Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/HasTQ39lQdbGiL2EamjQtYgEq1o.roa
File: HasTQ39lQdbGiL2EamjQtYgEq1o.roa (raw, json)
Hash identifier: a7033ftkVD7u1tTMI3a2KrqzmvWdilmfbg2ybov6vv4=
Subject key identifier: 1D:AB:13:43:7F:65:41:D6:C6:88:BD:84:6A:68:D0:B5:88:04:AB:5A
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 018572BA5598FB2F9665BE6311B66514D00E
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/HasTQ39lQdbGiL2EamjQtYgEq1o.roa
Signing time: Mon 02 Jan 2023 13:44:52 +0000
ROA not before: Mon 02 Jan 2023 13:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49423
IP address blocks: 176.118.185.0/24 maxlen: 24
2a0d:ca47:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:55:98:fb:2f:96:65:be:63:11:b6:65:14:d0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 2 13:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dab13437f6541d6c688bd846a68d0b58804ab5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e4:ec:30:4c:f8:b6:93:8c:3f:13:ec:03:0d:
75:07:e1:17:aa:5b:35:82:ff:c1:68:fd:9a:ef:f8:
12:86:2c:4f:46:46:8a:52:bd:6b:69:05:63:c0:aa:
62:78:f6:57:ab:1f:be:49:2e:8a:b5:09:03:a3:44:
28:b9:7d:8d:52:8b:f2:cd:9a:0d:7b:87:09:11:58:
f5:e3:ba:ee:f9:ef:12:30:be:32:68:89:80:0c:50:
d5:36:dd:9c:5a:ce:5e:c8:4f:d3:26:c1:bf:57:2f:
41:16:b4:3a:c7:57:51:f0:8e:b1:cc:6b:ca:4b:2e:
98:78:45:21:7f:6c:85:39:0a:19:6c:58:f5:a3:eb:
24:7f:a7:c2:c9:35:fe:5e:84:e7:8d:5c:07:cb:74:
64:c3:f8:52:17:7a:73:9d:91:bb:98:10:5c:03:35:
24:9b:0d:b4:e7:fb:8c:c0:b0:d8:59:5b:47:3e:c8:
e0:3b:0e:31:b7:37:13:9f:0d:3d:bc:b5:a8:ad:8d:
3c:0f:a7:77:47:78:b7:e9:24:7e:4b:15:d4:e2:38:
bd:d1:60:a0:76:b9:db:6d:c9:25:c3:37:90:a8:49:
4b:c3:ed:d5:68:9c:33:08:7b:77:c9:fd:53:b2:2a:
17:72:0a:4c:f5:b7:bd:1e:7d:5e:d2:71:48:95:71:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:13:43:7F:65:41:D6:C6:88:BD:84:6A:68:D0:B5:88:04:AB:5A
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/HasTQ39lQdbGiL2EamjQtYgEq1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.185.0/24
IPv6:
2a0d:ca47:2::/48
Signature Algorithm: sha256WithRSAEncryption
52:f7:99:c6:68:0c:b3:29:7a:dc:df:76:c3:c7:9a:6c:9d:e2:
24:e2:23:aa:d6:38:c4:a6:44:d6:37:3f:27:4e:46:96:a9:60:
ad:7e:0e:f0:ed:ac:d9:55:44:1f:39:ef:fe:f1:21:b0:e2:af:
71:ad:89:ee:3e:e7:2f:01:6d:08:ae:93:65:23:b2:d6:d1:d6:
68:e8:57:56:35:ed:00:3c:b4:70:57:75:40:30:f4:7d:9e:6b:
28:fe:f9:67:ea:c0:fd:75:a6:c5:57:e0:18:8f:3a:77:5e:b7:
69:be:d6:1e:07:f3:b7:b5:3b:82:25:b7:6e:18:90:54:42:c2:
44:93:29:30:0b:27:c4:0a:da:f6:b1:03:db:c3:7d:72:2a:76:
3d:40:33:c0:2e:ac:5b:75:5b:0b:2c:27:65:6d:4b:cf:a3:33:
1f:5f:bb:fe:db:90:ff:06:18:c1:8c:9e:37:79:29:92:4d:57:
61:aa:1a:35:35:92:3a:b5:d3:c6:01:a3:c6:84:5e:e5:91:33:
a0:1e:85:20:af:68:7d:6b:95:3c:b8:84:6b:40:36:71:90:2a:
c3:7b:5c:d8:68:05:b8:22:c4:53:c2:5c:c4:2b:9f:09:51:d5:
45:46:ed:84:60:7b:29:85:ad:91:01:74:ed:4f:90:88:98:47:
73:5a:f0:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyulWY+y+WZb5jEbZlFNAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjMwMTAyMTM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFiMTM0MzdmNjU0MWQ2YzY4OGJkODQ2YTY4ZDBiNTg4MDRhYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOTsMEz4tpOMPxPsAw11B+EXqls1
gv/BaP2a7/gShixPRkaKUr1raQVjwKpiePZXqx++SS6KtQkDo0QouX2NUovyzZoN
e4cJEVj147ru+e8SML4yaImADFDVNt2cWs5eyE/TJsG/Vy9BFrQ6x1dR8I6xzGvK
Sy6YeEUhf2yFOQoZbFj1o+skf6fCyTX+XoTnjVwHy3Rkw/hSF3pznZG7mBBcAzUk
mw205/uMwLDYWVtHPsjgOw4xtzcTnw09vLWorY08D6d3R3i36SR+SxXU4ji90WCg
drnbbcklwzeQqElLw+3VaJwzCHt3yf1TsioXcgpM9be9Hn1e0nFIlXGvzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2rE0N/ZUHWxoi9hGpo0LWIBKtaMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvSGFzVFEzOWxRZGJHaUwyRWFtalF0WWdFcTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHa5MA8E
AgACMAkDBwAqDcpHAAIwDQYJKoZIhvcNAQELBQADggEBAFL3mcZoDLMpetzfdsPH
mmyd4iTiI6rWOMSmRNY3PydORpapYK1+DvDtrNlVRB857/7xIbDir3Gtie4+5y8B
bQiuk2UjstbR1mjoV1Y17QA8tHBXdUAw9H2eayj++WfqwP11psVX4BiPOndet2m+
1h4H87e1O4Ilt24YkFRCwkSTKTALJ8QK2vaxA9vDfXIqdj1AM8AurFt1WwssJ2Vt
S8+jMx9fu/7bkP8GGMGMnjd5KZJNV2GqGjU1kjq108YBo8aEXuWRM6AehSCvaH1r
lTy4hGtANnGQKsN7XNhoBbgixFPCXMQrnwlR1UVG7YRgeymFrZEBdO1PkIiYR3Na
8AQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:10 2024 by rpki-client on console-ams.rpki-client.org