Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/HB43sc4XsiCo9JweCfsAkdqw2WY.roa
File: HB43sc4XsiCo9JweCfsAkdqw2WY.roa (raw, json)
Hash identifier: zmr2ZZ3nE/3mgVcuNHlO/UyrrhngbaFmxR7Z1kTxsvk=
Subject key identifier: 1C:1E:37:B1:CE:17:B2:20:A8:F4:9C:1E:09:FB:00:91:DA:B0:D9:66
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01874B7817B49D2BFCF9165CB82578AD875B
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/HB43sc4XsiCo9JweCfsAkdqw2WY.roa
Signing time: Tue 04 Apr 2023 08:52:54 +0000
ROA not before: Tue 04 Apr 2023 08:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.146.0/23 maxlen: 24
95.140.158.0/23 maxlen: 24
80.90.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:78:17:b4:9d:2b:fc:f9:16:5c:b8:25:78:ad:87:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Apr 4 08:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c1e37b1ce17b220a8f49c1e09fb0091dab0d966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c6:37:c3:d8:a6:7c:c4:ef:90:87:3f:dc:c4:
54:4f:47:59:bd:07:b1:96:b7:a7:ba:4a:c8:85:39:
37:c3:b2:e1:92:2f:12:a0:b6:e9:f7:75:28:87:20:
26:1a:46:3d:98:1d:d9:cd:c3:52:5a:24:f6:99:89:
10:57:e8:f7:89:b4:c3:53:2a:ed:84:34:b7:c6:7a:
89:ab:21:96:48:5b:56:5e:e1:01:f4:a3:f4:f2:6a:
f5:c2:5f:74:13:96:94:96:59:e1:21:c8:cf:61:c5:
95:33:6c:e3:11:39:4c:77:1e:04:a8:97:90:8c:89:
c7:b0:4a:38:5a:19:6d:90:53:27:78:4e:69:99:9a:
2e:18:bc:88:49:64:b5:8f:0b:ce:d8:fc:6f:46:85:
17:f5:8b:76:a0:89:6a:e6:95:87:9e:2c:f3:44:a5:
e4:b9:1d:8f:5f:b8:f5:17:09:37:69:4e:6d:84:47:
83:cf:a9:82:d8:d9:dc:34:a2:c2:4a:f3:c3:f6:9c:
86:80:95:60:27:b8:66:de:02:26:8d:43:fa:9e:48:
fa:5a:94:a9:0d:f3:fa:e9:da:0a:17:70:56:dc:0a:
da:f0:f5:56:ac:00:0b:dd:87:20:0c:5c:75:89:37:
03:00:e3:aa:59:db:0c:3f:26:6b:72:16:8f:4b:11:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1E:37:B1:CE:17:B2:20:A8:F4:9C:1E:09:FB:00:91:DA:B0:D9:66
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/HB43sc4XsiCo9JweCfsAkdqw2WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.179.0/24
95.140.146.0/23
95.140.158.0/23
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
11:1f:6b:e1:22:bd:dc:ad:c3:10:f7:35:d4:87:b7:eb:51:f0:
cc:fd:6f:30:66:17:a4:b3:00:d4:f3:22:b8:06:a4:48:e0:28:
65:f2:6c:c2:38:81:6a:c2:e4:ee:e3:34:f9:31:94:3c:98:f0:
45:9f:ac:8b:12:dd:ab:6a:1c:13:d9:d6:bd:60:1b:b9:b0:8d:
43:5d:a5:cb:a7:c8:67:e4:62:84:70:b0:ea:f3:81:ef:32:97:
07:af:53:e8:3f:90:b6:03:d5:9e:02:f5:e6:ec:35:c5:e8:b7:
75:ed:1e:cc:d1:37:9a:43:1b:b7:2b:77:23:1d:62:df:4c:94:
bc:08:8e:a5:6e:06:d4:8e:4f:6c:c8:73:fd:45:33:a3:b8:f8:
8e:31:9f:be:a6:e6:9b:bf:f7:30:c8:7d:23:3a:e4:19:b0:5d:
c4:89:91:bb:ad:2d:6d:a8:d7:89:f1:8a:c3:eb:04:64:ff:dd:
00:e9:5f:bf:a8:08:cb:e2:b3:31:79:b0:20:77:af:14:8a:2e:
6e:91:02:1d:58:eb:4b:1b:5f:50:a5:58:6a:85:c3:2f:a3:01:
0f:5d:7d:91:80:da:62:93:eb:b2:86:19:79:dd:4b:32:a7:c1:
d4:2e:cd:81:30:3d:f6:2a:59:14:a8:02:22:1f:4a:22:96:33:
c4:e1:be:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdLeBe0nSv8+RZcuCV4rYdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNDA0MDg1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFlMzdiMWNlMTdiMjIwYThmNDljMWUwOWZiMDA5MWRhYjBkOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMY3w9imfMTvkIc/3MRUT0dZvQex
lrenukrIhTk3w7Lhki8SoLbp93UohyAmGkY9mB3ZzcNSWiT2mYkQV+j3ibTDUyrt
hDS3xnqJqyGWSFtWXuEB9KP08mr1wl90E5aUllnhIcjPYcWVM2zjETlMdx4EqJeQ
jInHsEo4WhltkFMneE5pmZouGLyISWS1jwvO2PxvRoUX9Yt2oIlq5pWHnizzRKXk
uR2PX7j1Fwk3aU5thEeDz6mC2NncNKLCSvPD9pyGgJVgJ7hm3gImjUP6nkj6WpSp
DfP66doKF3BW3Ara8PVWrAAL3YcgDFx1iTcDAOOqWdsMPyZrchaPSxE4UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBweN7HOF7IgqPScHgn7AJHasNlmMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvSEI0M3NjNFhzaUNvOUp3ZUNmc0FrZHF3MldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUFqzAwQB
X4ySAwQBX4yeAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQARH2vhIr3crcMQ9zXU
h7frUfDM/W8wZhekswDU8yK4BqRI4Chl8mzCOIFqwuTu4zT5MZQ8mPBFn6yLEt2r
ahwT2da9YBu5sI1DXaXLp8hn5GKEcLDq84HvMpcHr1PoP5C2A9WeAvXm7DXF6Ld1
7R7M0TeaQxu3K3cjHWLfTJS8CI6lbgbUjk9syHP9RTOjuPiOMZ++puabv/cwyH0j
OuQZsF3EiZG7rS1tqNeJ8YrD6wRk/90A6V+/qAjL4rMxebAgd68Uii5ukQIdWOtL
G19QpVhqhcMvowEPXX2RgNpik+uyhhl53Usyp8HULs2BMD32KlkUqAIiH0oiljPE
4b6I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org