Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hHUX6sbKqsn82eHrypcYvrrRBSo.roa
File: hHUX6sbKqsn82eHrypcYvrrRBSo.roa (raw, json)
Hash identifier: j4BYR+vsmkyNoGhXq23kDy53WaAc/wCfhOcRha6S6wY=
Subject key identifier: 84:75:17:EA:C6:CA:AA:C9:FC:D9:E1:EB:CA:97:18:BE:BA:D1:05:2A
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018CC26D528B78EEC6EA675C9E749854C254
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hHUX6sbKqsn82eHrypcYvrrRBSo.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48282
IP address blocks: 185.197.74.0/24 maxlen: 24
185.230.143.0/24 maxlen: 24
193.188.21.0/24 maxlen: 24
193.188.22.0/24 maxlen: 24
193.188.20.0/24 maxlen: 24
194.113.106.0/24 maxlen: 24
193.38.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 10:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:52:8b:78:ee:c6:ea:67:5c:9e:74:98:54:c2:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=847517eac6caaac9fcd9e1ebca9718bebad1052a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5b:5f:1e:af:c3:b5:46:0e:25:07:5c:bc:92:
21:96:49:e4:82:a8:7c:5a:2a:8d:b0:ab:20:ca:d7:
95:4d:1c:17:7a:31:84:36:4c:5c:5d:69:78:b4:c1:
5d:77:73:5f:9a:94:9a:1e:2a:53:2f:36:3d:ec:02:
e6:70:c0:30:32:15:65:18:0d:89:3f:7b:5c:13:be:
b3:b0:e7:a1:38:ab:5a:75:9d:44:b5:4b:28:a6:35:
ec:cd:2b:03:9f:4c:fc:48:34:81:48:df:35:2f:1f:
60:8e:3d:59:8b:bf:61:81:16:57:fe:10:bc:59:c7:
12:f5:27:37:35:65:8a:fe:ec:af:f1:64:7f:b5:ee:
ca:bb:8f:96:01:71:ea:33:31:8c:64:02:78:6f:1d:
76:ea:28:1c:1f:3e:f5:15:14:b7:13:85:97:19:78:
1b:f2:93:11:e4:92:7f:b9:38:73:a1:2e:91:5e:8e:
4f:79:fa:9c:46:c5:74:8e:b9:9f:20:42:ba:c4:d4:
4d:2d:9a:ee:41:5e:96:3f:18:19:7b:85:f3:7e:9e:
8b:b8:a7:92:b6:c2:0b:a8:19:b7:2b:1d:e2:f6:68:
51:1f:a0:b3:a3:41:29:e2:f6:9e:32:26:7c:b7:7b:
86:79:2f:e4:8c:88:a3:fb:3a:b9:c9:6e:3e:3e:79:
b3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:75:17:EA:C6:CA:AA:C9:FC:D9:E1:EB:CA:97:18:BE:BA:D1:05:2A
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hHUX6sbKqsn82eHrypcYvrrRBSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.74.0/24
185.230.143.0/24
193.38.235.0/24
193.188.20.0-193.188.22.255
194.113.106.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ee:48:3d:62:a6:e6:9a:af:a0:be:e3:ed:7d:15:bc:48:e8:
f4:e0:6d:89:89:07:e0:74:65:ad:d2:1a:47:ea:cd:11:57:7c:
d3:8b:70:8d:fb:d9:4a:99:4b:85:06:99:df:ac:47:3c:88:72:
a2:1c:ce:7e:50:1a:7f:1a:f2:c6:00:49:ba:57:0a:a3:1b:23:
b8:49:ea:98:bb:d0:a3:ea:44:6d:2e:01:28:d1:92:1e:d6:6e:
01:93:07:e6:d8:4e:c5:39:67:8a:2d:a0:46:2c:40:3b:0c:a5:
a1:ac:7d:d4:80:1d:ff:68:25:0e:e2:ab:57:90:9e:29:8d:dd:
e3:e2:66:81:4f:8a:d3:f0:fa:e6:b0:7d:6e:aa:6b:90:e4:45:
68:db:86:17:01:dc:79:5b:b2:36:a6:9b:1a:4f:7c:20:0a:a2:
46:42:03:83:e2:87:53:2f:fc:8d:7a:2d:2e:ca:28:15:71:2e:
85:96:c5:83:f9:49:cd:31:16:ce:83:a9:24:3b:a4:76:ab:aa:
6f:78:f5:a8:99:12:72:82:66:95:d2:15:1c:8f:39:fa:4a:7b:
1e:66:c2:7f:26:83:2a:aa:9a:b8:67:fb:bf:8b:00:2e:e8:32:
3d:e6:8d:65:b8:bf:55:27:d3:ed:f2:b2:bc:f7:bc:76:4c:da:
9e:22:ee:e0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzCbVKLeO7G6mdcnnSYVMJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDc1MTdlYWM2Y2FhYWM5ZmNkOWUxZWJjYTk3MThiZWJhZDEwNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1tfHq/DtUYOJQdcvJIhlknkgqh8
WiqNsKsgyteVTRwXejGENkxcXWl4tMFdd3NfmpSaHipTLzY97ALmcMAwMhVlGA2J
P3tcE76zsOehOKtadZ1EtUsopjXszSsDn0z8SDSBSN81Lx9gjj1Zi79hgRZX/hC8
WccS9Sc3NWWK/uyv8WR/te7Ku4+WAXHqMzGMZAJ4bx126igcHz71FRS3E4WXGXgb
8pMR5JJ/uThzoS6RXo5PefqcRsV0jrmfIEK6xNRNLZruQV6WPxgZe4Xzfp6LuKeS
tsILqBm3Kx3i9mhRH6Czo0Ep4vaeMiZ8t3uGeS/kjIij+zq5yW4+PnmzLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIR1F+rGyqrJ/Nnh68qXGL660QUqMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvaEhVWDZzYktxc244MmVIcnlwY1l2cnJSQlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAucVKAwQA
ueaPAwQAwSbrMAwDBALBvBQDBADBvBYDBADCcWowDQYJKoZIhvcNAQELBQADggEB
AHXuSD1ipuaar6C+4+19FbxI6PTgbYmJB+B0Za3SGkfqzRFXfNOLcI372UqZS4UG
md+sRzyIcqIczn5QGn8a8sYASbpXCqMbI7hJ6pi70KPqRG0uASjRkh7WbgGTB+bY
TsU5Z4otoEYsQDsMpaGsfdSAHf9oJQ7iq1eQnimN3ePiZoFPitPw+uawfW6qa5Dk
RWjbhhcB3HlbsjammxpPfCAKokZCA4Pih1Mv/I16LS7KKBVxLoWWxYP5Sc0xFs6D
qSQ7pHarqm949aiZEnKCZpXSFRyPOfpKex5mwn8mgyqqmrhn+7+LAC7oMj3mjWW4
v1Un0+3ysrz3vHZM2p4i7uA=
-----END CERTIFICATE-----
Generated at Tue Jul 9 11:51:32 2024 by rpki-client on console-fra.rpki-client.org