Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/f90fda-034d-44e0-a812-cd630dbc1d18/1/HgnrSA_YD6FivQs4x4KYuEAxRDs.roa
File: HgnrSA_YD6FivQs4x4KYuEAxRDs.roa (raw, json)
Hash identifier: bJjuLIZltcKxXnDl7vguLEb0dj3u0PcKpHH554jhC5s=
Subject key identifier: 1E:09:EB:48:0F:D8:0F:A1:62:BD:0B:38:C7:82:98:B8:40:31:44:3B
Certificate issuer: /CN=e14939b83595e2efb69456bcdf23866a5079f6f5
Certificate serial: 01856CB848E5CBD93D74BBF92A426CAC4E30
Authority key identifier: E1:49:39:B8:35:95:E2:EF:B6:94:56:BC:DF:23:86:6A:50:79:F6:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Uk5uDWV4u-2lFa83yOGalB59vU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/f90fda-034d-44e0-a812-cd630dbc1d18/1/HgnrSA_YD6FivQs4x4KYuEAxRDs.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206841
IP address blocks: 185.174.186.0/24 maxlen: 24
185.174.184.0/24 maxlen: 24
185.174.184.0/22 maxlen: 22
185.174.185.0/24 maxlen: 24
185.174.187.0/24 maxlen: 24
2a0b:b300::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:48:e5:cb:d9:3d:74:bb:f9:2a:42:6c:ac:4e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14939b83595e2efb69456bcdf23866a5079f6f5
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e09eb480fd80fa162bd0b38c78298b84031443b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:18:c3:57:10:a5:96:f4:ff:5f:4d:84:18:1e:
ea:80:c1:58:c3:4b:25:ae:30:ed:36:cb:55:a8:58:
07:1d:28:aa:45:44:4a:95:29:94:6e:2e:16:ce:4a:
51:6a:d7:97:be:69:48:37:df:2e:cb:38:f7:63:8c:
79:f4:32:1d:ff:36:a9:71:2b:c1:73:28:40:75:1c:
30:63:16:d7:10:cc:5e:0c:46:ea:eb:b1:78:e9:9c:
3b:9a:c1:f5:90:a9:1f:16:a7:2f:01:04:85:8a:2e:
45:65:b0:b8:6c:6b:ec:43:e1:31:46:52:29:33:06:
f9:ac:aa:c3:e4:cc:47:19:ea:0d:96:1b:6f:14:76:
fd:bb:f3:6e:71:20:38:46:fc:2a:8c:86:6d:af:cf:
32:ac:99:00:2b:b1:55:b6:38:c4:6f:c5:b0:af:fb:
85:fc:87:0c:43:9d:b5:ba:e2:66:f3:83:60:88:3a:
c7:5f:81:d7:77:2c:7a:b2:a3:8c:c7:4d:c5:c0:ef:
c8:60:6d:33:0e:28:f4:56:c2:55:54:ba:26:26:4a:
38:b0:aa:97:7f:73:05:e9:69:44:1e:97:1b:f8:dd:
78:e3:e4:83:16:71:a4:6c:da:c5:32:b2:24:8a:5a:
47:12:89:06:e3:c9:75:61:40:ef:54:9d:67:e0:12:
b9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:09:EB:48:0F:D8:0F:A1:62:BD:0B:38:C7:82:98:B8:40:31:44:3B
X509v3 Authority Key Identifier:
keyid:E1:49:39:B8:35:95:E2:EF:B6:94:56:BC:DF:23:86:6A:50:79:F6:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Uk5uDWV4u-2lFa83yOGalB59vU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f90fda-034d-44e0-a812-cd630dbc1d18/1/HgnrSA_YD6FivQs4x4KYuEAxRDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f90fda-034d-44e0-a812-cd630dbc1d18/1/4Uk5uDWV4u-2lFa83yOGalB59vU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.184.0/22
