Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/hnw7jAd6JotYQzi4XKjkTn1vfB0.roa
File: hnw7jAd6JotYQzi4XKjkTn1vfB0.roa (raw, json)
Hash identifier: b/0o4CDZS8gLgi6fpHSkOnWneS6MduFGzjI6Lnl8zfg=
Subject key identifier: 86:7C:3B:8C:07:7A:26:8B:58:43:38:B8:5C:A8:E4:4E:7D:6F:7C:1D
Certificate issuer: /CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Certificate serial: 018CC424F2607F4FECBB6D24339688FF946C
Authority key identifier: 43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/hnw7jAd6JotYQzi4XKjkTn1vfB0.roa
Signing time: Mon 01 Jan 2024 08:30:04 +0000
ROA not before: Mon 01 Jan 2024 08:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39498
IP address blocks: 185.122.245.0/24 maxlen: 24
185.122.246.0/23 maxlen: 23
185.122.244.0/24 maxlen: 24
185.122.244.0/23 maxlen: 23
185.122.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 14:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f2:60:7f:4f:ec:bb:6d:24:33:96:88:ff:94:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Validity
Not Before: Jan 1 08:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=867c3b8c077a268b584338b85ca8e44e7d6f7c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:ad:69:4d:4e:6e:d0:1b:ae:01:97:db:f1:
45:01:e7:75:c8:1d:2d:24:47:27:dd:b3:aa:c9:4c:
dc:5b:83:ee:20:a1:75:9b:2c:00:bc:59:7f:7e:9f:
98:94:68:aa:4e:78:a3:44:a1:1a:58:36:cf:da:1b:
36:cb:4c:3a:b0:53:ba:2c:d6:4e:45:65:6d:d0:4f:
0f:df:05:c2:e7:02:6e:cb:c7:89:49:e2:2a:f6:1d:
0c:9e:c5:a2:59:21:e0:2a:09:d3:c8:d0:20:e0:86:
52:15:3f:5e:6b:f1:9a:38:79:05:c5:a4:0c:8c:95:
84:1a:9b:5c:0c:d9:a3:a1:13:ec:4d:02:32:aa:3c:
78:48:35:54:9a:02:92:01:28:8a:c7:11:74:cd:4c:
0c:76:59:01:cd:1d:2a:1f:b0:50:6f:07:b3:d4:fe:
1a:45:0e:c0:4a:95:be:5c:1b:ea:78:32:30:58:9b:
5e:81:af:cf:e3:99:90:cb:08:e5:0e:61:74:7f:fd:
48:41:a0:1c:e1:c7:f9:ea:71:a9:bc:4e:93:17:94:
ee:ba:d9:bd:4e:24:98:9b:f0:a6:a9:e0:01:89:38:
38:5b:eb:dc:2c:9c:4d:e5:8a:fa:15:5e:2c:8a:88:
b5:42:b0:d5:da:15:5d:de:41:6c:d8:64:78:15:7a:
a8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7C:3B:8C:07:7A:26:8B:58:43:38:B8:5C:A8:E4:4E:7D:6F:7C:1D
X509v3 Authority Key Identifier:
keyid:43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/hnw7jAd6JotYQzi4XKjkTn1vfB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:66:e8:8a:06:7c:39:51:f5:ff:37:78:b0:74:9d:24:e2:bd:
06:ee:79:96:b9:22:0b:ec:73:ce:4a:a7:44:83:89:90:65:e6:
ec:93:24:40:44:43:9d:25:7d:d9:7c:c2:5b:48:f1:4f:44:a0:
f9:7b:63:39:73:e4:d1:d4:41:70:75:b0:6c:5f:61:ee:02:92:
ea:2f:93:9f:0c:b9:46:2e:19:d2:d1:7b:b3:88:06:e4:94:1e:
b6:3a:ad:19:82:bf:7a:18:1b:85:20:c2:5f:f8:b8:62:a7:24:
a4:41:01:2a:13:e0:77:97:49:99:2a:67:75:e2:1c:37:f9:58:
67:13:37:99:a0:33:b5:f1:8e:da:b5:f3:b6:2a:24:32:f0:74:
24:68:c1:71:68:10:e1:66:0a:77:9c:d1:91:a9:a1:ba:93:37:
b9:aa:a7:17:83:5c:7d:84:25:3c:7e:98:80:ab:5c:8b:93:c3:
22:be:72:de:b2:47:2b:d4:db:e2:d8:7d:73:59:55:a6:4c:8d:
07:7b:6c:c6:89:43:e3:55:b4:eb:9a:84:cf:85:ea:3b:94:02:
82:08:d0:c5:80:5b:15:28:43:1c:ed:c6:15:3f:d1:ba:de:ce:
76:b5:da:84:8e:33:47:fc:e0:ba:2c:93:40:a5:da:ad:53:08:
de:d5:50:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJPJgf0/su20kM5aI/5RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVmZTE2ZWM2YzAwZmQ0NWI1ZDkxOGQ5YjE3MmFjZDBh
NThkOTYwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdjM2I4YzA3N2EyNjhiNTg0MzM4Yjg1Y2E4ZTQ0ZTdkNmY3YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuetaU1ObtAbrgGX2/FFAed1yB0t
JEcn3bOqyUzcW4PuIKF1mywAvFl/fp+YlGiqTnijRKEaWDbP2hs2y0w6sFO6LNZO
RWVt0E8P3wXC5wJuy8eJSeIq9h0MnsWiWSHgKgnTyNAg4IZSFT9ea/GaOHkFxaQM
jJWEGptcDNmjoRPsTQIyqjx4SDVUmgKSASiKxxF0zUwMdlkBzR0qH7BQbwez1P4a
RQ7ASpW+XBvqeDIwWJtega/P45mQywjlDmF0f/1IQaAc4cf56nGpvE6TF5Tuutm9
TiSYm/CmqeABiTg4W+vcLJxN5Yr6FV4sioi1QrDV2hVd3kFs2GR4FXqo5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZ8O4wHeiaLWEM4uFyo5E59b3wdMB8GA1UdIwQY
MBaAFEMu/hbsbAD9RbXZGNmxcqzQpY2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWIt
ZjM4OWE1MjY5ZmIyLzEvaG53N2pBZDZKb3RZUXppNFhLamtUbjF2ZkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWItZjM4OWE1MjY5ZmIy
LzEvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXr0MA0G
CSqGSIb3DQEBCwUAA4IBAQCOZuiKBnw5UfX/N3iwdJ0k4r0G7nmWuSIL7HPOSqdE
g4mQZebskyRAREOdJX3ZfMJbSPFPRKD5e2M5c+TR1EFwdbBsX2HuApLqL5OfDLlG
LhnS0XuziAbklB62Oq0Zgr96GBuFIMJf+LhipySkQQEqE+B3l0mZKmd14hw3+Vhn
EzeZoDO18Y7atfO2KiQy8HQkaMFxaBDhZgp3nNGRqaG6kze5qqcXg1x9hCU8fpiA
q1yLk8MivnLeskcr1Nvi2H1zWVWmTI0He2zGiUPjVbTrmoTPheo7lAKCCNDFgFsV
KEMc7cYVP9G63s52tdqEjjNH/OC6LJNApdqtUwje1VC7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:35 2024 by rpki-client on console-fra.rpki-client.org