Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/fe6904-eb56-4493-929c-1a9df38f5901/1/hULXHWwpzzRJQCMxgNE6w1RSPLU.roa
File: hULXHWwpzzRJQCMxgNE6w1RSPLU.roa (raw, json)
Hash identifier: 5mzJlUJqd47c0vfFCOMNAGmYXeS/hakVWpxZCP+1zKk=
Subject key identifier: 85:42:D7:1D:6C:29:CF:34:49:40:23:31:80:D1:3A:C3:54:52:3C:B5
Certificate issuer: /CN=d949caba3d4315607f4a6d627ece1ecea8cbc319
Certificate serial: 0185E0FECD47DB1FD9E9108CDCE6B46A93C3
Authority key identifier: D9:49:CA:BA:3D:43:15:60:7F:4A:6D:62:7E:CE:1E:CE:A8:CB:C3:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2UnKuj1DFWB_Sm1ifs4ezqjLwxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/fe6904-eb56-4493-929c-1a9df38f5901/1/hULXHWwpzzRJQCMxgNE6w1RSPLU.roa
Signing time: Mon 23 Jan 2023 23:37:53 +0000
ROA not before: Mon 23 Jan 2023 23:37:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208764
IP address blocks: 194.169.51.0/24 maxlen: 24
194.169.53.0/24 maxlen: 24
185.244.92.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e0:fe:cd:47:db:1f:d9:e9:10:8c:dc:e6:b4:6a:93:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d949caba3d4315607f4a6d627ece1ecea8cbc319
Validity
Not Before: Jan 23 23:37:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8542d71d6c29cf344940233180d13ac354523cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:02:b6:3c:8c:38:ba:46:46:d9:e7:28:ce:11:
3f:91:cf:83:96:ec:ac:c3:e9:f1:12:12:f8:89:a8:
40:e9:f6:8c:80:89:9d:76:a6:df:43:53:6b:2f:6c:
e5:b2:14:73:18:51:aa:bb:f2:5e:35:f5:b2:c2:8f:
19:14:4a:41:91:7b:6e:e6:19:40:70:34:8c:c2:72:
09:26:58:d4:b5:86:5d:5b:52:36:c2:de:f3:b3:3d:
7b:e3:92:17:33:63:be:3b:9e:0f:6d:a1:d3:3c:ff:
a6:6d:dc:c3:59:d5:62:10:9d:5a:35:d1:fa:2a:20:
83:df:06:dd:90:ee:99:45:f8:34:39:f4:f7:a3:45:
12:f9:9a:72:b2:05:57:50:21:44:8b:c9:f8:fd:9f:
58:28:48:57:02:63:31:b9:c9:9f:b5:1f:d9:35:25:
4e:3d:12:89:4e:ef:6d:ca:6f:90:70:50:07:ff:a5:
15:09:b8:c3:17:4a:b5:34:42:fc:19:86:2d:fd:ae:
55:13:13:a1:2c:0c:ab:4b:9c:f9:bc:52:2d:cd:99:
60:a5:dd:77:ca:2c:cb:ba:65:0f:53:a1:cd:3a:4a:
c0:88:88:bd:76:6b:82:06:85:7b:56:a4:0f:12:ac:
02:0f:5a:49:7b:05:ef:9f:ad:c9:61:59:e0:fc:10:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:42:D7:1D:6C:29:CF:34:49:40:23:31:80:D1:3A:C3:54:52:3C:B5
X509v3 Authority Key Identifier:
keyid:D9:49:CA:BA:3D:43:15:60:7F:4A:6D:62:7E:CE:1E:CE:A8:CB:C3:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UnKuj1DFWB_Sm1ifs4ezqjLwxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fe6904-eb56-4493-929c-1a9df38f5901/1/hULXHWwpzzRJQCMxgNE6w1RSPLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fe6904-eb56-4493-929c-1a9df38f5901/1/2UnKuj1DFWB_Sm1ifs4ezqjLwxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.92.0/23
