c9:86:b4:b0:c0:45:f1:71:3d:41:d8:2d:
c7:ac:be:43:65:75:38:fc:98:dd:72:f2:d4:df:3a:
e6:a7:63:99:5b:de:4f:78:20:c5:8a:98:67:1e:d4:
45:84:68:45:f6:d4:23:7d:01:34:82:15:8d:b3:7c:
8c:c2:35:ba:3e:23:40:ab:71:43:c2:e9:44:4e:c3:
c6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FC:DC:CF:B7:1A:46:FD:AE:93:EE:A8:1B:4B:AF:5A:47:E4:17:B0
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Hfzcz7caRv2uk-6oG0uvWkfkF7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.196.0/22
146.185.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:35:ac:37:65:22:10:8c:75:46:eb:17:35:98:05:e0:1e:0f:
e4:89:70:13:6a:9c:30:a9:95:58:de:4f:fd:58:7c:9d:72:64:
bb:20:b8:fa:a7:6a:ac:91:6c:cb:55:47:a2:1d:2c:74:64:fc:
74:41:a4:8b:2a:01:26:09:70:07:11:56:6f:58:ec:fb:36:ed:
cb:80:95:f7:cb:16:0c:b0:a2:44:ae:fd:54:59:b6:aa:6d:bc:
41:bc:50:4a:aa:54:71:8c:16:d6:a0:4d:1e:d4:25:4c:6e:51:
60:40:20:2f:5e:bf:8a:46:8e:69:be:da:4f:ce:3f:c7:f3:3b:
ec:7a:07:53:cb:fb:3e:47:c6:8b:ce:c2:f7:3f:ed:9f:99:bd:
eb:da:ee:b3:66:50:eb:60:37:1a:77:cd:50:e8:b8:29:3f:07:
c8:5e:34:d8:12:ae:c8:35:0d:b1:2e:7e:dc:be:4f:c1:ab:d8:
bc:8c:ac:a1:37:fc:8e:dd:c0:e8:e6:0f:35:36:99:be:89:0f:
76:b0:ca:72:ba:95:d5:3a:cf:52:bd:ed:76:07:00:59:0d:42:
0c:89:e5:c4:a0:57:70:c7:03:5d:57:d1:93:f7:fd:7e:da:a3:
be:c7:22:08:c4:41:42:a9:54:10:93:d3:45:cd:37:ef:df:2e:
3a:d7:d3:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1OcQUlO89n0wPczt6J/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMwMTAxMTkzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZjZGNjZmI3MWE0NmZkYWU5M2VlYTgxYjRiYWY1YTQ3ZTQxN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAsD1ghPFgLowvXsbsX+p1wSTXs2
2yveFIw4MkuMOBAGR37oML9aYTCa12uoECBDNQ8JGsvkP2BPs6hlWwR4HfMIpRIa
rtr4Ne9M9H3Ue5M4unhAZVaDXMqJyFKHELT1aJDaQaGaz1Wxj/sgPE5lNgMaX314
9hYm08+lYMchROrrVfAlidsNU3adcblnBl+ZcmPDzQs72C7Ps/cMQSR9ILhLyZzh
Gbv61BQPxipY9TfFA61Lec/JhrSwwEXxcT1B2C3HrL5DZXU4/JjdcvLU3zrmp2OZ
W95PeCDFiphnHtRFhGhF9tQjfQE0ghWNs3yMwjW6PiNAq3FDwulETsPGPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB383M+3Gkb9rpPuqBtLr1pH5BewMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvSGZ6Y3o3Y2FSdjJ1ay02b0cwdXZXa2ZrRjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbzEAwQC
krnAMA0GCSqGSIb3DQEBCwUAA4IBAQChNaw3ZSIQjHVG6xc1mAXgHg/kiXATapww
qZVY3k/9WHydcmS7ILj6p2qskWzLVUeiHSx0ZPx0QaSLKgEmCXAHEVZvWOz7Nu3L
gJX3yxYMsKJErv1UWbaqbbxBvFBKqlRxjBbWoE0e1CVMblFgQCAvXr+KRo5pvtpP
zj/H8zvsegdTy/s+R8aLzsL3P+2fmb3r2u6zZlDrYDcad81Q6LgpPwfIXjTYEq7I
NQ2xLn7cvk/Bq9i8jKyhN/yO3cDo5g81Npm+iQ92sMpyupXVOs9Sve12BwBZDUIM
ieXEoFdwxwNdV9GT9/1+2qO+xyIIxEFCqVQQk9NFzTfv3y4619NR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:18 2024 by rpki-client on console-ams.rpki-client.org