Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/hOp90_6SbeIX-S2NsZEGgShH6fE.roa
File: hOp90_6SbeIX-S2NsZEGgShH6fE.roa (raw, json)
Hash identifier: mzJLYZUb5/BazexOxfeV6l3ns0oFTMgQnFPJ3qGzgw0=
Subject key identifier: 84:EA:7D:D3:FE:92:6D:E2:17:F9:2D:8D:B1:91:06:81:28:47:E9:F1
Certificate issuer: /CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Certificate serial: 018571DE95B863B6C3F25C24A83627A523F0
Authority key identifier: 0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/hOp90_6SbeIX-S2NsZEGgShH6fE.roa
Signing time: Mon 02 Jan 2023 09:44:50 +0000
ROA not before: Mon 02 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209049
IP address blocks: 195.110.176.0/21 maxlen: 24
195.110.183.0/24 maxlen: 24
195.110.180.0/22 maxlen: 24
195.110.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:95:b8:63:b6:c3:f2:5c:24:a8:36:27:a5:23:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Validity
Not Before: Jan 2 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84ea7dd3fe926de217f92d8db19106812847e9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:70:b4:81:e0:d0:00:81:c7:33:bf:5d:41:
f7:4a:4c:bc:32:ca:76:d1:54:dc:6a:ba:05:e7:ca:
63:7c:62:8c:17:5b:96:23:e4:01:86:b7:9b:eb:c9:
6e:dc:65:28:a3:7f:7d:73:87:1e:e0:27:a2:21:c2:
fb:19:45:1d:2e:4a:b2:4e:c9:d3:e5:07:e6:8d:b2:
25:24:0d:4d:88:49:c8:8d:75:4d:43:65:b3:0b:b4:
2e:88:bc:05:21:6c:4f:21:37:11:7e:27:42:12:58:
c1:4b:5a:c0:10:9e:58:c6:65:96:3c:dd:51:17:8c:
0b:40:34:20:9c:79:42:be:55:dd:b4:ae:21:d8:ad:
d8:d2:97:d1:12:05:e3:93:2d:7b:8c:a8:c4:e6:ad:
db:c8:7c:b2:9d:2c:da:a8:f4:05:bc:39:aa:26:d3:
b8:d8:07:ce:82:9e:44:5f:35:1b:e7:75:27:10:0b:
d5:83:f5:e2:8b:d5:67:f5:ef:a0:3f:0a:14:ef:6f:
6c:28:26:64:75:33:6d:f3:7e:69:00:9d:7b:28:ac:
28:1f:17:a2:1e:be:65:19:33:92:7a:d5:1e:99:70:
6a:47:83:44:9e:12:65:69:be:cf:78:2e:3a:56:0e:
4d:a7:ff:e1:44:96:4d:20:f5:f2:fa:d2:dd:05:c7:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EA:7D:D3:FE:92:6D:E2:17:F9:2D:8D:B1:91:06:81:28:47:E9:F1
X509v3 Authority Key Identifier:
keyid:0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/hOp90_6SbeIX-S2NsZEGgShH6fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Dm2P132t49P5bLSZMZSMJymtoN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.176.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:37:34:8f:a7:1a:d9:2b:29:d4:fd:f6:b8:72:84:fa:4b:19:
30:4f:c9:7a:c3:46:04:28:b7:3d:b4:22:aa:e3:9b:d5:dc:05:
1d:40:24:60:82:09:d4:fd:cb:be:5f:01:4a:6e:13:bd:08:0c:
9a:1c:ff:6a:6b:25:56:a2:f1:c6:4d:62:33:21:03:38:20:46:
17:4e:9f:a1:f6:98:e9:1f:59:69:bb:a3:04:34:0d:35:20:d0:
85:6d:6c:98:2f:50:b3:2c:cf:77:e5:cc:2d:b3:a1:ca:18:90:
16:88:21:ab:ce:b3:db:5c:0a:dd:46:f3:d4:36:71:96:13:9c:
8a:81:ad:96:03:27:b7:23:cd:60:7c:d0:2f:85:75:cb:06:68:
cc:01:36:68:c5:06:89:94:0e:4c:c5:4b:1b:c4:a4:5e:d2:c4:
c6:9b:22:8c:46:9c:b4:69:a0:c4:fb:dc:eb:48:98:94:ed:8f:
c9:23:7d:59:75:9f:d7:19:de:fb:5b:b8:6c:b4:d1:8c:98:3e:
4b:4e:57:17:50:8e:d4:c8:49:73:bf:c6:9e:17:b2:21:33:9f:
72:fb:98:e0:f9:0f:3a:16:00:6e:14:ed:2f:97:ff:cd:ba:47:
17:70:a2:0c:df:33:b1:a9:8d:18:d3:61:e9:32:44:44:fe:21:
40:46:d5:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3pW4Y7bD8lwkqDYnpSPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmQ4ZmQ3N2RhZGUzZDNmOTZjYjQ5OTMxOTQ4YzI3Mjlh
ZGEwZGUwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGVhN2RkM2ZlOTI2ZGUyMTdmOTJkOGRiMTkxMDY4MTI4NDdlOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt5wtIHg0ACBxzO/XUH3Sky8Msp2
0VTcaroF58pjfGKMF1uWI+QBhreb68lu3GUoo399c4ce4CeiIcL7GUUdLkqyTsnT
5QfmjbIlJA1NiEnIjXVNQ2WzC7QuiLwFIWxPITcRfidCEljBS1rAEJ5YxmWWPN1R
F4wLQDQgnHlCvlXdtK4h2K3Y0pfREgXjky17jKjE5q3byHyynSzaqPQFvDmqJtO4
2AfOgp5EXzUb53UnEAvVg/Xii9Vn9e+gPwoU729sKCZkdTNt835pAJ17KKwoHxei
Hr5lGTOSetUemXBqR4NEnhJlab7PeC46Vg5Np//hRJZNIPXy+tLdBce0YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITqfdP+km3iF/ktjbGRBoEoR+nxMB8GA1UdIwQY
MBaAFA5tj9d9rePT+Wy0mTGUjCcpraDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEt
YmQzNWMwNDhiOTMwLzEvaE9wOTBfNlNiZUlYLVMyTnNaRUdnU2hINmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEtYmQzNWMwNDhiOTMw
LzEvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw26wMA0G
CSqGSIb3DQEBCwUAA4IBAQCMNzSPpxrZKynU/fa4coT6SxkwT8l6w0YEKLc9tCKq
45vV3AUdQCRgggnU/cu+XwFKbhO9CAyaHP9qayVWovHGTWIzIQM4IEYXTp+h9pjp
H1lpu6MENA01INCFbWyYL1CzLM935cwts6HKGJAWiCGrzrPbXArdRvPUNnGWE5yK
ga2WAye3I81gfNAvhXXLBmjMATZoxQaJlA5MxUsbxKRe0sTGmyKMRpy0aaDE+9zr
SJiU7Y/JI31ZdZ/XGd77W7hstNGMmD5LTlcXUI7UyElzv8aeF7IhM59y+5jg+Q86
FgBuFO0vl//NukcXcKIM3zOxqY0Y02HpMkRE/iFARtXB
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:56 2024 by rpki-client on console-fra.rpki-client.org