194.169.51.0/24
194.169.53.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:bb:49:3c:08:e0:eb:74:50:01:ce:5b:eb:ef:06:f3:f4:99:
8f:75:e7:a6:73:09:17:7b:c4:ed:4e:0a:a2:bf:ea:1f:f7:27:
60:6d:4a:a1:25:2b:3f:a5:40:3c:0f:7b:6d:9d:92:df:ae:c1:
17:f0:4e:59:20:8a:d8:1e:11:2e:f1:ee:47:9a:02:23:30:71:
b6:8a:af:13:fa:bd:81:3b:a0:9a:51:11:f1:ff:95:c7:0d:0c:
a9:48:58:65:aa:a7:4f:f4:6b:10:ba:a9:b2:88:c7:41:49:93:
b5:98:80:76:79:83:2d:f9:dd:ef:b3:77:f2:2b:25:b0:04:f4:
30:27:a9:04:aa:49:a9:3b:e8:f8:c1:27:45:cd:c1:55:a4:ec:
f9:01:7e:29:98:be:be:1a:21:2e:53:3c:4d:08:e9:fc:1c:20:
9e:f3:a6:91:36:8d:ea:72:f8:1a:c8:77:40:cd:a9:b0:45:12:
d6:cb:33:03:cd:81:f3:8e:ff:2a:fd:2a:16:d5:9b:f7:20:25:
8e:ce:77:77:e5:bb:1e:11:c7:96:5f:de:e9:1a:db:13:b7:bd:
df:2b:ce:51:6f:dc:63:c9:ce:aa:5e:cd:12:ec:a1:55:55:01:
da:f0:36:5a:73:6e:ce:4d:28:2e:e6:cc:16:29:78:a1:e0:3c:
97:90:ef:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXg/s1H2x/Z6RCM3Oa0apPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDljYWJhM2Q0MzE1NjA3ZjRhNmQ2MjdlY2UxZWNlYThj
YmMzMTkwHhcNMjMwMTIzMjMzNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQyZDcxZDZjMjljZjM0NDk0MDIzMzE4MGQxM2FjMzU0NTIzY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggK2PIw4ukZG2ecozhE/kc+Dluys
w+nxEhL4iahA6faMgImddqbfQ1NrL2zlshRzGFGqu/JeNfWywo8ZFEpBkXtu5hlA
cDSMwnIJJljUtYZdW1I2wt7zsz1745IXM2O+O54PbaHTPP+mbdzDWdViEJ1aNdH6
KiCD3wbdkO6ZRfg0OfT3o0US+ZpysgVXUCFEi8n4/Z9YKEhXAmMxucmftR/ZNSVO
PRKJTu9tym+QcFAH/6UVCbjDF0q1NEL8GYYt/a5VExOhLAyrS5z5vFItzZlgpd13
yizLumUPU6HNOkrAiIi9dmuCBoV7VqQPEqwCD1pJewXvn63JYVng/BBEYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIVC1x1sKc80SUAjMYDROsNUUjy1MB8GA1UdIwQY
MBaAFNlJyro9QxVgf0ptYn7OHs6oy8MZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVuS3VqMURGV0JfU20xaWZzNGV6cWpMd3hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mZTY5MDQtZWI1Ni00NDkzLTkyOWMt
MWE5ZGYzOGY1OTAxLzEvaFVMWEhXd3B6elJKUUNNeGdORTZ3MVJTUExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mZTY5MDQtZWI1Ni00NDkzLTkyOWMtMWE5ZGYzOGY1OTAx
LzEvMlVuS3VqMURGV0JfU20xaWZzNGV6cWpMd3hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBufRcAwQA
wqkzAwQAwqk1MA0GCSqGSIb3DQEBCwUAA4IBAQCKu0k8CODrdFABzlvr7wbz9JmP
deemcwkXe8TtTgqiv+of9ydgbUqhJSs/pUA8D3ttnZLfrsEX8E5ZIIrYHhEu8e5H
mgIjMHG2iq8T+r2BO6CaURHx/5XHDQypSFhlqqdP9GsQuqmyiMdBSZO1mIB2eYMt
+d3vs3fyKyWwBPQwJ6kEqkmpO+j4wSdFzcFVpOz5AX4pmL6+GiEuUzxNCOn8HCCe
86aRNo3qcvgayHdAzamwRRLWyzMDzYHzjv8q/SoW1Zv3ICWOznd35bseEceWX97p
GtsTt73fK85Rb9xjyc6qXs0S7KFVVQHa8DZac27OTSgu5swWKXih4DyXkO+L
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:34 2024 by rpki-client on console-ams.rpki-client.org