Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/hNnmK4813JEhxXiFyQlB00t2zeI.roa
File: hNnmK4813JEhxXiFyQlB00t2zeI.roa (raw, json)
Hash identifier: 38YFTSzNpfMoLpYPE92abiEbVVCc3kyEfuzL3yLzpEg=
Subject key identifier: 84:D9:E6:2B:8F:35:DC:91:21:C5:78:85:C9:09:41:D3:4B:76:CD:E2
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A17C4722D5675688599EB91F1A1825EAC
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/hNnmK4813JEhxXiFyQlB00t2zeI.roa
Signing time: Mon 21 Aug 2023 11:04:24 +0000
ROA not before: Mon 21 Aug 2023 11:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 185.56.212.0/22 maxlen: 24
2a01:4400::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Aug 2023 11:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:c4:72:2d:56:75:68:85:99:eb:91:f1:a1:82:5e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 21 11:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d9e62b8f35dc9121c57885c90941d34b76cde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:c7:b7:f3:62:28:3a:2b:d2:6c:bc:8a:0b:
d2:5a:8d:b4:37:f4:4b:c9:25:e5:fa:af:3c:ae:5c:
02:d5:68:6d:bf:f3:a9:bb:74:46:95:a3:72:8b:ba:
84:a6:e2:e7:2f:9f:d2:42:fe:80:17:60:17:75:dc:
ee:d8:b7:e1:14:c8:31:b4:62:77:7a:31:ac:a2:8a:
74:13:63:43:cf:1b:22:ae:dd:14:de:70:f4:63:17:
75:39:3d:54:d7:54:79:5b:7d:7f:96:ed:f3:7c:6f:
69:5d:0b:09:4f:b9:15:09:aa:b9:4c:30:6b:3b:68:
44:32:c2:cd:bc:75:3c:fd:af:ce:a7:11:b5:e1:99:
f2:0e:cb:29:3e:db:f6:7b:02:68:5a:0f:da:e6:6d:
de:c2:f7:9c:43:3f:97:90:b7:56:42:8a:92:f4:34:
30:de:ec:2d:d7:b4:a8:d3:5a:ca:2d:a1:d2:84:ba:
cc:bd:5b:4b:dd:f8:f2:b0:0f:a6:be:92:1d:07:0c:
75:ec:93:82:e4:a4:10:69:15:37:a0:e2:bb:f6:37:
33:90:51:43:14:14:d9:18:42:a1:63:fb:a9:79:ed:
f2:74:81:ab:f2:6f:43:ee:6a:6b:f4:2f:8c:54:4f:
68:a5:4a:fe:9f:7e:f5:ae:d3:91:e0:58:b5:1a:13:
36:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D9:E6:2B:8F:35:DC:91:21:C5:78:85:C9:09:41:D3:4B:76:CD:E2
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/hNnmK4813JEhxXiFyQlB00t2zeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.212.0/22
IPv6:
2a01:4400::/32
Signature Algorithm: sha256WithRSAEncryption
53:8a:fd:0e:f7:8a:e8:a9:d5:11:3c:4f:9f:aa:76:34:76:a1:
e6:20:bd:32:ce:d6:55:66:9e:58:9e:a7:6e:f3:9c:88:f8:8c:
4e:a6:f6:f1:bc:72:49:6b:67:ea:59:d3:e0:05:1f:ab:f2:10:
e2:38:f8:3f:5a:82:f9:19:be:a5:d6:3b:b1:4a:5b:4c:e9:a0:
d0:01:04:a0:5a:1d:5d:7f:b5:6d:7c:ec:ee:06:22:50:88:73:
f8:dc:ef:74:6c:d4:61:52:f8:6f:f6:22:75:2a:50:8b:12:9a:
d8:e3:6f:11:bd:95:e4:c3:66:3d:90:5d:f8:98:ef:9f:7d:56:
48:20:29:3d:b3:e7:03:3b:f0:c2:8c:5b:0f:2e:d8:8c:f0:f3:
ad:bb:39:21:42:65:bd:7e:fd:bc:34:62:a1:82:5a:85:39:13:
78:a8:0f:7b:85:99:4e:d6:fe:1f:cf:aa:68:fb:05:02:1c:07:
08:b2:82:ba:1d:b8:d3:31:b2:58:f7:eb:a2:f8:e0:8a:c6:80:
e8:f7:34:4c:a8:47:82:90:4f:1d:a8:76:47:95:6a:b3:03:da:
40:f8:5f:4d:3c:c0:32:e2:85:f9:86:34:d9:dc:cb:e3:13:39:
d7:ea:db:9a:75:2b:e9:2e:56:9d:77:3a:d9:c9:94:67:d7:f9:
71:0f:c6:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoXxHItVnVohZnrkfGhgl6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODIxMTEwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ5ZTYyYjhmMzVkYzkxMjFjNTc4ODVjOTA5NDFkMzRiNzZjZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8jHt/NiKDor0my8igvSWo20N/RL
ySXl+q88rlwC1Whtv/Opu3RGlaNyi7qEpuLnL5/SQv6AF2AXddzu2LfhFMgxtGJ3
ejGsoop0E2NDzxsirt0U3nD0Yxd1OT1U11R5W31/lu3zfG9pXQsJT7kVCaq5TDBr
O2hEMsLNvHU8/a/OpxG14ZnyDsspPtv2ewJoWg/a5m3ewvecQz+XkLdWQoqS9DQw
3uwt17So01rKLaHShLrMvVtL3fjysA+mvpIdBwx17JOC5KQQaRU3oOK79jczkFFD
FBTZGEKhY/upee3ydIGr8m9D7mpr9C+MVE9opUr+n371rtOR4Fi1GhM2gQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFITZ5iuPNdyRIcV4hckJQdNLds3iMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvaE5ubUs0ODEzSkVoeFhpRnlRbEIwMHQyemVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTjUMA0E
AgACMAcDBQAqAUQAMA0GCSqGSIb3DQEBCwUAA4IBAQBTiv0O94roqdURPE+fqnY0
dqHmIL0yztZVZp5Ynqdu85yI+IxOpvbxvHJJa2fqWdPgBR+r8hDiOPg/WoL5Gb6l
1juxSltM6aDQAQSgWh1df7VtfOzuBiJQiHP43O90bNRhUvhv9iJ1KlCLEprY428R
vZXkw2Y9kF34mO+ffVZIICk9s+cDO/DCjFsPLtiM8POtuzkhQmW9fv28NGKhglqF
ORN4qA97hZlO1v4fz6po+wUCHAcIsoK6HbjTMbJY9+ui+OCKxoDo9zRMqEeCkE8d
qHZHlWqzA9pA+F9NPMAy4oX5hjTZ3MvjEznX6tuadSvpLladdzrZyZRn1/lxD8bV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:54 2024 by rpki-client on console-ams.rpki-client.org