Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/239c74-3c43-4251-9a85-9be869a9c60c/1/HzD8sxdDULjYLI1MUR6nu93eSw8.roa
File: HzD8sxdDULjYLI1MUR6nu93eSw8.roa (raw, json)
Hash identifier: g5k6u3H1bDYr/3v1dVbk1V5FcbEF70CrqCWlkOuNdNU=
Subject key identifier: 1F:30:FC:B3:17:43:50:B8:D8:2C:8D:4C:51:1E:A7:BB:DD:DE:4B:0F
Certificate issuer: /CN=bd116d35b11c938233acbadf5d7c2d5b2c6d0154
Certificate serial: 0185719548BEDDA071F24F94E44E744C0A92
Authority key identifier: BD:11:6D:35:B1:1C:93:82:33:AC:BA:DF:5D:7C:2D:5B:2C:6D:01:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRFtNbEck4IzrLrfXXwtWyxtAVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/239c74-3c43-4251-9a85-9be869a9c60c/1/HzD8sxdDULjYLI1MUR6nu93eSw8.roa
Signing time: Mon 02 Jan 2023 08:24:46 +0000
ROA not before: Mon 02 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 185.210.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:48:be:dd:a0:71:f2:4f:94:e4:4e:74:4c:0a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd116d35b11c938233acbadf5d7c2d5b2c6d0154
Validity
Not Before: Jan 2 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f30fcb3174350b8d82c8d4c511ea7bbddde4b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:87:da:5e:51:bf:4b:99:ed:c5:7a:da:2e:a0:
96:96:02:20:9f:8b:83:0d:e9:22:2a:40:d1:86:d6:
4b:52:ac:9e:83:a1:4e:ca:fa:90:41:af:4e:71:b4:
fd:f9:15:fe:64:23:e3:b7:fd:9b:6f:15:2a:08:9b:
1b:5c:b6:31:df:67:4a:35:e2:87:49:05:4f:be:75:
c1:26:d0:62:b9:32:47:ed:61:99:c5:e4:72:46:de:
3c:f3:6c:ad:db:d5:d4:b1:c8:4f:8e:3a:ef:ee:26:
58:ef:a4:f7:6c:24:da:b7:bd:10:91:31:bb:1c:db:
0b:61:86:87:54:b5:2a:7c:23:00:52:cb:d8:7e:84:
b1:ed:ea:bd:00:55:a2:0b:04:26:a2:bf:28:e7:a7:
99:60:4c:cb:df:d1:36:a1:98:7e:ac:a8:ce:0c:09:
df:37:55:2b:ed:e8:34:a4:ac:f2:86:74:bd:e5:fc:
c1:51:82:d0:ea:c4:81:cc:3d:f1:90:15:59:74:29:
86:d9:c5:18:10:88:3d:41:be:d5:29:77:71:47:19:
ce:59:66:e6:f9:55:0e:60:07:8d:b2:ec:47:85:bb:
92:43:de:cd:c5:c4:1f:d6:ba:b1:87:48:6a:a5:ce:
8d:e5:f0:fb:d7:4e:d5:d6:0a:0c:e4:bd:39:88:15:
9f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:30:FC:B3:17:43:50:B8:D8:2C:8D:4C:51:1E:A7:BB:DD:DE:4B:0F
X509v3 Authority Key Identifier:
keyid:BD:11:6D:35:B1:1C:93:82:33:AC:BA:DF:5D:7C:2D:5B:2C:6D:01:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRFtNbEck4IzrLrfXXwtWyxtAVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/239c74-3c43-4251-9a85-9be869a9c60c/1/HzD8sxdDULjYLI1MUR6nu93eSw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/239c74-3c43-4251-9a85-9be869a9c60c/1/vRFtNbEck4IzrLrfXXwtWyxtAVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:ca:62:7f:c0:cd:8d:33:1f:7c:3c:f0:ce:04:d9:70:ee:c0:
d6:f1:2f:0d:14:46:ca:c3:70:f8:3a:ab:03:e1:bf:8b:d1:b5:
6e:7d:42:2b:9f:01:ca:81:3b:8b:63:1e:12:6e:0f:cb:c1:74:
40:d5:a5:d1:3c:1b:96:0e:4b:19:c5:76:ee:c9:9d:02:49:0b:
c1:02:4a:72:23:f3:85:ad:89:ed:d3:e5:c2:91:98:50:7b:cf:
11:01:38:de:7e:3b:eb:73:d0:a4:5a:dd:e0:58:65:76:79:9a:
f7:bb:62:85:34:b4:5f:21:27:1a:22:f4:f4:7d:fe:cb:53:ce:
51:09:65:f8:d8:61:c1:49:43:9b:d7:23:ec:67:17:04:be:7b:
39:ce:dd:88:0e:f9:32:0a:35:eb:b9:0f:01:a7:c9:7a:94:a5:
0f:3f:f4:c6:9b:a4:1b:00:06:79:e0:2c:37:43:b4:98:f4:18:
77:51:25:30:e0:c9:e1:d8:26:a3:2a:7d:4f:cb:bc:e9:75:12:
56:55:5e:17:fa:c1:13:e6:cd:70:8a:cb:f4:39:d0:61:79:e3:
4b:70:e0:f3:3a:a2:da:f1:dc:b3:b2:b7:44:15:e1:7f:67:b0:
b5:a6:bd:2e:ec:74:68:f5:e0:d4:c1:1d:f9:0d:ef:57:9f:13:
0e:bf:07:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlUi+3aBx8k+U5E50TAqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTE2ZDM1YjExYzkzODIzM2FjYmFkZjVkN2MyZDViMmM2
ZDAxNTQwHhcNMjMwMTAyMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMwZmNiMzE3NDM1MGI4ZDgyYzhkNGM1MTFlYTdiYmRkZGU0YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYfaXlG/S5ntxXraLqCWlgIgn4uD
DekiKkDRhtZLUqyeg6FOyvqQQa9OcbT9+RX+ZCPjt/2bbxUqCJsbXLYx32dKNeKH
SQVPvnXBJtBiuTJH7WGZxeRyRt4882yt29XUschPjjrv7iZY76T3bCTat70QkTG7
HNsLYYaHVLUqfCMAUsvYfoSx7eq9AFWiCwQmor8o56eZYEzL39E2oZh+rKjODAnf
N1Ur7eg0pKzyhnS95fzBUYLQ6sSBzD3xkBVZdCmG2cUYEIg9Qb7VKXdxRxnOWWbm
+VUOYAeNsuxHhbuSQ97NxcQf1rqxh0hqpc6N5fD7107V1goM5L05iBWfWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8w/LMXQ1C42CyNTFEep7vd3ksPMB8GA1UdIwQY
MBaAFL0RbTWxHJOCM6y63118LVssbQFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJGdE5iRWNrNEl6ckxyZlhYd3RXeXh0QVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yMzljNzQtM2M0My00MjUxLTlhODUt
OWJlODY5YTljNjBjLzEvSHpEOHN4ZERVTGpZTEkxTVVSNm51OTNlU3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yMzljNzQtM2M0My00MjUxLTlhODUtOWJlODY5YTljNjBj
LzEvdlJGdE5iRWNrNEl6ckxyZlhYd3RXeXh0QVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudL4MA0G
CSqGSIb3DQEBCwUAA4IBAQChymJ/wM2NMx98PPDOBNlw7sDW8S8NFEbKw3D4OqsD
4b+L0bVufUIrnwHKgTuLYx4Sbg/LwXRA1aXRPBuWDksZxXbuyZ0CSQvBAkpyI/OF
rYnt0+XCkZhQe88RATjefjvrc9CkWt3gWGV2eZr3u2KFNLRfIScaIvT0ff7LU85R
CWX42GHBSUOb1yPsZxcEvns5zt2IDvkyCjXruQ8Bp8l6lKUPP/TGm6QbAAZ54Cw3
Q7SY9Bh3USUw4Mnh2CajKn1Py7zpdRJWVV4X+sET5s1wisv0OdBheeNLcODzOqLa
8dyzsrdEFeF/Z7C1pr0u7HRo9eDUwR35De9XnxMOvwcQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:32 2024 by rpki-client on console-fra.rpki-client.org