Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1113d5-7419-4748-b052-4b1de0df21f0/1/3-HYQLG6y9tTwObyeH1qF9A8mB8.roa
File: 3-HYQLG6y9tTwObyeH1qF9A8mB8.roa (raw, json)
Hash identifier: PSOeoGcNVeMhTFvDXs8uYKvhhgrmJfANWgM5l5d8NhE=
Subject key identifier: DF:E1:D8:40:B1:BA:CB:DB:53:C0:E6:F2:78:7D:6A:17:D0:3C:98:1F
Certificate issuer: /CN=85fcb229d878ae17ab31d98848892eea2bef96e1
Certificate serial: 018570429351A4BBC35A3729977143B9DEED
Authority key identifier: 85:FC:B2:29:D8:78:AE:17:AB:31:D9:88:48:89:2E:EA:2B:EF:96:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfyyKdh4rherMdmISIku6ivvluE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1113d5-7419-4748-b052-4b1de0df21f0/1/3-HYQLG6y9tTwObyeH1qF9A8mB8.roa
Signing time: Mon 02 Jan 2023 02:14:49 +0000
ROA not before: Mon 02 Jan 2023 02:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44780
IP address blocks: 195.149.92.0/23 maxlen: 24
195.158.238.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:93:51:a4:bb:c3:5a:37:29:97:71:43:b9:de:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fcb229d878ae17ab31d98848892eea2bef96e1
Validity
Not Before: Jan 2 02:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe1d840b1bacbdb53c0e6f2787d6a17d03c981f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:92:9a:f2:0a:b1:02:41:0e:10:93:7d:40:
f8:a6:59:32:79:2e:15:28:8c:dd:7d:aa:71:0c:71:
99:32:e3:33:c1:d9:41:f7:34:c3:d8:f5:52:b6:09:
ab:6c:8f:19:68:12:09:74:84:3a:df:ae:bb:d0:b8:
9e:d3:34:ff:c7:4b:4a:63:61:7e:c7:97:98:fd:3e:
5e:3c:14:e6:50:6a:91:f9:25:c6:a9:c0:3e:de:d4:
6c:72:00:ff:a9:2e:88:e7:c8:81:78:ae:f3:50:44:
3a:6a:f0:ae:75:fb:e4:42:13:2a:ce:ae:7f:e2:8b:
4f:0c:bc:ab:bb:2c:bd:e3:46:69:ff:d3:fc:ce:74:
52:c6:94:c1:89:13:d6:5c:42:56:b7:b5:86:30:af:
4b:60:e4:c2:b5:6f:81:9c:94:f2:85:fe:b2:75:dc:
71:ee:3a:80:f5:65:a1:2b:14:ed:be:8e:8c:8c:be:
b4:cd:34:d9:0c:2b:82:13:02:63:c2:1d:ac:63:e1:
6c:3f:c3:2a:03:70:b6:40:29:c4:1e:c7:df:5c:72:
26:e8:8c:de:be:fd:af:5f:b1:cc:62:85:66:6f:39:
68:2e:68:db:b8:06:ba:06:a8:22:65:3d:4f:b8:76:
fe:33:e6:57:4b:8f:73:0f:53:a1:69:cf:f6:80:e5:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E1:D8:40:B1:BA:CB:DB:53:C0:E6:F2:78:7D:6A:17:D0:3C:98:1F
X509v3 Authority Key Identifier:
keyid:85:FC:B2:29:D8:78:AE:17:AB:31:D9:88:48:89:2E:EA:2B:EF:96:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfyyKdh4rherMdmISIku6ivvluE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1113d5-7419-4748-b052-4b1de0df21f0/1/3-HYQLG6y9tTwObyeH1qF9A8mB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1113d5-7419-4748-b052-4b1de0df21f0/1/hfyyKdh4rherMdmISIku6ivvluE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.92.0/23
