Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/hGLoGRi6NNoAV72d1koecaHuCzg.roa
File: hGLoGRi6NNoAV72d1koecaHuCzg.roa (raw, json)
Hash identifier: AQAQyrXamoaBdLcIkck9Tnv9CwwMM0csRlxxE9Cilb0=
Subject key identifier: 84:62:E8:19:18:BA:34:DA:00:57:BD:9D:D6:4A:1E:71:A1:EE:0B:38
Certificate issuer: /CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Certificate serial: 01857182F94881FAE3D8767B13F6BA36E699
Authority key identifier: 8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/hGLoGRi6NNoAV72d1koecaHuCzg.roa
Signing time: Mon 02 Jan 2023 08:04:46 +0000
ROA not before: Mon 02 Jan 2023 08:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 195.182.218.0/23 maxlen: 32
2001:7f8:42::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:82:f9:48:81:fa:e3:d8:76:7b:13:f6:ba:36:e6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Validity
Not Before: Jan 2 08:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8462e81918ba34da0057bd9dd64a1e71a1ee0b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:53:b9:0b:26:57:eb:0b:61:68:81:71:61:a7:
ed:47:d9:0a:69:f8:61:76:32:90:33:87:19:be:b8:
23:20:2d:73:0e:1f:d1:ca:38:e4:cc:4d:aa:3f:72:
e8:e9:af:04:4a:b6:c7:a9:cc:9b:cb:ee:65:6b:97:
bc:e9:d9:02:99:e1:61:54:1a:cf:d7:11:1f:bf:c9:
3f:06:ac:b5:00:9c:ae:f2:ce:c0:21:1a:b0:96:49:
d9:15:57:a6:c7:b7:53:d0:e6:d8:e6:62:f6:03:ad:
ac:41:41:f5:67:4e:47:2e:ac:98:9e:28:33:dd:7e:
6e:ae:7b:3b:be:78:c1:63:8f:ff:7c:62:8e:93:a8:
e7:9b:6a:00:9e:76:83:1f:29:3d:55:d4:c2:b9:77:
22:45:5e:17:0e:ea:ad:1c:db:94:f4:85:bf:26:3f:
ce:23:79:47:e1:ff:84:86:8c:e8:ef:13:4c:12:a1:
2b:a1:ca:e6:1a:23:fd:67:c9:dd:a4:c7:27:53:49:
d0:29:91:e6:09:ff:8d:ae:b4:51:4e:95:cf:42:63:
dc:40:b0:87:0f:ef:db:be:51:d7:eb:01:29:27:bb:
66:ee:9f:3e:5c:85:59:a3:16:7c:54:a9:65:de:38:
fc:11:7b:98:fc:9b:52:70:00:08:90:ac:f2:06:1f:
23:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:62:E8:19:18:BA:34:DA:00:57:BD:9D:D6:4A:1E:71:A1:EE:0B:38
X509v3 Authority Key Identifier:
keyid:8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/hGLoGRi6NNoAV72d1koecaHuCzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/i_ynyW6ARQWki5lgPZshJPHdNwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.218.0/23
IPv6:
2001:7f8:42::/48
Signature Algorithm: sha256WithRSAEncryption
13:cb:f6:94:35:36:95:7d:62:2b:34:56:6c:e4:22:83:ec:01:
6d:4a:f8:e5:23:8e:34:b9:51:9a:d3:13:c6:ae:19:ee:ce:de:
