Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/HqW2Dr4Rxn4lX--YFHhboqpA-lo.roa
File: HqW2Dr4Rxn4lX--YFHhboqpA-lo.roa (raw, json)
Hash identifier: yzvNF7WJzd5TLhX3veDf6Iv9OJy9uwrucAQB2xTo5qE=
Subject key identifier: 1E:A5:B6:0E:BE:11:C6:7E:25:5F:EF:98:14:78:5B:A2:AA:40:FA:5A
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 01857322128A2B1569C716F435379D03D84A
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/HqW2Dr4Rxn4lX--YFHhboqpA-lo.roa
Signing time: Mon 02 Jan 2023 15:38:10 +0000
ROA not before: Mon 02 Jan 2023 15:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209927
IP address blocks: 92.118.133.0/24 maxlen: 24
92.118.132.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:12:8a:2b:15:69:c7:16:f4:35:37:9d:03:d8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ea5b60ebe11c67e255fef9814785ba2aa40fa5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8e:56:bd:93:76:c6:cf:af:80:0b:f1:cd:51:
2c:b0:28:dc:d3:ee:c3:58:a9:a5:c5:84:bd:12:c6:
51:d2:fd:f3:45:07:cb:6e:69:23:e3:81:d8:55:4f:
b7:42:d7:83:3e:bd:d8:d3:77:fd:ed:65:b4:a8:53:
a1:49:e5:58:2e:23:a2:05:a4:2a:21:25:72:14:a5:
ca:8a:89:28:ef:b9:29:ae:55:59:4f:1d:dd:af:93:
2c:b6:d2:3d:f6:cf:d8:77:37:70:92:33:03:da:d5:
06:55:91:fd:18:8a:e3:da:a0:2e:4c:e9:b2:92:d8:
f6:75:69:8f:af:5d:74:f0:c6:1f:46:e7:ab:09:cc:
d6:31:37:7b:f2:fa:14:f5:99:47:de:78:8e:1e:2c:
3a:c9:6c:a8:19:01:3e:c0:6f:01:50:28:50:cf:18:
28:d4:72:f6:9e:96:5e:75:16:67:d4:fc:ad:a7:21:
70:2d:42:0f:6c:ab:4a:58:08:a3:e6:28:6a:05:c5:
fc:a3:fc:6d:f5:53:6a:70:75:c4:43:95:0b:04:fe:
39:e1:5c:41:3b:a2:54:13:57:84:22:0f:0d:e4:dd:
51:a4:27:67:b2:da:ba:c7:b5:26:4f:6b:e1:57:00:
53:db:4a:90:7d:93:12:25:ac:25:36:13:a3:dd:a5:
f7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A5:B6:0E:BE:11:C6:7E:25:5F:EF:98:14:78:5B:A2:AA:40:FA:5A
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/HqW2Dr4Rxn4lX--YFHhboqpA-lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.132.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:50:d6:c6:57:17:2f:22:5f:30:b9:ae:a0:2d:7c:ef:9a:e0:
cf:90:f4:d4:02:80:ae:e1:08:ef:04:4b:f2:8b:b8:32:ea:2e:
e8:6f:82:60:cc:e8:55:94:87:52:86:34:30:8f:21:45:89:f4:
82:d1:8a:1f:70:5f:65:a5:b6:53:ce:58:a2:4f:2e:4e:79:c8:
fc:76:0c:f2:f1:66:ad:0b:2f:b9:38:1b:63:85:93:11:9b:58:
3e:c5:a3:d9:6a:a6:0e:0a:1d:85:b3:f0:d3:af:00:bc:20:d7:
f7:a6:95:e0:b3:88:9b:e7:f3:a6:b0:e2:b5:09:40:88:5c:9e:
46:e2:dd:34:0a:14:e7:90:bf:50:66:36:f9:90:9c:61:02:f2:
56:59:75:7c:85:7e:8f:cf:dd:0d:98:5c:5c:a5:71:0c:c1:50:
19:3e:05:69:95:77:d1:b5:63:54:d9:6a:cc:cc:dd:d3:3e:ab:
c9:70:9b:9c:ca:71:cd:fa:1c:b5:af:e7:68:6e:04:1d:83:36:
ec:e7:88:99:cd:96:ad:66:da:3f:55:a7:78:0f:05:25:85:9b:
85:dd:0c:7a:2b:f9:8e:b3:43:81:fb:bc:02:1f:1d:f9:43:63:
13:a2:fc:47:5c:4d:bb:a8:a6:55:16:e1:35:c5:34:5f:86:d5:
42:79:87:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIhKKKxVpxxb0NTedA9hKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE1YjYwZWJlMTFjNjdlMjU1ZmVmOTgxNDc4NWJhMmFhNDBmYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY5WvZN2xs+vgAvxzVEssCjc0+7D
WKmlxYS9EsZR0v3zRQfLbmkj44HYVU+3QteDPr3Y03f97WW0qFOhSeVYLiOiBaQq
ISVyFKXKioko77kprlVZTx3dr5MsttI99s/YdzdwkjMD2tUGVZH9GIrj2qAuTOmy
ktj2dWmPr1108MYfRuerCczWMTd78voU9ZlH3niOHiw6yWyoGQE+wG8BUChQzxgo
1HL2npZedRZn1PytpyFwLUIPbKtKWAij5ihqBcX8o/xt9VNqcHXEQ5ULBP454VxB
O6JUE1eEIg8N5N1RpCdnstq6x7UmT2vhVwBT20qQfZMSJawlNhOj3aX3OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6ltg6+EcZ+JV/vmBR4W6KqQPpaMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvSHFXMkRyNFJ4bjRsWC0tWUZIaGJvcXBBLWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXHaEMA0G
CSqGSIb3DQEBCwUAA4IBAQCaUNbGVxcvIl8wua6gLXzvmuDPkPTUAoCu4QjvBEvy
i7gy6i7ob4JgzOhVlIdShjQwjyFFifSC0YofcF9lpbZTzliiTy5Oecj8dgzy8Wat
Cy+5OBtjhZMRm1g+xaPZaqYOCh2Fs/DTrwC8INf3ppXgs4ib5/OmsOK1CUCIXJ5G
4t00ChTnkL9QZjb5kJxhAvJWWXV8hX6Pz90NmFxcpXEMwVAZPgVplXfRtWNU2WrM
zN3TPqvJcJucynHN+hy1r+dobgQdgzbs54iZzZatZto/Vad4DwUlhZuF3Qx6K/mO
s0OB+7wCHx35Q2MTovxHXE27qKZVFuE1xTRfhtVCeYdG
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:17 2024 by rpki-client on console-fra.rpki-client.org