Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HAnJjK2mhk-a3Q_Bf-JMrv58Umg.roa
File: HAnJjK2mhk-a3Q_Bf-JMrv58Umg.roa (raw, json)
Hash identifier: heOkk3VsScgA32VY/JodIX0+kRhKCesC1sqYZfRDFJc=
Subject key identifier: 1C:09:C9:8C:AD:A6:86:4F:9A:DD:0F:C1:7F:E2:4C:AE:FE:7C:52:68
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B725D900208FC28FF199F3B067D3D5FE4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HAnJjK2mhk-a3Q_Bf-JMrv58Umg.roa
Signing time: Fri 27 Oct 2023 18:20:16 +0000
ROA not before: Fri 27 Oct 2023 18:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47583
IP address blocks: 78.142.242.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:72:5d:90:02:08:fc:28:ff:19:9f:3b:06:7d:3d:5f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 27 18:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c09c98cada6864f9add0fc17fe24caefe7c5268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:49:c9:65:a4:c8:64:f4:84:75:32:8a:a5:1b:
b0:4f:22:65:6e:6a:ce:cf:29:4c:b1:b3:70:9d:7b:
ee:9b:aa:c1:f7:8d:9a:f5:5d:cd:19:a0:81:c2:41:
f4:d8:10:d8:11:07:c4:9f:0c:6e:6c:39:18:aa:99:
6f:53:a7:b9:fa:c6:bf:d9:f5:94:50:36:03:8b:3b:
eb:d4:ce:3b:a7:7e:86:f3:19:e8:9e:2b:2c:8e:9a:
a4:54:8d:9b:9c:df:af:6a:b4:e0:ff:8b:b6:b0:b9:
41:13:28:f9:8f:d6:a3:1d:47:cb:eb:84:16:8d:23:
18:89:1f:51:6e:6b:f6:e1:8c:66:67:99:06:03:cb:
77:52:0f:d7:4f:95:9d:80:5f:88:10:a3:45:3a:54:
96:86:1b:68:16:1e:5a:3d:97:36:11:a9:80:a2:b6:
f3:a2:d2:36:48:9a:87:16:31:f2:37:26:41:3d:d0:
d3:b2:f4:a4:e7:1a:4c:14:4a:f1:20:6a:8e:37:f6:
58:a2:92:da:80:24:30:86:f2:bf:0c:49:02:78:ea:
5a:ec:aa:72:65:68:23:e6:98:fe:84:a2:62:5f:ab:
47:b6:e3:ae:7e:7e:01:63:4e:43:13:90:4e:0f:0d:
ff:ec:3c:91:77:fb:b8:7e:23:7f:6a:77:40:64:86:
87:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:09:C9:8C:AD:A6:86:4F:9A:DD:0F:C1:7F:E2:4C:AE:FE:7C:52:68
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HAnJjK2mhk-a3Q_Bf-JMrv58Umg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.242.0/24
185.9.54.0/24
193.19.106.0/24
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
37:90:f1:68:0b:07:77:19:2a:53:56:67:15:50:b7:43:a3:fd:
a3:22:51:aa:18:de:d9:1c:a9:31:a6:4a:07:59:1d:bd:1b:1a:
50:8d:b1:d0:fe:cc:f0:0e:17:c3:ff:ff:c8:e9:f3:84:75:72:
52:7e:d4:16:00:af:4d:5b:f3:0e:03:fe:62:cf:87:b4:6a:a7:
03:fd:a7:ed:02:4c:d4:7a:08:f1:c3:46:1f:dc:c7:66:c9:be:
62:60:56:4f:23:ac:09:97:fb:fc:7a:ed:b2:cd:1a:8a:72:1e:
a1:d7:47:95:c7:85:f0:20:dd:c3:ac:3d:ad:c5:5c:a1:71:67:
b7:1b:4e:77:28:21:e3:ba:b1:fe:63:cf:27:84:c3:10:c7:77:
eb:a5:78:4a:26:a5:41:ad:f6:40:a1:ee:49:59:e4:2c:fa:d0:
9f:f7:9b:61:17:10:55:24:00:23:6f:77:08:41:40:de:fb:b3:
12:0a:5b:c8:ff:0b:35:f8:46:dd:02:f8:a7:ac:7d:18:ba:8c:
43:7d:da:ae:90:f4:25:38:bb:56:1c:3c:df:3e:29:11:42:be:
06:45:4d:00:60:90:1d:78:90:b0:c6:af:0e:2a:10:8f:39:67:
55:96:bd:bc:4d:c3:68:2a:01:49:0b:1f:e6:66:be:20:dd:09:
c3:74:c2:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtyXZACCPwo/xmfOwZ9PV/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI3MTgyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzA5Yzk4Y2FkYTY4NjRmOWFkZDBmYzE3ZmUyNGNhZWZlN2M1MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EnJZaTIZPSEdTKKpRuwTyJlbmrO
zylMsbNwnXvum6rB942a9V3NGaCBwkH02BDYEQfEnwxubDkYqplvU6e5+sa/2fWU
UDYDizvr1M47p36G8xnonissjpqkVI2bnN+varTg/4u2sLlBEyj5j9ajHUfL64QW
jSMYiR9Rbmv24YxmZ5kGA8t3Ug/XT5WdgF+IEKNFOlSWhhtoFh5aPZc2EamAorbz
otI2SJqHFjHyNyZBPdDTsvSk5xpMFErxIGqON/ZYopLagCQwhvK/DEkCeOpa7Kpy
ZWgj5pj+hKJiX6tHtuOufn4BY05DE5BODw3/7DyRd/u4fiN/andAZIaHGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBwJyYytpoZPmt0PwX/iTK7+fFJoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSEFuSmpLMm1oay1hM1FfQmYtSk1ydjU4VW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATo7yAwQA
uQk2AwQAwRNqAwQA3xtwMA0GCSqGSIb3DQEBCwUAA4IBAQA3kPFoCwd3GSpTVmcV
ULdDo/2jIlGqGN7ZHKkxpkoHWR29GxpQjbHQ/szwDhfD///I6fOEdXJSftQWAK9N
W/MOA/5iz4e0aqcD/aftAkzUegjxw0Yf3Mdmyb5iYFZPI6wJl/v8eu2yzRqKch6h
10eVx4XwIN3DrD2txVyhcWe3G053KCHjurH+Y88nhMMQx3frpXhKJqVBrfZAoe5J
WeQs+tCf95thFxBVJAAjb3cIQUDe+7MSClvI/ws1+EbdAvinrH0YuoxDfdqukPQl
OLtWHDzfPikRQr4GRU0AYJAdeJCwxq8OKhCPOWdVlr28TcNoKgFJCx/mZr4g3QnD
dMKu
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org