Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hgF2LgbbV3A1H2vEReS7bvmb_8g.roa
File: hgF2LgbbV3A1H2vEReS7bvmb_8g.roa (raw, json)
Hash identifier: wODNfl4+I4XArkV+HuyqU7sX3deDTVRFwVL+L2NMtTQ=
Subject key identifier: 86:01:76:2E:06:DB:57:70:35:1F:6B:C4:45:E4:BB:6E:F9:9B:FF:C8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AEB9C476C8E65D02C2B9295293082
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hgF2LgbbV3A1H2vEReS7bvmb_8g.roa
Signing time: Sun 01 Jan 2023 11:15:10 +0000
ROA not before: Sun 01 Jan 2023 11:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51751
IP address blocks: 82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:eb:9c:47:6c:8e:65:d0:2c:2b:92:95:29:30:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8601762e06db5770351f6bc445e4bb6ef99bffc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4a:23:45:d3:5a:f2:21:8c:20:65:cb:48:aa:
3e:7f:df:68:c4:45:93:9a:e2:6f:44:96:ec:97:d5:
48:7a:41:1b:50:8e:b8:4b:7a:87:b3:58:01:17:d2:
6e:59:12:15:9c:1f:fa:5e:5b:95:7e:26:f4:73:16:
8d:c5:d8:42:ab:ca:87:cf:65:b9:e9:fe:ca:3d:15:
21:38:c5:05:3f:fe:f4:97:f6:2d:70:78:3a:53:87:
dc:4e:a8:7c:05:19:94:94:34:2b:41:45:d8:6c:7a:
32:09:76:32:eb:90:6c:6d:25:64:16:7c:ce:9b:e5:
2d:a2:a6:76:c5:63:1b:31:74:fd:74:09:39:11:8d:
6d:6b:49:3d:2e:6a:a3:01:25:9f:fd:46:11:0e:b5:
2e:31:87:ec:0b:f1:46:62:17:f7:8a:6e:7d:01:78:
1d:75:3c:98:51:86:b0:0e:20:4a:fa:f7:37:c5:82:
ea:72:81:67:6b:02:0b:0b:bd:ac:6f:a9:d8:b2:08:
de:e9:63:86:fe:1e:c8:11:20:56:66:17:0e:25:81:
a4:9d:60:69:d1:4e:48:c1:ff:67:4f:de:b4:5d:b7:
59:ac:b0:9b:78:b4:2f:55:2f:c9:e0:be:74:d8:cc:
39:2c:71:89:db:08:49:2a:5e:a1:82:e6:8d:2f:7f:
10:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:01:76:2E:06:DB:57:70:35:1F:6B:C4:45:E4:BB:6E:F9:9B:FF:C8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hgF2LgbbV3A1H2vEReS7bvmb_8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
89:4f:e3:ac:62:02:28:75:4b:0a:ae:2a:67:83:8d:f8:be:b0:
6e:5d:0e:d3:0f:13:8a:0f:a4:54:d5:f0:f4:14:26:f6:c6:19:
91:19:ac:74:85:29:36:c0:c0:2d:ee:95:fc:22:40:8c:59:80:
46:ff:5d:3f:40:a1:58:86:b8:57:09:31:21:49:38:d9:cb:0f:
15:1e:6d:e4:63:b7:5c:95:a2:b7:2b:25:ff:86:6e:22:67:84:
be:cb:95:08:2e:e9:f0:c7:01:4c:f2:17:7a:17:48:79:e1:be:
4b:eb:ba:10:c7:5a:17:e1:1c:f9:db:50:44:8e:49:4e:b8:5c:
8c:51:d0:4d:f2:c3:de:f5:ba:29:b1:b1:72:44:f3:1b:79:93:
b8:18:6d:dc:57:87:ef:69:2b:80:90:e2:75:e4:79:70:61:a8:
1f:c1:bd:ed:8f:7a:83:80:54:40:58:bf:49:70:8e:01:51:6c:
4f:6c:48:33:ed:07:9e:b5:a1:c7:96:c3:66:45:e1:33:7a:91:
01:c6:56:7a:d4:bd:c8:67:89:c2:93:5e:86:d2:12:0f:b7:e4:
52:7d:d6:7a:49:b7:19:d5:f0:f9:3c:73:20:81:c2:d8:d0:00:
fa:89:43:60:8d:fc:ea:d2:98:1b:12:9e:a3:56:0a:44:11:ae:
bf:85:0d:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuucR2yOZdAsK5KVKTCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAxNzYyZTA2ZGI1NzcwMzUxZjZiYzQ0NWU0YmI2ZWY5OWJmZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUojRdNa8iGMIGXLSKo+f99oxEWT
muJvRJbsl9VIekEbUI64S3qHs1gBF9JuWRIVnB/6XluVfib0cxaNxdhCq8qHz2W5
6f7KPRUhOMUFP/70l/YtcHg6U4fcTqh8BRmUlDQrQUXYbHoyCXYy65BsbSVkFnzO
m+UtoqZ2xWMbMXT9dAk5EY1ta0k9LmqjASWf/UYRDrUuMYfsC/FGYhf3im59AXgd
dTyYUYawDiBK+vc3xYLqcoFnawILC72sb6nYsgje6WOG/h7IESBWZhcOJYGknWBp
0U5Iwf9nT960XbdZrLCbeLQvVS/J4L502Mw5LHGJ2whJKl6hguaNL38QIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYBdi4G21dwNR9rxEXku275m//IMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvaGdGMkxnYmJWM0ExSDJ2RVJlUzdidm1iXzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUomwMA0G
CSqGSIb3DQEBCwUAA4IBAQCJT+OsYgIodUsKripng434vrBuXQ7TDxOKD6RU1fD0
FCb2xhmRGax0hSk2wMAt7pX8IkCMWYBG/10/QKFYhrhXCTEhSTjZyw8VHm3kY7dc
laK3KyX/hm4iZ4S+y5UILunwxwFM8hd6F0h54b5L67oQx1oX4Rz521BEjklOuFyM
UdBN8sPe9bopsbFyRPMbeZO4GG3cV4fvaSuAkOJ15HlwYagfwb3tj3qDgFRAWL9J
cI4BUWxPbEgz7QeetaHHlsNmReEzepEBxlZ61L3IZ4nCk16G0hIPt+RSfdZ6SbcZ
1fD5PHMggcLY0AD6iUNgjfzq0pgbEp6jVgpEEa6/hQ3w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org