Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/huPRbkRhzgr92DupwqHnHaRVt0M.roa
File: huPRbkRhzgr92DupwqHnHaRVt0M.roa (raw, json)
Hash identifier: TzIrc6BywGPTgos5Cb0/K+PSvgOsVTru32YNGwO9Ec8=
Subject key identifier: 86:E3:D1:6E:44:61:CE:0A:FD:D8:3B:A9:C2:A1:E7:1D:A4:55:B7:43
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 01856FD5336BE6C3524D6E47EFBE549F9625
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/huPRbkRhzgr92DupwqHnHaRVt0M.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134835
IP address blocks: 185.239.224.0/22 maxlen: 24
185.239.225.0/24 maxlen: 24
185.239.226.0/24 maxlen: 24
185.239.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:33:6b:e6:c3:52:4d:6e:47:ef:be:54:9f:96:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86e3d16e4461ce0afdd83ba9c2a1e71da455b743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:44:f1:4f:eb:17:4e:6e:89:74:75:69:a5:b1:
7c:b1:77:bd:1f:25:3a:b4:d0:e5:58:f8:41:09:8a:
06:e5:79:8f:3b:94:39:d5:32:b6:d5:b1:22:98:f3:
11:f2:94:33:17:f8:31:6d:d3:3d:40:f6:bf:6b:2a:
66:3f:a3:c5:0c:d5:72:d1:27:a5:e4:9c:5d:8c:e3:
f6:80:d6:2d:3a:f8:f5:60:e6:05:e3:dc:c4:8d:c2:
ef:2c:8e:1a:1d:ea:7a:b5:8b:cd:e6:f9:04:5b:7c:
e3:42:cd:83:ee:4f:2c:5c:6e:2c:ac:c6:a1:f6:b3:
01:17:74:1e:2a:02:86:a2:10:a4:cc:7f:c3:c3:24:
ce:ba:34:65:4c:cd:b9:38:49:2f:d7:5a:a3:c3:54:
71:e2:b7:d5:25:ce:a9:9e:ba:33:5a:5f:e3:c2:8a:
0b:9a:c7:a4:ca:77:43:b4:9f:1f:33:3c:4e:f9:b6:
ab:e0:50:5d:15:62:3f:2a:34:51:62:56:6e:23:3a:
89:47:5a:e0:4a:2c:66:f4:82:f6:6f:8c:bf:70:6d:
df:f1:f1:4b:08:ec:77:36:be:35:9a:cf:2e:e7:68:
1d:bf:d9:2b:69:67:1e:b8:5d:1e:78:0f:2a:7a:37:
97:97:a0:bd:58:3d:8b:d2:58:e1:3f:47:52:bf:08:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E3:D1:6E:44:61:CE:0A:FD:D8:3B:A9:C2:A1:E7:1D:A4:55:B7:43
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/huPRbkRhzgr92DupwqHnHaRVt0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.224.0/22
Signature Algorithm: sha256WithRSAEncryption
00:f2:a6:d3:b3:b0:95:7d:ae:7d:fb:ae:64:4f:16:f3:90:6f:
4d:4e:d6:0b:15:48:2a:96:5a:ac:14:fd:66:1f:25:dd:5b:9e:
a5:e6:76:75:b0:91:c5:27:f1:d8:be:ad:93:3b:bc:e5:8a:4b:
e7:6a:54:59:1a:ff:fe:ad:6b:58:f8:2b:6a:2d:51:cc:ef:f0:
fe:b7:a5:dc:0a:c3:2d:3c:7b:ee:fb:44:d8:5c:8d:61:c9:2d:
c7:5d:34:d9:9f:d6:99:eb:7e:31:a6:cf:1e:22:be:af:12:46:
62:bf:3a:fe:59:d0:df:b6:43:0f:93:03:2a:9b:3e:4f:2a:70:
41:5d:aa:7b:e4:eb:e1:03:af:f7:f7:a4:6d:5a:4c:45:13:e4:
14:dd:86:c6:1e:d8:21:50:3a:ac:dd:8e:57:8d:76:5d:e5:a2:
41:13:f6:d4:1e:59:47:34:3a:10:26:b2:45:53:51:b7:40:f9:
10:17:26:dc:a5:60:8e:c8:57:2a:82:61:17:db:e3:f6:d3:64:
16:30:db:50:6c:5f:6b:83:f1:a7:ce:a7:fd:d2:f9:a0:ce:95:
a7:b2:8c:22:fb:f3:08:1a:da:d7:b0:b4:0b:5d:71:43:5a:1f:
cd:c1:ef:cc:7c:fd:5e:20:1a:30:5f:b8:3b:94:6e:fe:b5:df:
91:6f:84:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1TNr5sNSTW5H775Un5YlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmZhMzdhMjQ4M2NmNTc5ZmE4NjI1MDExOWFjMDEzMzQ3
NWFhZDgwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUzZDE2ZTQ0NjFjZTBhZmRkODNiYTljMmExZTcxZGE0NTViNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ETxT+sXTm6JdHVppbF8sXe9HyU6
tNDlWPhBCYoG5XmPO5Q51TK21bEimPMR8pQzF/gxbdM9QPa/aypmP6PFDNVy0Sel
5JxdjOP2gNYtOvj1YOYF49zEjcLvLI4aHep6tYvN5vkEW3zjQs2D7k8sXG4srMah
9rMBF3QeKgKGohCkzH/DwyTOujRlTM25OEkv11qjw1Rx4rfVJc6pnrozWl/jwooL
msekyndDtJ8fMzxO+bar4FBdFWI/KjRRYlZuIzqJR1rgSixm9IL2b4y/cG3f8fFL
COx3Nr41ms8u52gdv9kraWceuF0eeA8qejeXl6C9WD2L0ljhP0dSvwiUVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbj0W5EYc4K/dg7qcKh5x2kVbdDMB8GA1UdIwQY
MBaAFL1vo3okg89Xn6hiUBGawBM0darYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYt
OGZmMTYxMWU4YmI0LzEvaHVQUmJrUmh6Z3I5MkR1cHdxSG5IYVJWdDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYtOGZmMTYxMWU4YmI0
LzEvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue/gMA0G
CSqGSIb3DQEBCwUAA4IBAQAA8qbTs7CVfa59+65kTxbzkG9NTtYLFUgqllqsFP1m
HyXdW56l5nZ1sJHFJ/HYvq2TO7zlikvnalRZGv/+rWtY+CtqLVHM7/D+t6XcCsMt
PHvu+0TYXI1hyS3HXTTZn9aZ634xps8eIr6vEkZivzr+WdDftkMPkwMqmz5PKnBB
Xap75OvhA6/396RtWkxFE+QU3YbGHtghUDqs3Y5XjXZd5aJBE/bUHllHNDoQJrJF
U1G3QPkQFybcpWCOyFcqgmEX2+P202QWMNtQbF9rg/Gnzqf90vmgzpWnsowi+/MI
GtrXsLQLXXFDWh/Nwe/MfP1eIBowX7g7lG7+td+Rb4RS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:03 2024 by rpki-client on console-ams.rpki-client.org