Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HrO1YGjsjJOsJ7frN56_dOyw_ao.roa
File: HrO1YGjsjJOsJ7frN56_dOyw_ao.roa (raw, json)
Hash identifier: wb1he0OA+/93I9srkh6WWitIuideTPo4B4tKbT+LI3s=
Subject key identifier: 1E:B3:B5:60:68:EC:8C:93:AC:27:B7:EB:37:9E:BF:74:EC:B0:FD:AA
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018C2028E771F0247B4CDE5931F8E764DC19
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HrO1YGjsjJOsJ7frN56_dOyw_ao.roa
Signing time: Thu 30 Nov 2023 12:16:40 +0000
ROA not before: Thu 30 Nov 2023 12:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 185.58.196.0/22 maxlen: 22
185.119.112.0/22 maxlen: 22
212.23.223.0/24 maxlen: 24
195.184.72.0/24 maxlen: 24
45.130.16.0/22 maxlen: 22
193.56.3.0/24 maxlen: 24
46.226.144.0/21 maxlen: 21
194.26.143.0/24 maxlen: 24
195.182.205.0/24 maxlen: 24
193.163.117.0/24 maxlen: 24
193.46.216.0/24 maxlen: 24
185.232.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:28:e7:71:f0:24:7b:4c:de:59:31:f8:e7:64:dc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Nov 30 12:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb3b56068ec8c93ac27b7eb379ebf74ecb0fdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:de:37:19:85:04:18:10:b6:39:58:31:66:
9f:4d:fc:3a:ee:32:88:80:84:08:82:1f:fc:e8:7c:
e0:b9:49:f8:2c:77:51:d0:4a:a2:34:ef:9a:c1:76:
c6:57:e5:fa:f9:81:2b:7b:d9:10:de:8d:93:d5:f3:
0d:e9:34:f7:58:0d:d7:7a:b4:03:92:20:d9:a0:23:
e2:9e:36:0f:7a:f1:fd:a0:97:2b:34:26:61:62:92:
b9:a6:e6:07:42:43:39:56:5d:c7:ed:2c:7e:2c:24:
7f:80:8f:4b:11:be:e7:bb:2e:bd:49:b2:87:29:90:
52:a0:02:39:e0:c1:37:3e:bc:f7:7e:57:72:0c:a5:
6b:a1:b9:07:a8:a0:55:03:23:e4:69:1e:d3:36:fe:
c9:af:6c:90:49:b5:07:03:45:b1:fc:2f:de:57:bf:
4b:77:22:a7:95:24:1d:c7:f5:d4:18:13:13:dc:53:
00:8e:3d:0f:ec:a5:20:e8:c5:88:41:f5:2a:1f:50:
c7:6e:c5:f5:f1:0d:fe:d1:f1:3b:ba:18:d0:19:cd:
06:6e:d0:42:ec:4a:7f:87:a9:49:34:1d:b4:00:91:
4c:24:42:d4:c3:24:e2:4d:0c:41:21:94:93:0d:64:
2b:89:37:36:70:c9:ea:0e:55:4c:57:23:2a:fc:55:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B3:B5:60:68:EC:8C:93:AC:27:B7:EB:37:9E:BF:74:EC:B0:FD:AA
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HrO1YGjsjJOsJ7frN56_dOyw_ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/22
46.226.144.0/21
185.58.196.0/22
185.119.112.0/22
185.232.41.0/24
193.46.216.0/24
193.56.3.0/24
193.163.117.0/24
194.26.143.0/24
195.182.205.0/24
195.184.72.0/24
212.23.223.0/24
Signature Algorithm: sha256WithRSAEncryption
36:22:4e:c8:a5:a9:6e:37:68:83:0c:19:44:1e:10:17:b3:45:
8a:25:c8:3b:0d:f9:93:63:a9:20:15:bd:6b:82:3f:2f:df:0e:
d0:dc:2a:78:23:11:ee:67:21:4e:a1:b6:21:67:c6:db:31:62:
12:3b:a5:e3:7a:17:09:cb:c6:1c:33:47:f0:69:b1:85:c5:62:
6a:69:9a:cb:9b:ce:6a:0a:d2:55:bf:b0:0f:a9:63:48:4f:44:
41:9d:03:29:d9:c9:8b:91:8e:45:7b:51:23:93:e0:ed:0d:20:
c4:f2:00:23:73:cd:f3:ee:80:1f:15:db:fb:99:67:3f:76:cb:
7c:90:39:c8:42:86:02:e4:63:80:49:e2:61:a8:21:43:fd:cd:
13:c1:32:9f:d9:8c:ed:9c:48:21:3a:09:92:e7:e3:e1:15:57:
da:95:4f:50:1f:4b:fd:60:38:0f:c7:13:9a:05:96:86:c1:89:
75:df:72:5d:f9:42:18:06:0e:32:1e:66:1e:49:5b:e3:0a:0b:
1d:49:74:c9:04:ce:56:4f:c2:b7:6d:0e:79:09:c7:08:5e:ef:
90:b0:2a:25:84:f3:63:f2:85:32:03:ba:e4:99:a9:49:7e:24:
ec:ec:3b:de:94:3b:74:f2:dc:7b:b4:fa:29:55:f4:66:95:2e:
8c:87:c5:6e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYwgKOdx8CR7TN5ZMfjnZNwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMxMTMwMTIxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIzYjU2MDY4ZWM4YzkzYWMyN2I3ZWIzNzllYmY3NGVjYjBmZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMreNxmFBBgQtjlYMWafTfw67jKI
gIQIgh/86HzguUn4LHdR0EqiNO+awXbGV+X6+YEre9kQ3o2T1fMN6TT3WA3XerQD
kiDZoCPinjYPevH9oJcrNCZhYpK5puYHQkM5Vl3H7Sx+LCR/gI9LEb7nuy69SbKH
KZBSoAI54ME3Prz3fldyDKVrobkHqKBVAyPkaR7TNv7Jr2yQSbUHA0Wx/C/eV79L
dyKnlSQdx/XUGBMT3FMAjj0P7KUg6MWIQfUqH1DHbsX18Q3+0fE7uhjQGc0GbtBC
7Ep/h6lJNB20AJFMJELUwyTiTQxBIZSTDWQriTc2cMnqDlVMVyMq/FXyMwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB6ztWBo7IyTrCe36zeev3TssP2qMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvSHJPMVlHanNqSk9zSjdmck41Nl9kT3l3X2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLYIQAwQD
LuKQAwQCuTrEAwQCuXdwAwQAuegpAwQAwS7YAwQAwTgDAwQAwaN1AwQAwhqPAwQA
w7bNAwQAw7hIAwQA1BffMA0GCSqGSIb3DQEBCwUAA4IBAQA2Ik7IpaluN2iDDBlE
HhAXs0WKJcg7DfmTY6kgFb1rgj8v3w7Q3Cp4IxHuZyFOobYhZ8bbMWISO6XjehcJ
y8YcM0fwabGFxWJqaZrLm85qCtJVv7APqWNIT0RBnQMp2cmLkY5Fe1Ejk+DtDSDE
8gAjc83z7oAfFdv7mWc/dst8kDnIQoYC5GOASeJhqCFD/c0TwTKf2YztnEghOgmS
5+PhFVfalU9QH0v9YDgPxxOaBZaGwYl133Jd+UIYBg4yHmYeSVvjCgsdSXTJBM5W
T8K3bQ55CccIXu+QsColhPNj8oUyA7rkmalJfiTs7DvelDt08tx7tPopVfRmlS6M
h8Vu
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:20 2024 by rpki-client on console-fra.rpki-client.org