Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Hs2h-IYYHfzw5GIB1t-qX4fPfm4.roa
File: Hs2h-IYYHfzw5GIB1t-qX4fPfm4.roa (raw, json)
Hash identifier: Le2weBkHAVnOuqjQrsOVfCe/UZSQrKxrbEc1hTReEZQ=
Subject key identifier: 1E:CD:A1:F8:86:18:1D:FC:F0:E4:62:01:D6:DF:AA:5F:87:CF:7E:6E
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 01856CE6070A8C495DA0434860DE1E0DDA02
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Hs2h-IYYHfzw5GIB1t-qX4fPfm4.roa
Signing time: Sun 01 Jan 2023 10:34:52 +0000
ROA not before: Sun 01 Jan 2023 10:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 185.117.176.0/22 maxlen: 32
217.15.32.0/20 maxlen: 32
88.84.64.0/19 maxlen: 32
217.149.144.0/20 maxlen: 32
95.142.0.0/20 maxlen: 32
2a02:2068::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:07:0a:8c:49:5d:a0:43:48:60:de:1e:0d:da:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Jan 1 10:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ecda1f886181dfcf0e46201d6dfaa5f87cf7e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:bb:3c:08:8f:6a:0a:c0:9d:fa:d6:af:4e:
11:70:c8:40:06:46:f0:3b:50:df:54:e7:64:d3:25:
79:c3:47:76:cb:fd:f5:7b:51:bd:2a:82:53:e2:18:
b7:a4:9c:b0:d8:2f:1b:20:c8:6d:36:fe:06:fb:39:
f1:e8:d0:a0:30:6d:48:5c:ef:bc:20:05:ab:7a:91:
76:7b:39:46:42:4a:a2:65:14:e0:97:51:69:6b:71:
e6:d8:f6:26:e8:1c:89:b1:9d:f1:2a:96:6b:91:e6:
45:f3:05:09:11:19:f3:7c:d1:23:4f:90:a9:c6:85:
85:31:90:b8:73:48:9f:bf:71:6b:4b:d9:f1:e6:a8:
c2:1f:6f:b2:04:9f:65:da:15:75:9e:57:57:0f:54:
af:2b:55:b4:6a:47:eb:87:c1:55:c1:93:33:77:a6:
2c:23:c4:bc:6b:49:c3:55:4a:b6:32:39:5e:e0:ec:
46:78:18:6e:a0:88:d9:13:e4:e2:4e:17:b5:90:ed:
59:10:f5:61:fd:46:5f:4e:31:b5:88:9c:4e:ef:ee:
6b:d2:c7:9f:99:91:70:4c:52:f4:b9:11:db:16:e9:
d9:dd:33:82:9c:4b:59:ca:cb:b6:df:72:5c:39:f2:
9b:c9:f8:0f:fd:e6:4c:fc:d9:ce:41:08:fe:f4:39:
3a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CD:A1:F8:86:18:1D:FC:F0:E4:62:01:D6:DF:AA:5F:87:CF:7E:6E
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Hs2h-IYYHfzw5GIB1t-qX4fPfm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
b8:5a:73:78:b9:d7:ad:8e:12:2b:04:0f:28:7d:92:92:6b:b2:
88:3d:9e:02:de:aa:d6:91:44:4a:07:5b:21:7f:46:05:e0:ad:
8e:f8:82:e5:36:5b:8f:5a:5f:96:9e:11:e9:78:30:39:04:98:
48:26:ba:ed:6b:20:5f:f0:04:94:89:60:e5:cf:2a:90:ed:c8:
07:96:bd:71:63:4f:e2:f3:b6:4f:cc:a2:b6:49:be:32:37:fd:
bc:be:9c:09:5c:ce:eb:7a:f4:8d:6f:2c:e9:4f:3d:d4:03:84:
32:85:1c:09:06:72:32:ed:f0:df:7f:2a:da:7e:b0:52:26:9c:
89:ec:3f:d7:60:f8:97:92:24:be:23:22:e0:5d:e2:36:89:37:
d8:ba:4f:a6:72:02:71:f0:d7:0e:27:eb:d2:b5:1f:cd:fb:95:
e1:0b:54:50:6c:33:0a:91:97:16:7f:fc:90:7e:ac:90:a4:73:
12:05:81:58:8f:f8:b0:70:3b:d5:30:1a:a5:62:8d:52:1e:9c:
3f:67:07:36:ad:5f:82:02:b7:1f:9a:73:36:c9:43:95:57:4c:
3f:a7:eb:e3:e0:5e:5a:f7:ea:90:ab:7b:73:7a:6e:53:2e:80:
df:db:62:2e:f2:1b:c7:59:de:c6:da:dc:20:6d:1e:5b:55:74:
21:aa:6a:c9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVs5gcKjEldoENIYN4eDdoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjMwMTAxMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWNkYTFmODg2MTgxZGZjZjBlNDYyMDFkNmRmYWE1Zjg3Y2Y3ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZi7PAiPagrAnfrWr04RcMhABkbw
O1DfVOdk0yV5w0d2y/31e1G9KoJT4hi3pJyw2C8bIMhtNv4G+znx6NCgMG1IXO+8
IAWrepF2ezlGQkqiZRTgl1Fpa3Hm2PYm6ByJsZ3xKpZrkeZF8wUJERnzfNEjT5Cp
xoWFMZC4c0ifv3FrS9nx5qjCH2+yBJ9l2hV1nldXD1SvK1W0akfrh8FVwZMzd6Ys
I8S8a0nDVUq2Mjle4OxGeBhuoIjZE+TiThe1kO1ZEPVh/UZfTjG1iJxO7+5r0sef
mZFwTFL0uRHbFunZ3TOCnEtZysu233JcOfKbyfgP/eZM/NnOQQj+9Dk6EwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFB7NofiGGB388ORiAdbfql+Hz35uMB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvSHMyaC1JWVlIZnp3NUdJQjF0LXFYNGZQZm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFWFRAAwQE
X44AAwQCuXWwAwQE2Q8gAwQE2ZWQMA0EAgACMAcDBQMqAiBoMA0GCSqGSIb3DQEB
CwUAA4IBAQC4WnN4udetjhIrBA8ofZKSa7KIPZ4C3qrWkURKB1shf0YF4K2O+ILl
NluPWl+WnhHpeDA5BJhIJrrtayBf8ASUiWDlzyqQ7cgHlr1xY0/i87ZPzKK2Sb4y
N/28vpwJXM7revSNbyzpTz3UA4QyhRwJBnIy7fDffyrafrBSJpyJ7D/XYPiXkiS+
IyLgXeI2iTfYuk+mcgJx8NcOJ+vStR/N+5XhC1RQbDMKkZcWf/yQfqyQpHMSBYFY
j/iwcDvVMBqlYo1SHpw/Zwc2rV+CArcfmnM2yUOVV0w/p+vj4F5a9+qQq3tzem5T
LoDf22Iu8hvHWd7G2twgbR5bVXQhqmrJ
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:48:00 2023 by rpki-client on console-ams.rpki-client.org