Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/HQ194Hgepwdy67ypQqvPuzxpdL4.roa
File: HQ194Hgepwdy67ypQqvPuzxpdL4.roa (raw, json)
Hash identifier: RISRqpphFGjmQvVYXxRYevolOpFPMN23G5omnmFdqFE=
Subject key identifier: 1D:0D:7D:E0:78:1E:A7:07:72:EB:BC:A9:42:AB:CF:BB:3C:69:74:BE
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 01856CE605A31F9EBD2301AEEDD1411D38F5
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/HQ194Hgepwdy67ypQqvPuzxpdL4.roa
Signing time: Sun 01 Jan 2023 10:34:52 +0000
ROA not before: Sun 01 Jan 2023 10:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.22.0/24 maxlen: 24
185.1.143.0/24 maxlen: 24
2001:7f8:c6::/48 maxlen: 48
2001:7f8:de::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:05:a3:1f:9e:bd:23:01:ae:ed:d1:41:1d:38:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Jan 1 10:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0d7de0781ea70772ebbca942abcfbb3c6974be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:9b:8a:51:43:63:97:07:54:8f:20:7b:10:
cd:75:64:c1:ad:8b:d1:00:35:1f:1f:6d:20:af:e0:
cd:a8:6c:f9:77:90:3a:65:33:3f:5f:82:8f:39:6f:
65:0d:5e:ec:f7:1a:85:4d:f8:09:bb:42:1b:f3:24:
c3:23:f1:e9:25:32:32:58:b9:3f:e1:06:c6:bb:41:
2a:e5:96:b2:0d:51:57:38:2c:e7:42:d4:9b:13:45:
9c:78:b3:35:87:45:78:64:5b:ad:a9:4c:fa:b3:67:
a6:29:63:ec:c8:73:d9:7d:76:d4:ad:18:cb:03:d8:
eb:74:70:7f:b5:c2:fe:ce:8d:6f:07:c6:4a:74:d7:
d5:f8:f7:8e:77:f6:d3:5e:8d:2c:69:30:49:44:80:
78:c8:2c:af:c8:42:37:60:65:bb:e2:ee:04:49:37:
cd:5f:d8:ab:97:c5:93:61:6d:36:44:3c:d0:62:5f:
a5:74:c1:87:39:09:fb:8a:19:11:9f:5d:8c:0d:29:
18:b2:b0:11:d2:2e:c6:c1:17:13:c8:13:d8:b9:f4:
12:75:9a:08:97:bb:20:36:49:af:c3:3b:e4:03:7a:
58:2a:d2:d0:51:db:0c:7a:f2:37:f4:f6:6e:55:d1:
be:3c:8d:c6:e8:f4:31:9e:f7:6b:a4:0a:7d:85:8f:
b0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0D:7D:E0:78:1E:A7:07:72:EB:BC:A9:42:AB:CF:BB:3C:69:74:BE
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/HQ194Hgepwdy67ypQqvPuzxpdL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.22.0/24
185.1.143.0/24
IPv6:
2001:7f8:c6::/48
2001:7f8:de::/48
Signature Algorithm: sha256WithRSAEncryption
4d:d0:ec:f2:3f:e2:bf:ee:e2:df:6c:31:39:44:dd:e7:3d:a9:
9f:af:07:d6:b2:e5:b4:48:69:a6:8a:04:e0:8b:07:34:ed:16:
21:cc:90:7e:0d:42:54:ee:9c:c3:f4:c2:23:a6:d0:10:05:b6:
4f:62:81:bb:60:65:a3:c0:35:49:1c:31:32:98:d2:b8:92:de:
15:7f:b6:27:10:e1:c0:06:27:e8:6a:6c:63:5f:6c:5f:ef:61:
19:27:ca:ce:68:02:eb:a4:0e:14:fb:96:9e:f6:50:40:e0:b1:
25:45:55:e0:dd:2d:11:24:23:88:da:89:00:70:ab:17:19:57:
7d:d7:72:fe:6f:5f:13:a3:43:26:65:df:03:b4:4b:f1:9a:dc:
10:a9:8a:75:4f:29:78:19:29:dc:4a:f8:96:7e:f3:20:1e:5f:
0b:8e:89:6d:b0:a0:2d:c9:8c:c0:31:46:38:ec:da:02:04:e5:
ce:5c:53:91:4a:6a:86:10:fe:f5:62:c0:7b:34:25:1c:68:53:
00:91:46:90:73:ce:b7:44:9e:d7:34:54:c0:19:b5:f6:a4:44:
07:b4:e2:64:85:27:62:a9:c6:7f:c6:99:7d:4d:bf:3f:25:9c:
14:5a:01:41:6a:33:bb:7e:3e:98:ca:96:6e:02:b0:bf:3e:0a:
32:44:11:5e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVs5gWjH569IwGu7dFBHTj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjMwMTAxMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBkN2RlMDc4MWVhNzA3NzJlYmJjYTk0MmFiY2ZiYjNjNjk3NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPGbilFDY5cHVI8gexDNdWTBrYvR
ADUfH20gr+DNqGz5d5A6ZTM/X4KPOW9lDV7s9xqFTfgJu0Ib8yTDI/HpJTIyWLk/
4QbGu0Eq5ZayDVFXOCznQtSbE0WceLM1h0V4ZFutqUz6s2emKWPsyHPZfXbUrRjL
A9jrdHB/tcL+zo1vB8ZKdNfV+PeOd/bTXo0saTBJRIB4yCyvyEI3YGW74u4ESTfN
X9irl8WTYW02RDzQYl+ldMGHOQn7ihkRn12MDSkYsrAR0i7GwRcTyBPYufQSdZoI
l7sgNkmvwzvkA3pYKtLQUdsMevI39PZuVdG+PI3G6PQxnvdrpAp9hY+wUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB0NfeB4HqcHcuu8qUKrz7s8aXS+MB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvSFExOTRIZ2Vwd2R5Njd5cFFxdlB1enhwZEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuQEWAwQA
uQGPMBgEAgACMBIDBwAgAQf4AMYDBwAgAQf4AN4wDQYJKoZIhvcNAQELBQADggEB
AE3Q7PI/4r/u4t9sMTlE3ec9qZ+vB9ay5bRIaaaKBOCLBzTtFiHMkH4NQlTunMP0
wiOm0BAFtk9igbtgZaPANUkcMTKY0riS3hV/ticQ4cAGJ+hqbGNfbF/vYRknys5o
AuukDhT7lp72UEDgsSVFVeDdLREkI4jaiQBwqxcZV33Xcv5vXxOjQyZl3wO0S/Ga
3BCpinVPKXgZKdxK+JZ+8yAeXwuOiW2woC3JjMAxRjjs2gIE5c5cU5FKaoYQ/vVi
wHs0JRxoUwCRRpBzzrdEntc0VMAZtfakRAe04mSFJ2Kpxn/GmX1Nvz8lnBRaAUFq
M7t+PpjKlm4CsL8+CjJEEV4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:17 2024 by rpki-client on console-ams.rpki-client.org