c1:10:96:a2:1a:c2:00:0c:c0:46:1e:9c:ac:c5:64:f5:dd:c0:
70:85:01:48:35:8d:83:56:66:06:f5:be:83:54:b9:5e:f6:16:
fb:8c:af:20:c6:0e:1e:07:b8:b8:d3:74:0e:c0:51:46:ad:80:
dc:34:e9:4f:cb:e0:ca:b3:8b:15:5d:70:6d:3c:d2:66:5b:a4:
3d:1c:1a:81:b8:3c:38:d5:73:bf:91:88:9d:16:44:8a:cb:48:
58:58:43:f3:ee:71:dd:37:64:a3:0a:1a:99:27:12:71:af:3f:
2c:d2:07:9c:bf:87:80:6b:75:d3:cb:3a:b5:e5:1c:1b:6f:ba:
2d:dd:88:7c:68:15:8c:d8:bd:8f:09:67:5c:85:17:c1:e1:0f:
de:19:3e:e5:01:8f:de:85:f3:5b:e6:66:90:98:25:a4:84:54:
48:45:e2:8f:d5:b4:ad:69:0f:4f:6c:f7:3a:23:43:bb:90:30:
d2:88:6f:54:38:db:68:aa:f4:d9:58:fd:8c:d6:39:af:a5:9d:
ea:09:35:b1:9c:e5:86:01:42:50:3c:40:a0:56:94:c3:b2:ae:
76:ea:66:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxgvlIgfrj2HZ7E/a6NuaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZmNhN2M5NmU4MDQ1MDVhNDhiOTk2MDNkOWIyMTI0ZjFk
ZDM3MDIwHhcNMjMwMTAyMDgwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYyZTgxOTE4YmEzNGRhMDA1N2JkOWRkNjRhMWU3MWExZWUwYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVO5CyZX6wthaIFxYaftR9kKafhh
djKQM4cZvrgjIC1zDh/RyjjkzE2qP3Lo6a8ESrbHqcyby+5la5e86dkCmeFhVBrP
1xEfv8k/Bqy1AJyu8s7AIRqwlknZFVemx7dT0ObY5mL2A62sQUH1Z05HLqyYnigz
3X5urns7vnjBY4//fGKOk6jnm2oAnnaDHyk9VdTCuXciRV4XDuqtHNuU9IW/Jj/O
I3lH4f+Ehozo7xNMEqErocrmGiP9Z8ndpMcnU0nQKZHmCf+NrrRRTpXPQmPcQLCH
D+/bvlHX6wEpJ7tm7p8+XIVZoxZ8VKll3jj8EXuY/JtScAAIkKzyBh8jAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRi6BkYujTaAFe9ndZKHnGh7gs4MB8GA1UdIwQY
MBaAFIv8p8lugEUFpIuZYD2bISTx3TcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaV95bnlXNkFSUVdraTVsZ1Bac2hKUEhkTndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84ZjNiNmYtZTg2Zi00NjdkLWFhOTAt
MThiMWE5MzdhNTY3LzEvaEdMb0dSaTZOTm9BVjcyZDFrb2VjYUh1Q3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84ZjNiNmYtZTg2Zi00NjdkLWFhOTAtMThiMWE5MzdhNTY3
LzEvaV95bnlXNkFSUVdraTVsZ1Bac2hKUEhkTndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7baMA8E
AgACMAkDBwAgAQf4AEIwDQYJKoZIhvcNAQELBQADggEBABPL9pQ1NpV9Yis0Vmzk
IoPsAW1K+OUjjjS5UZrTE8auGe7O3sEQlqIawgAMwEYenKzFZPXdwHCFAUg1jYNW
Zgb1voNUuV72FvuMryDGDh4HuLjTdA7AUUatgNw06U/L4MqzixVdcG080mZbpD0c
GoG4PDjVc7+RiJ0WRIrLSFhYQ/Pucd03ZKMKGpknEnGvPyzSB5y/h4BrddPLOrXl
HBtvui3diHxoFYzYvY8JZ1yFF8HhD94ZPuUBj96F81vmZpCYJaSEVEhF4o/VtK1p
D09s9zojQ7uQMNKIb1Q422iq9NlY/YzWOa+lneoJNbGc5YYBQlA8QKBWlMOyrnbq
Zsg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:19 2024 by rpki-client on console-ams.rpki-client.org