Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/304c76-9960-4979-860c-89a68e5a2110/1/hIaLyW9uc3twywVNPTGSwiACf5I.roa
File: hIaLyW9uc3twywVNPTGSwiACf5I.roa (raw, json)
Hash identifier: Oh6IVaziWhsf/eKfSQfoct1nO6RJE09/+cLE5huDR0I=
Subject key identifier: 84:86:8B:C9:6F:6E:73:7B:70:CB:05:4D:3D:31:92:C2:20:02:7F:92
Certificate issuer: /CN=9d89e7c53e92479df81171ebaaf2360a037c3248
Certificate serial: 01856F9DEC27E3A204D411BB7BEB947CF669
Authority key identifier: 9D:89:E7:C5:3E:92:47:9D:F8:11:71:EB:AA:F2:36:0A:03:7C:32:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYnnxT6SR534EXHrqvI2CgN8Mkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/304c76-9960-4979-860c-89a68e5a2110/1/hIaLyW9uc3twywVNPTGSwiACf5I.roa
Signing time: Sun 01 Jan 2023 23:14:58 +0000
ROA not before: Sun 01 Jan 2023 23:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209923
IP address blocks: 213.190.8.0/24 maxlen: 24
213.190.11.0/24 maxlen: 24
213.190.8.0/22 maxlen: 22
213.190.8.0/23 maxlen: 23
213.190.9.0/24 maxlen: 24
213.190.10.0/24 maxlen: 24
213.190.10.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ec:27:e3:a2:04:d4:11:bb:7b:eb:94:7c:f6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d89e7c53e92479df81171ebaaf2360a037c3248
Validity
Not Before: Jan 1 23:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84868bc96f6e737b70cb054d3d3192c220027f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:06:dd:84:f4:10:e3:0c:fc:11:2e:f1:b1:55:
2a:09:02:4d:49:46:32:28:15:47:2f:f4:23:44:23:
a2:75:8d:05:54:c3:d0:59:22:c3:f1:66:ee:56:22:
e4:4b:28:9c:98:19:fd:41:f2:7b:fa:70:d2:35:71:
b6:aa:6e:1d:a2:dd:8e:29:d4:b2:99:bb:b3:72:61:
d6:34:94:22:82:6c:48:4c:6b:52:4c:02:d7:2d:c6:
ed:62:a5:64:66:ea:05:33:0f:d1:70:98:23:0f:f6:
d3:93:ae:a4:16:29:50:5a:82:ca:00:19:54:e1:bd:
1c:8a:d1:71:3a:a9:6f:96:1d:9c:58:4b:c5:df:04:
c7:45:6e:b4:64:dd:e9:19:95:12:70:7b:7d:6b:af:
e6:18:da:e3:74:05:cf:b8:2b:d5:e7:89:8b:3a:80:
ec:64:2d:34:e9:9b:af:9e:a1:57:4f:7c:39:7c:5a:
55:cc:82:f5:31:be:b7:28:99:01:ef:38:63:cc:71:
4e:2a:6c:19:fd:8e:96:ad:5e:c3:c3:dc:a2:70:d0:
66:1e:12:ba:70:57:78:e4:e7:f3:7b:63:da:c4:ef:
e9:39:1e:f8:bc:52:51:d4:c8:1a:47:ec:f8:75:54:
f1:b0:64:52:f3:aa:0d:5c:a7:cf:09:76:6e:55:94:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:86:8B:C9:6F:6E:73:7B:70:CB:05:4D:3D:31:92:C2:20:02:7F:92
X509v3 Authority Key Identifier:
keyid:9D:89:E7:C5:3E:92:47:9D:F8:11:71:EB:AA:F2:36:0A:03:7C:32:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYnnxT6SR534EXHrqvI2CgN8Mkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/304c76-9960-4979-860c-89a68e5a2110/1/hIaLyW9uc3twywVNPTGSwiACf5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/304c76-9960-4979-860c-89a68e5a2110/1/nYnnxT6SR534EXHrqvI2CgN8Mkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.190.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:e5:93:20:01:09:70:d1:c1:46:d0:01:f1:db:3b:86:44:21:
