Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HrN1lHYl5IlnnNKr4K9na73h4X0.roa
File: HrN1lHYl5IlnnNKr4K9na73h4X0.roa (raw, json)
Hash identifier: sRO+/gofXiYU9Qix97PEWkzYqhhnYu9bS8y4SoQtrXE=
Subject key identifier: 1E:B3:75:94:76:25:E4:89:67:9C:D2:AB:E0:AF:67:6B:BD:E1:E1:7D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BA07754D0EA4DE45DDCF5BE43E6100643
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HrN1lHYl5IlnnNKr4K9na73h4X0.roa
Signing time: Sun 05 Nov 2023 17:10:56 +0000
ROA not before: Sun 05 Nov 2023 17:10:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.211.233.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:77:54:d0:ea:4d:e4:5d:dc:f5:be:43:e6:10:06:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 5 17:10:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb375947625e489679cd2abe0af676bbde1e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:6e:d2:bd:72:cc:6f:ed:b0:9b:08:cd:d8:
9a:3a:6d:3b:38:5b:9c:dd:3a:27:e1:54:30:cc:e0:
c0:2b:7c:fe:e1:a3:df:43:ef:19:8a:22:40:40:39:
8e:83:78:b2:be:75:53:89:50:c4:a4:cf:2c:8f:cd:
1c:c4:29:3f:33:4c:1e:53:80:2c:9c:af:4a:57:eb:
b5:ed:be:a9:63:85:72:c0:98:91:d4:49:bf:ce:ef:
aa:f2:2c:e5:5f:9d:37:cd:3d:cb:dc:d2:78:56:bf:
78:ad:d2:5a:88:62:42:d3:3d:fe:13:4d:68:57:67:
63:f4:d6:f0:3b:43:c9:13:dc:1f:83:08:1a:f1:e9:
80:ce:55:02:30:9d:48:60:3d:13:a4:26:b6:dd:f9:
d8:a7:93:7c:f1:8b:15:41:00:a2:d2:0f:a9:30:64:
c0:56:6a:cb:bd:3b:cf:94:0a:b6:82:54:06:9c:f6:
a4:e4:6a:46:a8:03:4c:f3:d3:40:3f:e7:23:6d:fb:
b1:9b:c3:55:38:4a:84:35:07:e1:0c:cc:d2:da:5a:
24:79:99:8b:5e:49:96:c9:ff:18:a7:e5:1e:b5:4b:
24:09:36:fc:09:ba:e0:5a:cf:d2:2c:1d:f1:5a:d2:
95:27:12:e4:0a:17:f5:ef:55:35:6f:3c:8e:c1:bd:
41:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B3:75:94:76:25:E4:89:67:9C:D2:AB:E0:AF:67:6B:BD:E1:E1:7D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HrN1lHYl5IlnnNKr4K9na73h4X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
185.101.107.0/24
188.211.233.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:5d:c4:5d:a0:5d:8c:07:91:7a:ef:27:f4:e8:00:a5:76:85:
ab:ea:70:17:75:68:33:76:54:c2:26:a8:56:75:24:ef:57:19:
61:95:47:b6:b9:2c:0f:02:2f:76:a2:92:4b:ca:f0:4a:0c:ce:
58:dc:73:33:59:17:9c:27:ec:e6:75:2d:0a:c3:55:89:37:9b:
6f:a2:30:a4:0a:86:6f:1d:4a:c9:4a:28:a9:bf:1a:26:68:23:
b2:c9:3e:97:51:fc:87:c7:2c:ff:7e:34:f9:ca:6a:30:cd:a7:
c1:12:50:e6:4b:b8:03:ae:8b:e4:3c:1e:9c:9b:9d:23:f0:2a:
1e:4c:db:c0:ed:5b:97:ca:83:fa:02:20:36:0b:8c:50:72:f4:
b8:d6:28:cb:88:b4:5b:2b:9a:6b:f2:f0:d8:c0:4f:cd:98:bd:
13:96:b8:f3:dc:dd:fc:b6:a8:be:2c:fb:92:a9:f7:c0:bd:fa:
e3:18:24:47:fa:b1:77:e3:d6:9a:bc:d3:10:28:4a:3a:18:32:
1d:51:94:8f:0c:aa:c3:88:cd:c3:1e:f7:8b:31:c9:b9:ef:6e:
74:88:37:98:8c:bc:68:c3:9f:dd:3f:0c:e4:2d:90:25:be:ff:
d7:ea:2a:55:19:cd:10:de:63:56:be:ae:9a:04:62:72:4f:cd:
40:a3:fe:2c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYugd1TQ6k3kXdz1vkPmEAZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA1MTcxMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIzNzU5NDc2MjVlNDg5Njc5Y2QyYWJlMGFmNjc2YmJkZTFlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypBu0r1yzG/tsJsIzdiaOm07OFuc
3Ton4VQwzODAK3z+4aPfQ+8ZiiJAQDmOg3iyvnVTiVDEpM8sj80cxCk/M0weU4As
nK9KV+u17b6pY4VywJiR1Em/zu+q8izlX503zT3L3NJ4Vr94rdJaiGJC0z3+E01o
V2dj9NbwO0PJE9wfgwga8emAzlUCMJ1IYD0TpCa23fnYp5N88YsVQQCi0g+pMGTA
VmrLvTvPlAq2glQGnPak5GpGqANM89NAP+cjbfuxm8NVOEqENQfhDMzS2lokeZmL
XkmWyf8Yp+UetUskCTb8CbrgWs/SLB3xWtKVJxLkChf171U1bzyOwb1BAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB6zdZR2JeSJZ5zSq+CvZ2u94eF9MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSHJOMWxIWWw1SWxubk5LcjRLOW5hNzNoNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVmuyAwQA
WSIbAwQBWSReAwQBWSm0AwQAuWVrAwQAvNPpAwQBvPHaMA0GCSqGSIb3DQEBCwUA
A4IBAQAaXcRdoF2MB5F67yf06ACldoWr6nAXdWgzdlTCJqhWdSTvVxlhlUe2uSwP
Ai92opJLyvBKDM5Y3HMzWRecJ+zmdS0Kw1WJN5tvojCkCoZvHUrJSiipvxomaCOy
yT6XUfyHxyz/fjT5ymowzafBElDmS7gDrovkPB6cm50j8CoeTNvA7VuXyoP6AiA2
C4xQcvS41ijLiLRbK5pr8vDYwE/NmL0Tlrjz3N38tqi+LPuSqffAvfrjGCRH+rF3
49aavNMQKEo6GDIdUZSPDKrDiM3DHveLMcm57250iDeYjLxow5/dPwzkLZAlvv/X
6ipVGc0Q3mNWvq6aBGJyT81Ao/4s
Generated at Sun Nov 5 18:09:26 2023 by rpki-client on console-fra.rpki-client.org