195.158.238.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:66:3b:76:9c:60:b0:75:5f:06:b4:28:6d:04:58:63:71:a8:
79:a6:30:70:6d:09:a0:db:fe:cd:d8:73:9c:ab:7d:a8:74:c9:
e0:4c:d2:19:77:7b:43:b3:85:9c:ce:c6:2f:82:7d:ca:94:c0:
90:c0:37:aa:20:02:3f:40:f6:16:eb:16:54:9d:24:62:de:ca:
cb:f8:b6:93:f2:a1:d8:a7:f7:1f:a5:89:9d:16:5e:ca:9e:98:
00:15:32:80:76:f0:4f:08:ec:ed:67:ed:a0:de:00:51:90:52:
06:2e:ac:6e:a6:48:34:a0:d4:9b:5a:fe:b1:b2:94:a1:d4:a6:
c0:67:e6:ae:4c:b2:e3:f8:56:11:a5:90:cc:37:ab:25:99:0a:
09:ae:b8:ae:08:0c:c2:77:14:1d:2f:23:44:20:64:76:41:b2:
ff:d0:e8:a2:ac:7a:e4:14:c3:7c:57:30:71:01:3c:1c:b4:a5:
dd:f3:27:d7:7b:31:c9:3a:38:43:1d:28:6e:b8:09:88:65:3e:
b9:61:97:e8:3f:59:e4:9e:06:e1:72:bf:97:50:01:2a:f4:1b:
fe:5f:ad:4f:87:88:f2:3b:dd:e6:23:64:0d:b8:c1:b1:c8:b3:
93:63:e5:1c:7f:8b:80:08:05:a3:48:f3:97:ef:8a:e9:f9:78:
59:d2:76:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQpNRpLvDWjcpl3FDud7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmNiMjI5ZDg3OGFlMTdhYjMxZDk4ODQ4ODkyZWVhMmJl
Zjk2ZTEwHhcNMjMwMTAyMDIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUxZDg0MGIxYmFjYmRiNTNjMGU2ZjI3ODdkNmExN2QwM2M5ODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7aSmvIKsQJBDhCTfUD4plkyeS4V
KIzdfapxDHGZMuMzwdlB9zTD2PVStgmrbI8ZaBIJdIQ636670Lie0zT/x0tKY2F+
x5eY/T5ePBTmUGqR+SXGqcA+3tRscgD/qS6I58iBeK7zUEQ6avCudfvkQhMqzq5/
4otPDLyruyy940Zp/9P8znRSxpTBiRPWXEJWt7WGMK9LYOTCtW+BnJTyhf6yddxx
7jqA9WWhKxTtvo6MjL60zTTZDCuCEwJjwh2sY+FsP8MqA3C2QCnEHsffXHIm6Ize
vv2vX7HMYoVmbzloLmjbuAa6BqgiZT1PuHb+M+ZXS49zD1Ohac/2gOXQHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/h2ECxusvbU8Dm8nh9ahfQPJgfMB8GA1UdIwQY
MBaAFIX8sinYeK4XqzHZiEiJLuor75bhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ5eUtkaDRyaGVyTWRtSVNJa3U2aXZ2bHVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xMTEzZDUtNzQxOS00NzQ4LWIwNTIt
NGIxZGUwZGYyMWYwLzEvMy1IWVFMRzZ5OXRUd09ieWVIMXFGOUE4bUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xMTEzZDUtNzQxOS00NzQ4LWIwNTItNGIxZGUwZGYyMWYw
LzEvaGZ5eUtkaDRyaGVyTWRtSVNJa3U2aXZ2bHVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw5VcAwQB
w57uMA0GCSqGSIb3DQEBCwUAA4IBAQAuZjt2nGCwdV8GtChtBFhjcah5pjBwbQmg
2/7N2HOcq32odMngTNIZd3tDs4WczsYvgn3KlMCQwDeqIAI/QPYW6xZUnSRi3srL
+LaT8qHYp/cfpYmdFl7KnpgAFTKAdvBPCOztZ+2g3gBRkFIGLqxupkg0oNSbWv6x
spSh1KbAZ+auTLLj+FYRpZDMN6slmQoJrriuCAzCdxQdLyNEIGR2QbL/0OiirHrk
FMN8VzBxATwctKXd8yfXezHJOjhDHShuuAmIZT65YZfoP1nkngbhcr+XUAEq9Bv+
X61Ph4jyO93mI2QNuMGxyLOTY+Ucf4uACAWjSPOX74rp+XhZ0nae
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:55 2024 by rpki-client on console-ams.rpki-client.org