a6:f7:bc:c2:42:0e:46:d7:4a:13:10:4a:20:ea:5a:af:76:93:
65:cf:65:ef:2d:39:fd:01:fd:dd:1a:c1:0b:22:28:06:39:8a:
80:2c:43:70:4d:48:49:8c:2f:de:3e:a1:d7:ae:bb:dd:81:1b:
2f:b5:11:79:34:d2:7f:e3:8f:4e:2f:de:ff:60:89:05:07:d5:
a7:75:c0:5a:25:76:3a:28:61:d2:f6:30:e3:de:47:f2:f6:b0:
d2:ed:4e:9c:17:2a:ce:c3:5b:2b:2c:f0:55:5d:f9:9a:d9:45:
53:c1:b8:b8:03:68:57:4c:c0:3b:1d:3d:e5:ed:5e:95:a4:6c:
54:72:8c:93:7c:38:2f:2e:1c:9a:52:ee:7a:d0:8f:df:28:4d:
70:03:61:f8:4f:26:56:15:ea:7d:5e:51:ad:88:1c:33:33:ac:
b3:f0:1c:b1:e4:d0:8c:a2:08:8c:b3:f4:72:65:4f:67:89:12:
a9:f3:5d:ec:1f:9c:d7:72:33:c8:62:83:aa:27:e9:84:4c:76:
ae:c6:18:a0:68:46:f6:93:44:ca:94:25:f4:2c:f0:c1:a4:0b:
bf:f3:1b:03:2b:24:de:8b:c1:08:d8:55:97:b9:05:2c:c3:4f:
90:dd:c4:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnewn46IE1BG7e+uUfPZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkODllN2M1M2U5MjQ3OWRmODExNzFlYmFhZjIzNjBhMDM3
YzMyNDgwHhcNMjMwMTAxMjMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg2OGJjOTZmNmU3MzdiNzBjYjA1NGQzZDMxOTJjMjIwMDI3ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngbdhPQQ4wz8ES7xsVUqCQJNSUYy
KBVHL/QjRCOidY0FVMPQWSLD8WbuViLkSyicmBn9QfJ7+nDSNXG2qm4dot2OKdSy
mbuzcmHWNJQigmxITGtSTALXLcbtYqVkZuoFMw/RcJgjD/bTk66kFilQWoLKABlU
4b0citFxOqlvlh2cWEvF3wTHRW60ZN3pGZUScHt9a6/mGNrjdAXPuCvV54mLOoDs
ZC006ZuvnqFXT3w5fFpVzIL1Mb63KJkB7zhjzHFOKmwZ/Y6WrV7Dw9yicNBmHhK6
cFd45Ofze2PaxO/pOR74vFJR1MgaR+z4dVTxsGRS86oNXKfPCXZuVZQpWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISGi8lvbnN7cMsFTT0xksIgAn+SMB8GA1UdIwQY
MBaAFJ2J58U+kked+BFx66ryNgoDfDJIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbllubnhUNlNSNTM0RVhIcnF2STJDZ044TWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zMDRjNzYtOTk2MC00OTc5LTg2MGMt
ODlhNjhlNWEyMTEwLzEvaElhTHlXOXVjM3R3eXdWTlBUR1N3aUFDZjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zMDRjNzYtOTk2MC00OTc5LTg2MGMtODlhNjhlNWEyMTEw
LzEvbllubnhUNlNSNTM0RVhIcnF2STJDZ044TWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1b4IMA0G
CSqGSIb3DQEBCwUAA4IBAQCd5ZMgAQlw0cFG0AHx2zuGRCGm97zCQg5G10oTEEog
6lqvdpNlz2XvLTn9Af3dGsELIigGOYqALENwTUhJjC/ePqHXrrvdgRsvtRF5NNJ/
449OL97/YIkFB9WndcBaJXY6KGHS9jDj3kfy9rDS7U6cFyrOw1srLPBVXfma2UVT
wbi4A2hXTMA7HT3l7V6VpGxUcoyTfDgvLhyaUu560I/fKE1wA2H4TyZWFep9XlGt
iBwzM6yz8Byx5NCMogiMs/RyZU9niRKp813sH5zXcjPIYoOqJ+mETHauxhigaEb2
k0TKlCX0LPDBpAu/8xsDKyTei8EI2FWXuQUsw0+Q3cRY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org