Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/Hg56wY7s8-uspdy8VG-5sVP_oXE.roa
File: Hg56wY7s8-uspdy8VG-5sVP_oXE.roa (raw, json)
Hash identifier: UOrt1M5q6mHQg/uhSDAuNVfjOyTXv+lupzzczxNXaOo=
Subject key identifier: 1E:0E:7A:C1:8E:EC:F3:EB:AC:A5:DC:BC:54:6F:B9:B1:53:FF:A1:71
Certificate issuer: /CN=f061db4be695ea495a283bbe33022abd289d5ea8
Certificate serial: 01856F798501FAFF80B3D557C85D7ABE22C6
Authority key identifier: F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/Hg56wY7s8-uspdy8VG-5sVP_oXE.roa
Signing time: Sun 01 Jan 2023 22:35:12 +0000
ROA not before: Sun 01 Jan 2023 22:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59441
IP address blocks: 185.89.22.0/24 maxlen: 24
2a07:7ec0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:85:01:fa:ff:80:b3:d5:57:c8:5d:7a:be:22:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f061db4be695ea495a283bbe33022abd289d5ea8
Validity
Not Before: Jan 1 22:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e0e7ac18eecf3ebaca5dcbc546fb9b153ffa171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:65:4b:ee:74:10:a3:21:6e:69:98:e3:a2:0b:
a2:d5:1f:b1:cb:33:66:56:bc:3d:79:ed:1b:5f:9b:
94:f3:cf:1b:ab:0d:9e:0c:70:e1:fe:6a:48:6b:f7:
30:4d:c6:da:63:06:ae:1b:ab:58:3d:d4:20:ae:64:
80:9d:97:6f:97:37:52:a1:a8:aa:24:ca:af:7d:78:
42:8f:c5:bf:d5:0e:e7:1d:27:65:b0:e3:fa:25:a2:
cc:1c:e7:73:c8:62:4b:17:1c:ed:84:cd:e3:24:67:
9a:e8:a3:3c:cb:dd:19:b1:25:7b:84:52:1a:1a:f8:
fe:91:3d:fd:27:e7:66:2e:f5:5b:79:ab:e7:97:93:
00:df:a0:86:2b:60:84:21:94:75:4e:7c:c5:06:30:
72:0f:d8:e4:53:c9:1a:66:27:0e:99:43:82:f1:3c:
8a:69:a1:8e:8f:aa:b4:79:f7:b8:d8:d4:da:fd:a8:
96:c9:67:5e:33:4b:d7:11:a3:33:b6:c2:ed:d0:fc:
55:d3:5e:2d:7a:e4:b4:7a:3b:57:7b:14:d1:9d:18:
7c:ec:0f:54:f3:ac:46:6d:40:2c:bf:1d:aa:d3:7e:
e6:00:10:70:e9:67:a9:a9:94:1d:ac:f9:f3:2a:92:
d0:06:f8:e2:0f:10:13:a1:fa:f9:14:d0:9b:10:10:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0E:7A:C1:8E:EC:F3:EB:AC:A5:DC:BC:54:6F:B9:B1:53:FF:A1:71
X509v3 Authority Key Identifier:
keyid:F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/Hg56wY7s8-uspdy8VG-5sVP_oXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/8GHbS-aV6klaKDu-MwIqvSidXqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.22.0/24
IPv6:
2a07:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:28:d0:88:54:fe:f3:f4:78:5e:ed:1f:de:33:88:e0:8f:69:
8b:80:2d:b6:08:0a:6f:7a:d2:28:79:c4:52:57:48:43:55:c5:
52:e9:73:29:f5:2e:9e:76:d5:56:a5:ea:e4:df:53:dd:1d:3d:
eb:55:a7:95:00:23:86:dd:05:bd:01:af:11:e9:3f:0a:fb:f1:
10:91:85:00:a6:65:f0:e0:ee:35:51:b1:88:31:ea:02:d8:83:
65:32:f1:4e:ef:79:a2:b8:10:45:ce:d0:c7:07:1e:d1:e6:c8:
3c:13:b1:f9:14:ea:d3:45:26:a7:01:63:8a:d5:74:d7:47:0e:
b0:cb:35:70:a6:9f:a7:f1:22:80:3e:4e:26:f8:37:f3:d0:3c:
6a:e0:d0:37:cd:ff:5d:1b:4a:fc:31:f3:96:8f:c1:c0:32:bc:
e8:b4:82:d5:9e:69:45:50:fe:f6:15:fe:01:f7:d3:bb:68:a5:
ae:3d:d3:d3:6d:f5:9d:ba:93:b8:82:68:34:fb:46:5a:25:43:
0f:b7:eb:3e:57:59:a7:4f:ff:bd:3e:d3:67:ce:5a:66:88:3d:
85:30:48:20:46:1c:36:3b:6b:61:43:ff:65:eb:c1:86:b9:c6:
68:e2:80:d4:17:bb:5b:13:df:76:38:28:72:cc:12:a1:24:62:
9f:fd:9d:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveYUB+v+As9VXyF16viLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNjFkYjRiZTY5NWVhNDk1YTI4M2JiZTMzMDIyYWJkMjg5
ZDVlYTgwHhcNMjMwMTAxMjIzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBlN2FjMThlZWNmM2ViYWNhNWRjYmM1NDZmYjliMTUzZmZhMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWVL7nQQoyFuaZjjogui1R+xyzNm
Vrw9ee0bX5uU888bqw2eDHDh/mpIa/cwTcbaYwauG6tYPdQgrmSAnZdvlzdSoaiq
JMqvfXhCj8W/1Q7nHSdlsOP6JaLMHOdzyGJLFxzthM3jJGea6KM8y90ZsSV7hFIa
Gvj+kT39J+dmLvVbeavnl5MA36CGK2CEIZR1TnzFBjByD9jkU8kaZicOmUOC8TyK
aaGOj6q0efe42NTa/aiWyWdeM0vXEaMztsLt0PxV014teuS0ejtXexTRnRh87A9U
86xGbUAsvx2q037mABBw6WepqZQdrPnzKpLQBvjiDxATofr5FNCbEBBfJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB4OesGO7PPrrKXcvFRvubFT/6FxMB8GA1UdIwQY
MBaAFPBh20vmlepJWig7vjMCKr0onV6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEdIYlMtYVY2a2xhS0R1LU13SXF2U2lkWHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNTkyM2ItZjY0ZS00Nzk4LWEzN2Et
ZGEzYTNkZWUwNWQ0LzEvSGc1NndZN3M4LXVzcGR5OFZHLTVzVlBfb1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNTkyM2ItZjY0ZS00Nzk4LWEzN2EtZGEzYTNkZWUwNWQ0
LzEvOEdIYlMtYVY2a2xhS0R1LU13SXF2U2lkWHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVkWMA0E
AgACMAcDBQMqB37AMA0GCSqGSIb3DQEBCwUAA4IBAQCfKNCIVP7z9Hhe7R/eM4jg
j2mLgC22CApvetIoecRSV0hDVcVS6XMp9S6edtVWperk31PdHT3rVaeVACOG3QW9
Aa8R6T8K+/EQkYUApmXw4O41UbGIMeoC2INlMvFO73miuBBFztDHBx7R5sg8E7H5
FOrTRSanAWOK1XTXRw6wyzVwpp+n8SKAPk4m+Dfz0Dxq4NA3zf9dG0r8MfOWj8HA
MrzotILVnmlFUP72Ff4B99O7aKWuPdPTbfWdupO4gmg0+0ZaJUMPt+s+V1mnT/+9
PtNnzlpmiD2FMEggRhw2O2thQ/9l68GGucZo4oDUF7tbE992OChyzBKhJGKf/Z3J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:31 2024 by rpki-client on console-ams.rpki-client.org