Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/8HMw4FXSD1sjRJuYe8T2Zwb2y-s.roa
File: 8HMw4FXSD1sjRJuYe8T2Zwb2y-s.roa (raw, json)
Hash identifier: gH492vvHs0Uxk6n3b2iIY7VHt8xLKkj8b9XqWPZqwjU=
Subject key identifier: F0:73:30:E0:55:D2:0F:5B:23:44:9B:98:7B:C4:F6:67:06:F6:CB:EB
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 01856DE644C7B1D69BE608A6022C99E02B32
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/8HMw4FXSD1sjRJuYe8T2Zwb2y-s.roa
Signing time: Sun 01 Jan 2023 15:14:45 +0000
ROA not before: Sun 01 Jan 2023 15:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51601
IP address blocks: 176.56.160.0/19 maxlen: 24
91.194.116.0/23 maxlen: 24
185.65.172.0/22 maxlen: 24
195.189.120.0/22 maxlen: 24
193.33.70.0/23 maxlen: 24
87.239.184.0/21 maxlen: 24
2a03:9d40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:44:c7:b1:d6:9b:e6:08:a6:02:2c:99:e0:2b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 1 15:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07330e055d20f5b23449b987bc4f66706f6cbeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:86:a1:79:7e:55:ec:62:5f:be:ad:48:08:
71:a5:aa:db:d7:86:ed:7a:79:29:96:60:f6:a1:b2:
db:be:92:df:af:98:d6:8f:28:d5:e6:1f:4b:bd:62:
1f:aa:e2:4d:db:63:3a:f1:29:ca:42:75:ab:43:e7:
38:40:b8:e9:ec:88:96:dd:cb:c1:9f:16:ef:c7:3c:
96:a1:e3:58:03:57:fd:d0:78:41:d9:09:93:40:33:
b3:15:96:a8:52:9c:88:44:31:d4:62:d2:84:cb:04:
50:22:41:ca:5b:7e:d7:f4:b9:78:df:97:1d:dd:3f:
20:2f:36:70:60:c6:c9:ab:4c:ec:0e:45:61:98:45:
a4:24:ad:f1:3c:fd:4f:d5:1a:8f:47:54:a6:97:78:
a0:80:79:00:70:7f:36:5f:85:1c:bc:36:92:9d:4b:
25:6d:1b:3a:53:04:fb:e9:00:7f:30:2a:26:6f:96:
1e:50:a1:b6:e6:2c:80:cd:a6:17:48:5c:6a:bb:b8:
06:a4:1e:f2:d2:ee:a8:d7:2c:d4:e3:bd:c9:45:56:
a3:49:66:a8:d3:ed:5f:46:52:b1:e0:e8:cd:a7:16:
bd:13:20:1a:b4:a0:2b:6b:86:7c:14:76:5e:62:15:
73:8c:65:fe:18:ce:5a:e0:a2:a8:20:c3:68:b5:a8:
e9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:73:30:E0:55:D2:0F:5B:23:44:9B:98:7B:C4:F6:67:06:F6:CB:EB
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/8HMw4FXSD1sjRJuYe8T2Zwb2y-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.184.0/21
91.194.116.0/23
176.56.160.0/19
185.65.172.0/22
193.33.70.0/23
195.189.120.0/22
IPv6:
2a03:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
57:53:04:fd:01:7c:24:34:ea:48:b9:9b:b3:83:2a:62:42:6c:
b0:9d:8d:c8:b2:7c:ce:71:f8:25:b2:40:76:e8:05:a8:d0:41:
38:fb:9a:4a:8d:78:28:af:ff:5b:42:ac:81:56:a4:fa:e1:d5:
ec:7b:89:f1:cf:cb:fe:b7:a2:04:17:3a:33:55:4c:d5:4b:fe:
4e:2f:2c:44:8d:e1:6f:d3:1e:db:1f:a0:62:95:e4:76:e7:b6:
92:eb:87:47:3f:c9:60:4c:81:f5:8e:f0:53:54:0c:40:0d:74:
6a:b2:c6:55:7b:92:71:ad:12:c9:a3:ea:bc:a7:10:01:45:6a:
fc:99:06:80:66:23:07:51:b7:ce:a9:e5:f1:bb:de:95:08:5f:
84:78:75:b8:87:50:98:b0:ed:e7:18:10:6b:3a:e7:26:5e:9f:
c0:ab:6f:ed:4d:0c:a9:dc:8b:90:d0:1a:bc:75:ff:37:4d:d2:
b0:f9:25:78:5b:bf:18:c3:50:d2:aa:b7:28:6d:f5:ba:f7:e8:
ba:3c:3b:8d:9c:ca:ae:e9:85:2a:19:1d:5b:49:bc:2f:14:4f:
b2:f6:20:1b:7c:11:d0:c3:b2:0d:8e:e9:e2:b8:5a:dc:1e:25:
c3:c3:98:21:f9:6a:62:1c:f5:60:67:84:c2:35:6b:4c:8f:53:
d0:b4:3a:06
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVt5kTHsdab5gimAiyZ4CsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk
ZTg5OTcwHhcNMjMwMTAxMTUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDczMzBlMDU1ZDIwZjViMjM0NDliOTg3YmM0ZjY2NzA2ZjZjYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkqGoXl+VexiX76tSAhxparb14bt
enkplmD2obLbvpLfr5jWjyjV5h9LvWIfquJN22M68SnKQnWrQ+c4QLjp7IiW3cvB
nxbvxzyWoeNYA1f90HhB2QmTQDOzFZaoUpyIRDHUYtKEywRQIkHKW37X9Ll435cd
3T8gLzZwYMbJq0zsDkVhmEWkJK3xPP1P1RqPR1Sml3iggHkAcH82X4UcvDaSnUsl
bRs6UwT76QB/MComb5YeUKG25iyAzaYXSFxqu7gGpB7y0u6o1yzU473JRVajSWao
0+1fRlKx4OjNpxa9EyAatKAra4Z8FHZeYhVzjGX+GM5a4KKoIMNotajpMwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPBzMOBV0g9bI0SbmHvE9mcG9svrMB8GA1UdIwQY
MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt
ZTQ2ZDhkMTZhMTVmLzEvOEhNdzRGWFNEMXNqUkp1WWU4VDJad2IyeS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm
LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV++4AwQB
W8J0AwQFsDigAwQCuUGsAwQBwSFGAwQCw714MA0EAgACMAcDBQAqA51AMA0GCSqG
SIb3DQEBCwUAA4IBAQBXUwT9AXwkNOpIuZuzgypiQmywnY3IsnzOcfglskB26AWo
0EE4+5pKjXgor/9bQqyBVqT64dXse4nxz8v+t6IEFzozVUzVS/5OLyxEjeFv0x7b
H6BileR257aS64dHP8lgTIH1jvBTVAxADXRqssZVe5JxrRLJo+q8pxABRWr8mQaA
ZiMHUbfOqeXxu96VCF+EeHW4h1CYsO3nGBBrOucmXp/Aq2/tTQyp3IuQ0Bq8df83
TdKw+SV4W78Yw1DSqrcobfW69+i6PDuNnMqu6YUqGR1bSbwvFE+y9iAbfBHQw7IN
juniuFrcHiXDw5gh+WpiHPVgZ4TCNWtMj1PQtDoG
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:17 2024 by rpki-client on console-fra.rpki-client.org