Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/h_fKPvVCguP6UeQQAD8ADQrO7Lo.roa
File: h_fKPvVCguP6UeQQAD8ADQrO7Lo.roa (raw, json)
Hash identifier: DHTmzdoIYeekp//3K3Pej6K9FZSCWFXlhq4KAlwRnno=
Subject key identifier: 87:F7:CA:3E:F5:42:82:E3:FA:51:E4:10:00:3F:00:0D:0A:CE:EC:BA
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CBECD0C44A2CDB7F33DFB2B8E46001D95
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/h_fKPvVCguP6UeQQAD8ADQrO7Lo.roa
Signing time: Sun 31 Dec 2023 07:35:58 +0000
ROA not before: Sun 31 Dec 2023 07:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
178.239.151.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:cd:0c:44:a2:cd:b7:f3:3d:fb:2b:8e:46:00:1d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 31 07:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f7ca3ef54282e3fa51e410003f000d0aceecba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:49:9b:4f:42:25:22:11:2e:5e:05:cc:84:
d8:11:1c:88:d0:96:33:ef:c1:51:42:0c:91:10:83:
95:6a:d6:da:7b:5f:72:ea:90:93:d8:98:4d:3e:5f:
a7:67:e8:57:f5:ac:30:2e:00:f2:04:fa:d3:b2:22:
a9:db:7a:64:20:df:5e:59:4d:95:d2:45:20:4c:dd:
29:bb:e6:b8:89:53:c4:5b:52:16:01:ca:b7:7c:59:
ed:84:50:0e:2b:b2:21:65:a4:c8:c8:b3:c5:fd:74:
1c:6e:11:53:ce:e9:75:ec:8e:45:6b:53:9a:64:35:
fc:af:7b:e3:c7:b6:8f:69:df:46:cb:30:89:6f:1a:
0f:66:98:99:cc:56:8b:b7:b3:d7:7f:be:65:bd:6c:
ca:7a:cd:d7:0d:e8:a4:2a:c3:9f:9b:a6:01:62:0a:
91:62:d6:03:d4:76:ed:1b:3a:de:cf:aa:4a:10:d8:
85:c0:d7:2a:f7:c2:2e:4a:c4:57:48:ee:c5:7a:71:
49:7f:57:7a:79:46:40:3e:49:97:4f:fd:fb:2a:ec:
5f:e5:db:71:0d:3b:a0:50:01:f6:e6:e1:66:42:07:
9a:ba:0f:c5:4b:b3:6e:3e:9f:aa:34:da:2a:21:d5:
08:99:8e:1e:1a:58:b6:ab:10:93:a8:c5:70:c5:00:
98:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F7:CA:3E:F5:42:82:E3:FA:51:E4:10:00:3F:00:0D:0A:CE:EC:BA
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/h_fKPvVCguP6UeQQAD8ADQrO7Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.151.0/24
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.243.49.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
38:02:87:7b:3f:c6:89:bb:df:3e:64:ab:a6:22:ac:7e:09:f0:
1f:f8:4f:33:40:e2:b5:be:74:a3:cd:48:d1:d0:68:51:a0:a3:
46:7e:7f:2b:6a:60:d7:53:2d:11:9b:b7:6e:be:46:ec:c5:8c:
1b:77:99:7f:63:41:28:22:d4:44:00:db:4d:56:5d:7f:42:33:
bb:20:d0:d8:03:27:be:ed:18:3f:db:4b:f4:39:56:2e:65:4f:
13:11:f4:1d:1f:70:e4:45:e2:39:dc:ac:f9:76:20:99:2e:88:
4c:58:7d:81:f5:05:18:aa:54:1c:da:0d:12:92:fb:3d:19:b2:
2a:c4:89:eb:a1:e0:a5:c6:1a:4c:73:fc:ba:fc:11:af:95:34:
8e:31:de:aa:8e:01:47:d0:9b:32:e9:e4:47:9e:ac:cc:cb:a7:
a1:7e:69:fc:8a:bc:77:46:08:a6:25:93:fc:39:17:60:2b:d6:
be:fb:e5:e2:4f:8f:48:7f:4d:ac:96:10:fb:97:3a:6c:f5:40:
f1:4b:fd:0c:05:c6:d8:ed:eb:7f:bd:d4:17:07:a3:28:a6:64:
83:bf:6f:25:4d:90:2e:0b:70:26:a6:45:12:3c:4b:16:31:e9:
43:2d:a2:8d:78:e6:3f:a4:37:05:94:6c:85:d9:57:11:21:3c:
c9:64:a7:b9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYy+zQxEos238z37K45GAB2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMjMxMDczNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y3Y2EzZWY1NDI4MmUzZmE1MWU0MTAwMDNmMDAwZDBhY2VlY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV1Jm09CJSIRLl4FzITYERyI0JYz
78FRQgyREIOVatbae19y6pCT2JhNPl+nZ+hX9awwLgDyBPrTsiKp23pkIN9eWU2V
0kUgTN0pu+a4iVPEW1IWAcq3fFnthFAOK7IhZaTIyLPF/XQcbhFTzul17I5Fa1Oa
ZDX8r3vjx7aPad9GyzCJbxoPZpiZzFaLt7PXf75lvWzKes3XDeikKsOfm6YBYgqR
YtYD1HbtGzrez6pKENiFwNcq98IuSsRXSO7FenFJf1d6eUZAPkmXT/37Kuxf5dtx
DTugUAH25uFmQgeaug/FS7NuPp+qNNoqIdUImY4eGli2qxCTqMVwxQCYjQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIf3yj71QoLj+lHkEAA/AA0Kzuy6MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvaF9mS1B2VkNndVA2VWVRUUFEOEFEUXJPN0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAsu+XAwQA
su+fAwQBuRoiAwQCuXysAwQAufMxMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4Aod7P8aJu98+ZKumIqx+CfAf+E8zQOK1vnSjzUjR0GhRoKNGfn8r
amDXUy0Rm7duvkbsxYwbd5l/Y0EoItREANtNVl1/QjO7INDYAye+7Rg/20v0OVYu
ZU8TEfQdH3DkReI53Kz5diCZLohMWH2B9QUYqlQc2g0Skvs9GbIqxInroeClxhpM
c/y6/BGvlTSOMd6qjgFH0Jsy6eRHnqzMy6ehfmn8irx3RgimJZP8ORdgK9a+++Xi
T49If02slhD7lzps9UDxS/0MBcbY7et/vdQXB6MopmSDv28lTZAuC3AmpkUSPEsW
MelDLaKNeOY/pDcFlGyF2VcRITzJZKe5
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:48:54 2024 by rpki-client on console-fra.rpki-client.org