Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/hjI47vEbbNmPgn8gNdzBSuEFrRI.roa
File: hjI47vEbbNmPgn8gNdzBSuEFrRI.roa (raw, json)
Hash identifier: oa6N4ao4LU77+v/g1ebwzHU52dp7E9VDgSVBT4tt9pg=
Subject key identifier: 86:32:38:EE:F1:1B:6C:D9:8F:82:7F:20:35:DC:C1:4A:E1:05:AD:12
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 018ADB2A2620EE8FC4BC2A1AFB4B35C7D8A2
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/hjI47vEbbNmPgn8gNdzBSuEFrRI.roa
Signing time: Thu 28 Sep 2023 09:41:27 +0000
ROA not before: Thu 28 Sep 2023 09:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 194.70.32.0/22 maxlen: 22
194.70.37.0/24 maxlen: 24
194.70.38.0/23 maxlen: 23
194.70.40.0/21 maxlen: 21
194.70.48.0/20 maxlen: 20
212.248.192.0/18 maxlen: 18
194.70.64.0/20 maxlen: 20
195.173.0.0/16 maxlen: 16
212.240.0.0/16 maxlen: 16
195.11.0.0/16 maxlen: 16
194.70.4.0/22 maxlen: 22
194.70.2.0/24 maxlen: 24
194.70.0.0/23 maxlen: 23
194.70.8.0/21 maxlen: 21
194.70.16.0/20 maxlen: 20
194.70.80.0/21 maxlen: 21
194.70.88.0/22 maxlen: 22
194.70.92.0/23 maxlen: 23
194.70.95.0/24 maxlen: 24
194.70.96.0/19 maxlen: 19
194.217.0.0/16 maxlen: 16
194.70.128.0/18 maxlen: 18
194.70.240.0/20 maxlen: 20
194.70.192.0/19 maxlen: 19
194.70.224.0/21 maxlen: 21
194.70.232.0/23 maxlen: 23
194.70.235.0/24 maxlen: 24
194.70.236.0/22 maxlen: 22
194.159.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:2a:26:20:ee:8f:c4:bc:2a:1a:fb:4b:35:c7:d8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: Sep 28 09:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=863238eef11b6cd98f827f2035dcc14ae105ad12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:a1:9d:c7:17:91:81:54:3f:85:6d:5f:4f:
14:aa:50:5f:89:db:4d:c9:29:1e:68:26:ab:33:6e:
7d:23:7a:05:c1:1f:c7:7a:9b:25:3c:18:2a:cf:07:
c0:21:1c:11:22:dc:42:c4:8f:6e:d1:9b:a3:91:b0:
eb:c2:da:d9:9d:78:45:9c:8f:04:97:2f:7a:a6:2b:
5e:a0:9b:dc:5a:2e:e6:43:ad:ca:dc:b1:f6:16:e9:
88:f4:08:8e:d5:57:80:e9:45:31:2b:e9:cf:cb:01:
09:3b:cb:97:15:0c:b8:26:c1:c0:7c:a7:a3:d3:4d:
89:6c:59:83:ca:c8:fd:14:36:0c:ee:98:9b:48:85:
e9:e9:5b:3f:d8:dc:f6:7c:08:da:58:77:00:e4:ae:
71:5f:30:b7:20:05:53:3e:f7:5c:23:28:b3:57:84:
2b:76:89:43:83:ab:b5:9a:57:20:c5:b8:27:36:3b:
0c:2e:bd:f0:8c:78:59:cb:d1:99:a9:23:ec:ad:05:
89:f4:fa:c1:6b:e7:35:35:58:7d:79:65:27:2d:70:
52:06:1c:93:03:53:7f:10:c9:7f:a0:94:1d:5b:e1:
96:36:ee:58:40:e7:a7:9c:3a:a0:ee:8a:e5:2b:19:
76:3d:a9:cd:30:7c:2c:6a:82:a7:8f:bb:68:ae:eb:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:32:38:EE:F1:1B:6C:D9:8F:82:7F:20:35:DC:C1:4A:E1:05:AD:12
