Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/26hmN2BIF0FNR2KaiHJc9DEi_hs.roa
File: 26hmN2BIF0FNR2KaiHJc9DEi_hs.roa (raw, json)
Hash identifier: NfYg5fkzxAFwpMNBFbNfod4c82Ri31aQckz/EaPoeP4=
Subject key identifier: DB:A8:66:37:60:48:17:41:4D:47:62:9A:88:72:5C:F4:31:22:FE:1B
Certificate issuer: /CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Certificate serial: 0185727144EA4E87B619673A69CAEFF62848
Authority key identifier: B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/26hmN2BIF0FNR2KaiHJc9DEi_hs.roa
Signing time: Mon 02 Jan 2023 12:25:03 +0000
ROA not before: Mon 02 Jan 2023 12:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.53.16.0/22 maxlen: 22
2a04:c980::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:44:ea:4e:87:b6:19:67:3a:69:ca:ef:f6:28:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Validity
Not Before: Jan 2 12:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dba86637604817414d47629a88725cf43122fe1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:10:c7:72:69:35:3e:4f:9d:ca:b4:ce:ba:fd:
70:73:ad:ce:60:28:18:b6:a7:0e:7f:cc:60:2c:be:
c4:f3:6d:db:4e:c3:cf:2a:47:87:27:74:5d:c9:de:
78:1a:ae:8d:3e:40:c5:91:97:9a:e0:bb:6d:c8:1e:
d3:3e:c4:f0:96:35:7d:c5:ca:5a:35:28:26:7b:73:
66:ec:35:81:78:59:20:f6:d8:e9:0c:15:07:b1:f0:
63:5e:c9:81:d4:d1:9d:2a:d0:58:05:3e:1e:c9:3f:
e2:3d:e5:65:4e:d0:73:70:a8:2b:e3:33:7a:6d:87:
51:2e:d0:00:a0:de:55:23:67:40:b6:d7:79:38:0f:
ab:29:57:f3:a3:c0:d1:e4:94:08:db:ab:a0:e9:75:
f2:31:12:35:ed:00:86:5e:99:1b:15:11:71:b2:03:
18:19:8b:92:86:cb:0a:35:a6:19:9c:b2:56:e5:56:
03:ad:47:d3:b1:3a:7f:ac:e6:d6:72:69:41:63:7d:
ad:d4:c7:2e:b9:6a:28:ec:27:f0:19:d1:4e:a4:95:
5e:52:d6:6d:96:45:22:50:e3:ff:cc:dc:c4:04:1e:
4d:2b:24:74:df:30:67:da:f6:81:b3:13:a8:a9:3d:
7c:4c:fa:a3:89:7c:b4:d8:80:0a:00:ce:51:02:fd:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A8:66:37:60:48:17:41:4D:47:62:9A:88:72:5C:F4:31:22:FE:1B
X509v3 Authority Key Identifier:
keyid:B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/26hmN2BIF0FNR2KaiHJc9DEi_hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.16.0/22
IPv6:
2a04:c980::/29
Signature Algorithm: sha256WithRSAEncryption
3d:43:84:11:97:15:34:d7:df:5b:a8:1d:fb:fc:65:29:c0:c4:
14:b2:b4:9a:5d:7b:61:fb:c4:b8:bd:48:aa:bc:6d:cb:d9:10:
76:bc:1a:b7:1e:f4:e1:52:77:2c:be:5b:7b:e0:03:7e:dc:d4:
21:7b:82:e9:49:e9:2b:6f:73:22:88:bb:c8:27:39:e6:2a:6a:
62:ea:f1:98:6c:7e:c8:a0:d3:02:93:41:89:75:49:2a:cd:23:
99:24:c0:40:a6:69:a5:9e:8f:e2:8c:ed:92:44:cf:19:f4:3a:
ef:91:42:50:41:65:ca:97:f7:b3:0e:b4:c8:09:0f:46:7b:bd:
e0:10:13:3c:a5:de:32:7a:6a:7d:aa:36:c6:8e:ec:52:a1:d3:
5f:52:7d:2b:3e:ac:94:94:1e:a3:ff:8f:e6:07:43:d2:b4:7a:
c4:8e:e4:d1:79:c9:32:86:4c:d0:f6:39:fa:ba:48:79:0c:2d:
18:04:8c:34:63:95:53:53:e3:d8:f2:e3:d3:98:78:b3:17:5f:
af:78:e7:67:96:a4:ac:e8:9e:e6:d3:fc:84:b5:ab:b8:a9:6e:
d2:a7:49:91:58:b5:bb:d0:2b:ed:f2:1d:b3:f9:b4:e9:10:0f:
71:47:59:0e:0e:d6:59:7b:db:dd:5b:91:6b:e7:67:c3:71:d1:
be:71:d3:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVycUTqToe2GWc6acrv9ihIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzA1MGQ4Y2FmMDlhOTFkMDBmMWMwOTBhMGI3NTJjZDFi
M2Q1N2MwHhcNMjMwMTAyMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmE4NjYzNzYwNDgxNzQxNGQ0NzYyOWE4ODcyNWNmNDMxMjJmZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphDHcmk1Pk+dyrTOuv1wc63OYCgY
tqcOf8xgLL7E823bTsPPKkeHJ3Rdyd54Gq6NPkDFkZea4LttyB7TPsTwljV9xcpa
NSgme3Nm7DWBeFkg9tjpDBUHsfBjXsmB1NGdKtBYBT4eyT/iPeVlTtBzcKgr4zN6
bYdRLtAAoN5VI2dAttd5OA+rKVfzo8DR5JQI26ug6XXyMRI17QCGXpkbFRFxsgMY
GYuShssKNaYZnLJW5VYDrUfTsTp/rObWcmlBY32t1McuuWoo7CfwGdFOpJVeUtZt
lkUiUOP/zNzEBB5NKyR03zBn2vaBsxOoqT18TPqjiXy02IAKAM5RAv05lQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNuoZjdgSBdBTUdimohyXPQxIv4bMB8GA1UdIwQY
MBaAFLFwUNjK8JqR0A8cCQoLdSzRs9V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQt
NGFlYjZhNzk1NTExLzEvMjZobU4yQklGMEZOUjJLYWlISmM5REVpX2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQtNGFlYjZhNzk1NTEx
LzEvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTUQMA0E
AgACMAcDBQMqBMmAMA0GCSqGSIb3DQEBCwUAA4IBAQA9Q4QRlxU0199bqB37/GUp
wMQUsrSaXXth+8S4vUiqvG3L2RB2vBq3HvThUncsvlt74AN+3NQhe4LpSekrb3Mi
iLvIJznmKmpi6vGYbH7IoNMCk0GJdUkqzSOZJMBApmmlno/ijO2SRM8Z9DrvkUJQ
QWXKl/ezDrTICQ9Ge73gEBM8pd4yemp9qjbGjuxSodNfUn0rPqyUlB6j/4/mB0PS
tHrEjuTReckyhkzQ9jn6ukh5DC0YBIw0Y5VTU+PY8uPTmHizF1+veOdnlqSs6J7m
0/yEtau4qW7Sp0mRWLW70Cvt8h2z+bTpEA9xR1kODtZZe9vdW5Fr52fDcdG+cdNR
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:31 2024 by rpki-client on console-fra.rpki-client.org