Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/HUkdEb6-lQ5PTwJF_3iKOkG8qAc.roa
File: HUkdEb6-lQ5PTwJF_3iKOkG8qAc.roa (raw, json)
Hash identifier: OhY+6dN3rVxVdzoFBKI+73s2CRTMnGTSnP9PPeVqZVY=
Subject key identifier: 1D:49:1D:11:BE:BE:95:0E:4F:4F:02:45:FF:78:8A:3A:41:BC:A8:07
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 018C8D6D46DCA591D262C9FFD6E3227752FA
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/HUkdEb6-lQ5PTwJF_3iKOkG8qAc.roa
Signing time: Thu 21 Dec 2023 17:29:58 +0000
ROA not before: Thu 21 Dec 2023 17:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199736
IP address blocks: 5.183.220.0/22 maxlen: 22
195.211.168.0/22 maxlen: 22
185.219.136.0/22 maxlen: 22
185.87.188.0/22 maxlen: 22
185.38.128.0/22 maxlen: 22
2a00:fde0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:6d:46:dc:a5:91:d2:62:c9:ff:d6:e3:22:77:52:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Dec 21 17:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d491d11bebe950e4f4f0245ff788a3a41bca807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5d:b1:85:f1:05:58:20:b1:8c:28:f4:f7:57:
1d:28:03:2d:4c:89:95:b1:cf:3e:ac:ea:a4:81:63:
be:2f:3c:88:d2:dc:e3:36:86:e6:96:ff:a1:1d:7e:
67:8c:cb:87:9c:4a:c4:44:a2:4d:87:21:99:71:48:
d4:de:9e:3a:36:fc:10:24:dd:14:aa:42:35:93:d9:
a4:1f:76:f0:80:4d:d9:2d:82:25:f9:85:b5:de:2b:
e2:7f:6c:2c:d1:64:56:3e:6b:25:d5:b7:67:09:2e:
30:2a:72:96:c6:e3:f8:03:43:72:83:4d:3e:77:8d:
5b:7c:d9:5f:e9:62:f1:dc:a3:33:b3:a1:f3:a2:79:
8d:c9:e3:68:16:2a:d0:c1:98:9d:84:c3:01:b7:61:
da:25:83:16:46:41:45:f2:e8:47:11:85:a7:0f:64:
cb:3b:5b:57:46:98:8e:20:18:05:b7:bc:6b:99:19:
3f:89:db:a6:c2:ce:ed:54:c0:7f:5d:7f:9c:27:aa:
91:12:91:84:d7:a4:99:68:5c:1c:08:01:67:d1:e0:
9e:68:f1:f0:55:48:8e:69:83:5f:3f:7d:ae:9b:cd:
58:d9:a9:32:45:bc:15:e8:00:4a:30:47:96:36:5d:
57:9b:42:ca:79:63:c4:60:3d:bc:ec:47:d5:82:c5:
24:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:49:1D:11:BE:BE:95:0E:4F:4F:02:45:FF:78:8A:3A:41:BC:A8:07
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/HUkdEb6-lQ5PTwJF_3iKOkG8qAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.220.0/22
185.38.128.0/22
185.87.188.0/22
185.219.136.0/22
195.211.168.0/22
IPv6:
2a00:fde0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:ff:8e:c1:c1:27:86:28:2b:9d:97:88:b5:59:1a:b7:80:8d:
3a:3b:b2:b0:98:1f:a4:32:33:00:8a:4e:68:62:1c:59:1b:a9:
d6:ee:38:24:e6:4d:ee:b7:39:7c:de:04:a2:6c:81:dd:16:54:
69:b1:dc:db:8b:10:01:e3:b1:f6:48:1e:3a:05:39:d3:39:c2:
db:8c:90:10:46:c3:dd:f2:63:9d:c2:02:e5:73:2f:9b:d3:e9:
8a:92:d4:42:b8:6e:f3:40:fb:c0:99:85:55:3e:c5:ff:14:fc:
58:9a:19:4d:09:d6:d7:a5:e1:cd:11:9b:c7:21:10:0e:31:63:
a6:83:24:4e:b4:75:b1:61:54:d5:7d:eb:58:de:34:c6:c8:6c:
fa:91:55:49:bf:cb:ad:ae:72:dc:71:8f:5e:b3:26:e2:f3:f4:
c0:9f:c9:8d:b2:9a:ab:b5:29:51:0e:f6:df:79:bc:dd:51:9f:
b9:a9:8a:08:dc:de:e8:52:4b:e5:ee:52:3c:76:6d:c7:96:d4:
47:92:2d:fa:64:c2:81:76:09:12:ad:d7:fc:a4:69:6a:84:4a:
06:95:8e:ef:8f:55:65:2b:d8:b3:6f:da:65:a3:6e:7b:db:c6:
dd:30:c5:b0:64:3a:8e:a7:ff:cf:e4:2f:95:49:ba:5f:cd:dd:
31:ce:a2:36
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYyNbUbcpZHSYsn/1uMid1L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjMxMjIxMTcyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ5MWQxMWJlYmU5NTBlNGY0ZjAyNDVmZjc4OGEzYTQxYmNhODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl2xhfEFWCCxjCj091cdKAMtTImV
sc8+rOqkgWO+LzyI0tzjNobmlv+hHX5njMuHnErERKJNhyGZcUjU3p46NvwQJN0U
qkI1k9mkH3bwgE3ZLYIl+YW13ivif2ws0WRWPmsl1bdnCS4wKnKWxuP4A0Nyg00+
d41bfNlf6WLx3KMzs6HzonmNyeNoFirQwZidhMMBt2HaJYMWRkFF8uhHEYWnD2TL
O1tXRpiOIBgFt7xrmRk/idumws7tVMB/XX+cJ6qREpGE16SZaFwcCAFn0eCeaPHw
VUiOaYNfP32um81Y2akyRbwV6ABKMEeWNl1Xm0LKeWPEYD287EfVgsUkBQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFB1JHRG+vpUOT08CRf94ijpBvKgHMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvSFVrZEViNi1sUTVQVHdKRl8zaUtPa0c4cUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbfcAwQC
uSaAAwQCuVe8AwQCuduIAwQCw9OoMA0EAgACMAcDBQAqAP3gMA0GCSqGSIb3DQEB
CwUAA4IBAQC2/47BwSeGKCudl4i1WRq3gI06O7KwmB+kMjMAik5oYhxZG6nW7jgk
5k3utzl83gSibIHdFlRpsdzbixAB47H2SB46BTnTOcLbjJAQRsPd8mOdwgLlcy+b
0+mKktRCuG7zQPvAmYVVPsX/FPxYmhlNCdbXpeHNEZvHIRAOMWOmgyROtHWxYVTV
fetY3jTGyGz6kVVJv8utrnLccY9esybi8/TAn8mNspqrtSlRDvbfebzdUZ+5qYoI
3N7oUkvl7lI8dm3HltRHki36ZMKBdgkSrdf8pGlqhEoGlY7vj1VlK9izb9plo257
28bdMMWwZDqOp//P5C+VSbpfzd0xzqI2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org