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/hjI47vEbbNmPgn8gNdzBSuEFrRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.70.0.0-194.70.2.255
194.70.4.0-194.70.35.255
194.70.37.0-194.70.93.255
194.70.95.0-194.70.233.255
194.70.235.0-194.70.255.255
194.159.0.0/16
194.217.0.0/16
195.11.0.0/16
195.173.0.0/16
212.240.0.0/16
212.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
87:f9:63:da:d2:70:bc:58:bd:f0:03:91:06:17:2a:76:cb:c6:
1e:10:e5:51:99:9e:0f:d0:19:0a:74:28:7b:f0:fc:57:2f:46:
53:59:97:31:cf:ec:31:f4:06:9c:eb:44:4f:2f:d0:08:f6:5c:
c8:ea:82:e5:86:57:e1:d9:7e:9c:d9:db:da:6a:95:ec:de:95:
d1:99:6e:83:71:d2:b4:b2:4e:f4:44:6f:c5:2f:10:0d:da:ca:
ba:80:64:18:b0:f5:1d:d1:ff:48:d5:f1:be:a7:8a:30:60:83:
de:0e:aa:b4:70:d5:4f:e5:14:cb:e1:4c:a0:7d:39:5a:9b:6f:
1b:a8:b0:bf:aa:06:53:91:1e:79:c7:c3:e8:02:bc:72:e3:42:
be:7d:36:a8:f6:29:ef:ea:c1:58:18:28:c6:7b:8c:6a:5a:32:
60:06:f8:ee:90:55:e0:72:ad:bb:7e:a2:a4:a6:cf:8d:51:09:
7c:6d:33:ed:8d:9b:f0:06:b1:28:ed:55:23:e9:c5:c3:db:f0:
08:df:a5:3e:a3:29:c9:74:c5:49:3e:9c:cc:da:8b:29:18:b5:
e0:f7:ec:d2:e3:5b:99:c8:5f:c7:0b:ee:e2:35:18:ac:e2:46:
61:c3:9c:bc:f7:37:ae:e5:82:f2:35:96:bc:41:44:c1:58:85:
66:c0:05:90
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYrbKiYg7o/EvCoa+0s1x9iiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjMwOTI4MDk0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjMyMzhlZWYxMWI2Y2Q5OGY4MjdmMjAzNWRjYzE0YWUxMDVhZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2WhnccXkYFUP4VtX08UqlBfidtN
ySkeaCarM259I3oFwR/HepslPBgqzwfAIRwRItxCxI9u0ZujkbDrwtrZnXhFnI8E
ly96piteoJvcWi7mQ63K3LH2FumI9AiO1VeA6UUxK+nPywEJO8uXFQy4JsHAfKej
002JbFmDysj9FDYM7pibSIXp6Vs/2Nz2fAjaWHcA5K5xXzC3IAVTPvdcIyizV4Qr
dolDg6u1mlcgxbgnNjsMLr3wjHhZy9GZqSPsrQWJ9PrBa+c1NVh9eWUnLXBSBhyT
A1N/EMl/oJQdW+GWNu5YQOennDqg7orlKxl2PanNMHwsaoKnj7toruuCNwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFIYyOO7xG2zZj4J/IDXcwUrhBa0SMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvaGpJNDd2RWJiTm1QZ244Z05kekJTdUVGclJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBpBAIAATBjMAsDAwHCRgME
AMJGAjAMAwQCwkYEAwQCwkYgMAwDBADCRiUDBAHCRlwwDAMEAMJGXwMEAcJG6DAL
AwQAwkbrAwMAwkYDAwDCnwMDAMLZAwMAwwsDAwDDrQMDANTwAwQG1PjAMA0GCSqG
SIb3DQEBCwUAA4IBAQCH+WPa0nC8WL3wA5EGFyp2y8YeEOVRmZ4P0BkKdCh78PxX
L0ZTWZcxz+wx9Aac60RPL9AI9lzI6oLlhlfh2X6c2dvaapXs3pXRmW6DcdK0sk70
RG/FLxAN2sq6gGQYsPUd0f9I1fG+p4owYIPeDqq0cNVP5RTL4UygfTlam28bqLC/
qgZTkR55x8PoArxy40K+fTao9inv6sFYGCjGe4xqWjJgBvjukFXgcq27fqKkps+N
UQl8bTPtjZvwBrEo7VUj6cXD2/AI36U+oynJdMVJPpzM2ospGLXg9+zS41uZyF/H
C+7iNRis4kZhw5y89zeu5YLyNZa8QUTBWIVmwAWQ
-----END CERTIFICATE-----
Generated at Thu Dec 7 21:03:45 2023 by rpki-client on console-fra.rpki-client.org