Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/hyb1zFYMXobmvN-WDZkRi8q2eso.roa
File: hyb1zFYMXobmvN-WDZkRi8q2eso.roa (raw, json)
Hash identifier: pK8PGcI0Zp87FouV9+lok6vuMxXiik94OzkEsvAPdSc=
Subject key identifier: 87:26:F5:CC:56:0C:5E:86:E6:BC:DF:96:0D:99:11:8B:CA:B6:7A:CA
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018778F73C5F79D4874AFFEEC9E6859C5A26
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/hyb1zFYMXobmvN-WDZkRi8q2eso.roa
Signing time: Thu 13 Apr 2023 04:54:41 +0000
ROA not before: Thu 13 Apr 2023 04:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 192.144.52.0/22 maxlen: 24
185.161.252.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
80.254.232.0/22 maxlen: 24
185.181.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:78:f7:3c:5f:79:d4:87:4a:ff:ee:c9:e6:85:9c:5a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Apr 13 04:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8726f5cc560c5e86e6bcdf960d99118bcab67aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:b7:53:d1:9b:d1:9d:e4:43:65:ba:aa:bf:
16:e9:db:aa:07:42:90:6c:24:c7:da:24:9c:8a:23:
93:21:8d:e6:c8:64:4f:e3:34:87:86:cf:a5:14:68:
a1:50:c2:25:0d:3a:94:9e:2b:0d:97:d9:56:ad:15:
fa:65:a3:95:67:32:4f:b5:df:97:aa:1f:30:72:bf:
31:32:17:6e:48:73:d7:f5:00:e3:aa:11:0f:02:2f:
88:57:34:f7:5b:d3:67:4d:6b:92:2d:29:fd:c4:61:
6c:60:a4:e2:73:57:ea:15:7c:4f:8c:4c:9c:90:f4:
35:51:6b:92:21:c8:3b:5b:c2:8f:1a:f1:d6:d6:dd:
94:5e:e4:5a:31:39:67:4e:28:38:76:c1:47:9e:f8:
a8:8b:7f:14:04:69:4e:88:ca:fd:29:35:a1:fa:08:
81:96:33:63:61:6e:ed:b6:7a:5d:94:95:06:89:a7:
0e:67:4b:64:59:4e:a3:c3:e0:a5:a5:84:19:d1:ee:
aa:db:fd:a7:9c:a6:e1:dc:cb:a3:a1:7a:b6:94:b7:
fc:18:a4:31:a3:6a:5a:c1:d6:fe:ee:92:79:71:2d:
02:d2:fc:1f:5b:c5:f3:84:62:9f:d0:70:71:94:93:
10:1a:63:b2:07:e0:6a:f9:77:40:ef:5a:e1:bd:35:
c8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:26:F5:CC:56:0C:5E:86:E6:BC:DF:96:0D:99:11:8B:CA:B6:7A:CA
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/hyb1zFYMXobmvN-WDZkRi8q2eso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.232.0/22
185.161.252.0/22
185.181.56.0/22
192.144.52.0/22
193.9.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:64:f1:93:18:29:49:0f:3c:bb:42:a4:a4:c8:cb:15:4e:25:
42:13:f1:fd:6a:c7:c6:d1:06:4e:fe:b8:be:cf:f2:13:e6:8d:
cb:51:9b:33:19:b1:2f:1f:1b:06:3b:54:48:3b:b3:6d:54:32:
23:e5:18:c5:97:0b:64:7b:83:fe:8a:52:71:af:50:f6:20:cc:
72:df:56:22:4a:03:ea:7b:d7:f9:22:56:20:ad:f3:2b:b0:ea:
73:21:12:81:e6:1a:ed:c8:ec:e0:c2:6c:13:7c:1a:6c:7c:fc:
f5:92:e7:e6:55:ee:32:3a:a5:91:69:c7:87:be:ea:d9:de:7a:
3d:17:b3:76:00:bb:76:2f:b1:8a:4e:50:15:48:3a:b9:57:9a:
1a:6b:90:5a:25:00:32:c2:34:c1:ad:5f:cf:d9:9c:4e:ea:3a:
b9:86:14:e4:24:d4:46:53:8a:bb:8a:1c:5f:d3:3b:80:05:5a:
b9:ef:fd:cd:b9:30:c2:43:5b:50:65:3c:b7:30:c9:d6:76:63:
62:e6:d7:54:d9:fc:a6:69:26:44:ba:27:ed:53:36:c9:a4:16:
df:41:a3:6d:07:d9:e0:47:ec:f3:44:d8:e2:b5:d9:f0:1c:91:
72:19:03:50:5b:33:8b:79:1f:11:69:72:46:17:16:d3:ec:f5:
1e:ea:d2:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYd49zxfedSHSv/uyeaFnFomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwNDEzMDQ1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI2ZjVjYzU2MGM1ZTg2ZTZiY2RmOTYwZDk5MTE4YmNhYjY3YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5e3U9Gb0Z3kQ2W6qr8W6duqB0KQ
bCTH2iSciiOTIY3myGRP4zSHhs+lFGihUMIlDTqUnisNl9lWrRX6ZaOVZzJPtd+X
qh8wcr8xMhduSHPX9QDjqhEPAi+IVzT3W9NnTWuSLSn9xGFsYKTic1fqFXxPjEyc
kPQ1UWuSIcg7W8KPGvHW1t2UXuRaMTlnTig4dsFHnvioi38UBGlOiMr9KTWh+giB
ljNjYW7ttnpdlJUGiacOZ0tkWU6jw+ClpYQZ0e6q2/2nnKbh3MujoXq2lLf8GKQx
o2pawdb+7pJ5cS0C0vwfW8XzhGKf0HBxlJMQGmOyB+Bq+XdA71rhvTXIkQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIcm9cxWDF6G5rzflg2ZEYvKtnrKMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvaHliMXpGWU1Yb2Jtdk4tV0Raa1JpOHEyZXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVNwAwQC
UP7oAwQCuaH8AwQCubU4AwQCwJA0AwQCwQkoMA0GCSqGSIb3DQEBCwUAA4IBAQAr
ZPGTGClJDzy7QqSkyMsVTiVCE/H9asfG0QZO/ri+z/IT5o3LUZszGbEvHxsGO1RI
O7NtVDIj5RjFlwtke4P+ilJxr1D2IMxy31YiSgPqe9f5IlYgrfMrsOpzIRKB5hrt
yOzgwmwTfBpsfPz1kufmVe4yOqWRaceHvurZ3no9F7N2ALt2L7GKTlAVSDq5V5oa
a5BaJQAywjTBrV/P2ZxO6jq5hhTkJNRGU4q7ihxf0zuABVq57/3NuTDCQ1tQZTy3
MMnWdmNi5tdU2fymaSZEuiftUzbJpBbfQaNtB9ngR+zzRNjitdnwHJFyGQNQWzOL
eR8RaXJGFxbT7PUe6tLC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org