IPv6:
2a0b:b300::/29
Signature Algorithm: sha256WithRSAEncryption
62:1e:5d:6a:49:be:c1:42:e9:25:9f:e8:17:d9:00:3a:45:a5:
71:30:ad:0d:0e:ae:53:cb:41:81:1b:a0:01:78:21:f8:6c:24:
fa:aa:e1:b8:aa:9a:78:d4:3f:ed:d3:69:eb:24:d5:f8:ab:9f:
8f:d3:98:61:76:67:b2:8b:c5:a3:79:cd:57:6a:a9:d6:01:5e:
7a:45:2e:4b:d4:f9:ca:7c:a2:16:77:b9:2c:1d:3d:4e:43:35:
b1:94:6b:94:5f:a6:31:90:79:95:23:d2:ed:dd:5c:4e:00:5e:
29:2f:22:4b:9c:8c:b5:2c:24:e1:64:29:fd:6f:59:25:59:07:
57:7d:5e:3e:ca:64:cd:3d:c8:a5:c8:d8:d5:33:ba:05:dc:ec:
83:e8:6f:70:24:76:01:28:f5:f6:78:94:66:56:d3:e9:77:3b:
01:d8:f5:26:1e:b5:fd:37:23:a0:11:a6:48:8f:c4:ad:b6:d0:
01:4a:44:5c:b1:da:6e:5d:d4:b7:59:b4:e5:b5:64:a3:bc:80:
8f:8b:32:5b:e1:14:4e:1e:88:ba:ce:70:56:80:86:7c:6e:0b:
e4:81:32:70:ba:52:a8:36:42:7d:9d:c3:ab:21:bf:cc:e6:52:
ff:6b:f1:bf:ad:c9:06:06:be:7b:96:36:dc:eb:38:97:17:a1:
25:52:ed:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsuEjly9k9dLv5KkJsrE4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDkzOWI4MzU5NWUyZWZiNjk0NTZiY2RmMjM4NjZhNTA3
OWY2ZjUwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA5ZWI0ODBmZDgwZmExNjJiZDBiMzhjNzgyOThiODQwMzE0NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhjDVxCllvT/X02EGB7qgMFYw0sl
rjDtNstVqFgHHSiqRURKlSmUbi4WzkpRateXvmlIN98uyzj3Y4x59DId/zapcSvB
cyhAdRwwYxbXEMxeDEbq67F46Zw7msH1kKkfFqcvAQSFii5FZbC4bGvsQ+ExRlIp
Mwb5rKrD5MxHGeoNlhtvFHb9u/NucSA4RvwqjIZtr88yrJkAK7FVtjjEb8Wwr/uF
/IcMQ521uuJm84NgiDrHX4HXdyx6sqOMx03FwO/IYG0zDij0VsJVVLomJko4sKqX
f3MF6WlEHpcb+N144+SDFnGkbNrFMrIkilpHEokG48l1YUDvVJ1n4BK5mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB4J60gP2A+hYr0LOMeCmLhAMUQ7MB8GA1UdIwQY
MBaAFOFJObg1leLvtpRWvN8jhmpQefb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVrNXVEV1Y0dS0ybEZhODN5T0dhbEI1OXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mOTBmZGEtMDM0ZC00NGUwLWE4MTIt
Y2Q2MzBkYmMxZDE4LzEvSGduclNBX1lENkZpdlFzNHg0S1l1RUF4UkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mOTBmZGEtMDM0ZC00NGUwLWE4MTItY2Q2MzBkYmMxZDE4
LzEvNFVrNXVEV1Y0dS0ybEZhODN5T0dhbEI1OXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua64MA0E
AgACMAcDBQMqC7MAMA0GCSqGSIb3DQEBCwUAA4IBAQBiHl1qSb7BQukln+gX2QA6
RaVxMK0NDq5Ty0GBG6ABeCH4bCT6quG4qpp41D/t02nrJNX4q5+P05hhdmeyi8Wj
ec1XaqnWAV56RS5L1PnKfKIWd7ksHT1OQzWxlGuUX6YxkHmVI9Lt3VxOAF4pLyJL
nIy1LCThZCn9b1klWQdXfV4+ymTNPcilyNjVM7oF3OyD6G9wJHYBKPX2eJRmVtPp
dzsB2PUmHrX9NyOgEaZIj8StttABSkRcsdpuXdS3WbTltWSjvICPizJb4RROHoi6
znBWgIZ8bgvkgTJwulKoNkJ9ncOrIb/M5lL/a/G/rckGBr57ljbc6ziXF6ElUu1g
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:15 2024 by rpki-client on console-fra.rpki-client.org