Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hUV8oag3pNR4K2keSd7fpRfUTuY.roa
File: hUV8oag3pNR4K2keSd7fpRfUTuY.roa (raw, json)
Hash identifier: w/WE3HQARVyH6iOuZtXFFRRkLDKO5NUF0DqENoRR1mQ=
Subject key identifier: 85:45:7C:A1:A8:37:A4:D4:78:2B:69:1E:49:DE:DF:A5:17:D4:4E:E6
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018B8C0CE0E4EAFE20688318468B669356BA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hUV8oag3pNR4K2keSd7fpRfUTuY.roa
Signing time: Wed 01 Nov 2023 18:02:16 +0000
ROA not before: Wed 01 Nov 2023 18:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 12:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:0c:e0:e4:ea:fe:20:68:83:18:46:8b:66:93:56:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 1 18:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85457ca1a837a4d4782b691e49dedfa517d44ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8c:d8:cc:8c:f4:ed:a8:aa:76:97:0e:27:1c:
3d:48:01:3f:da:cf:e1:37:b2:02:56:8f:c2:c3:94:
9e:5d:77:72:70:06:fc:3c:90:43:b5:85:c3:83:c3:
1f:a9:a3:69:54:14:37:34:e8:f6:98:0e:d6:f0:b4:
4e:15:0d:1c:86:49:21:04:45:99:a1:51:10:d8:32:
6a:04:51:bf:d2:62:2a:b3:2a:f7:39:03:b7:3e:bc:
17:7b:09:c8:24:78:e3:9b:66:84:65:2b:f5:55:ee:
32:48:d5:78:35:4e:77:c9:3d:8d:5e:6b:15:74:5f:
7d:e4:1a:0a:7d:16:fe:58:2a:1a:8d:ce:44:c0:08:
56:e3:1c:bc:fe:bc:9c:a9:fc:30:c5:fc:fb:0f:32:
e5:93:7b:64:54:d3:1f:b0:8d:ea:25:71:07:b8:1c:
09:ae:fe:a5:13:95:3f:00:d1:8a:18:7e:f3:76:f3:
40:a5:1c:f4:54:b5:01:33:40:f0:23:fd:1d:ac:69:
31:95:ee:dd:43:7a:38:e5:df:e2:59:ca:3b:02:ab:
53:31:76:9b:04:b3:f5:bc:61:39:4d:75:0a:66:39:
5c:9e:5d:4c:9a:31:8e:de:70:90:60:d5:47:21:fb:
4e:42:dc:d8:14:a7:78:d7:61:3c:5e:9d:5c:06:60:
93:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:45:7C:A1:A8:37:A4:D4:78:2B:69:1E:49:DE:DF:A5:17:D4:4E:E6
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hUV8oag3pNR4K2keSd7fpRfUTuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
68:e6:a3:85:a1:63:d1:fd:4e:74:6e:63:f6:19:45:a8:ad:bc:
5c:c1:e0:b7:a6:86:de:a3:4f:d0:83:9f:3f:66:cd:97:0b:58:
08:95:50:44:e0:8b:05:20:ee:21:13:76:4e:64:dc:e8:11:44:
30:07:72:4a:9a:fe:4d:3d:9e:9a:d9:90:78:ed:fa:42:90:26:
42:fc:1c:5c:f6:19:11:11:4e:02:9f:1f:7d:3a:46:6c:48:2e:
f5:87:94:cc:77:19:71:b2:3c:50:16:d2:3a:5d:20:b1:92:a6:
29:ba:f9:60:a6:82:5e:f0:3b:17:94:c9:f4:4f:a9:df:11:8f:
10:b4:ab:b8:0d:72:04:c3:8e:d6:a3:f5:0f:ff:64:be:1b:3a:
a6:bd:1a:20:f5:b6:4c:3c:8c:ad:db:9d:19:05:59:bf:5b:33:
4a:6d:ca:b1:07:92:92:41:d7:de:cf:ee:94:5b:f7:11:9a:72:
bf:ef:33:fc:50:05:0a:f6:ad:30:4e:5b:30:5d:3f:b9:12:5d:
4a:5b:1b:a6:63:03:d0:78:03:fb:64:6e:bd:03:ff:22:93:bd:
7c:94:73:f9:6b:b2:7a:07:bf:70:d3:10:66:5b:c5:e0:a6:f0:
b9:8d:08:5a:44:89:35:23:c8:e2:45:59:a5:80:28:c9:ab:9e:
39:00:12:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuMDODk6v4gaIMYRotmk1a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTAxMTgwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ1N2NhMWE4MzdhNGQ0NzgyYjY5MWU0OWRlZGZhNTE3ZDQ0ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYzYzIz07aiqdpcOJxw9SAE/2s/h
N7ICVo/Cw5SeXXdycAb8PJBDtYXDg8MfqaNpVBQ3NOj2mA7W8LROFQ0chkkhBEWZ
oVEQ2DJqBFG/0mIqsyr3OQO3PrwXewnIJHjjm2aEZSv1Ve4ySNV4NU53yT2NXmsV
dF995BoKfRb+WCoajc5EwAhW4xy8/rycqfwwxfz7DzLlk3tkVNMfsI3qJXEHuBwJ
rv6lE5U/ANGKGH7zdvNApRz0VLUBM0DwI/0drGkxle7dQ3o45d/iWco7AqtTMXab
BLP1vGE5TXUKZjlcnl1MmjGO3nCQYNVHIftOQtzYFKd412E8Xp1cBmCTQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVFfKGoN6TUeCtpHkne36UX1E7mMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaFVWOG9hZzNwTlI0SzJrZVNkN2ZwUmZVVHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXHIoMA0G
CSqGSIb3DQEBCwUAA4IBAQBo5qOFoWPR/U50bmP2GUWorbxcweC3pobeo0/Qg58/
Zs2XC1gIlVBE4IsFIO4hE3ZOZNzoEUQwB3JKmv5NPZ6a2ZB47fpCkCZC/Bxc9hkR
EU4Cnx99OkZsSC71h5TMdxlxsjxQFtI6XSCxkqYpuvlgpoJe8DsXlMn0T6nfEY8Q
tKu4DXIEw47Wo/UP/2S+GzqmvRog9bZMPIyt250ZBVm/WzNKbcqxB5KSQdfez+6U
W/cRmnK/7zP8UAUK9q0wTlswXT+5El1KWxumYwPQeAP7ZG69A/8ik718lHP5a7J6
B79w0xBmW8XgpvC5jQhaRIk1I8jiRVmlgCjJq545ABLL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org