Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/hdkNdqDxAiEfHlbSDMuEPIIhEBA.roa
File: hdkNdqDxAiEfHlbSDMuEPIIhEBA.roa (raw, json)
Hash identifier: m2vx5q2D/o7wFQCG6rC313ERqvto/uhgLGUGwS+jCXc=
Subject key identifier: 85:D9:0D:76:A0:F1:02:21:1F:1E:56:D2:0C:CB:84:3C:82:21:10:10
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 0186565BF69CDFAAD4692F9980DCE30DFEFE
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/hdkNdqDxAiEfHlbSDMuEPIIhEBA.roa
Signing time: Wed 15 Feb 2023 18:35:12 +0000
ROA not before: Wed 15 Feb 2023 18:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206943
IP address blocks: 185.102.48.0/22 maxlen: 23
185.206.56.0/23 maxlen: 23
31.42.128.0/20 maxlen: 20
178.218.128.0/21 maxlen: 21
178.218.136.0/21 maxlen: 21
31.42.144.0/20 maxlen: 20
178.159.64.0/20 maxlen: 20
185.171.30.0/23 maxlen: 23
185.171.28.0/23 maxlen: 23
185.183.90.0/23 maxlen: 23
185.183.88.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:5b:f6:9c:df:aa:d4:69:2f:99:80:dc:e3:0d:fe:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Feb 15 18:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85d90d76a0f102211f1e56d20ccb843c82211010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:10:4c:63:0d:e0:3f:c7:e1:17:e7:53:80:
cf:c1:d2:19:ba:83:82:05:78:1b:f3:73:d9:21:3e:
76:bd:10:70:42:71:94:c0:2e:d6:3a:d6:26:12:e6:
9d:3c:76:bc:5d:3a:e8:06:14:d3:e7:8f:5c:73:fd:
85:16:f2:22:12:7a:71:1a:18:00:2e:22:a4:d1:95:
bb:19:d7:64:7e:af:9f:5d:94:5e:33:6f:57:28:4c:
ea:df:db:f3:34:8f:6c:e9:05:55:8d:1f:68:25:69:
1b:d5:e3:83:a0:4c:ad:6b:2a:3a:8c:b7:8b:67:f8:
24:8f:bc:5f:25:e7:4c:94:82:b1:c9:52:eb:f5:ab:
f7:b2:58:4d:68:01:b4:6e:af:a5:a7:fc:f7:eb:5f:
57:3a:4e:1a:97:63:03:56:da:37:b6:17:07:bd:f0:
23:c1:33:05:6f:7b:39:96:21:c5:17:33:7a:fa:f9:
95:78:c9:6e:f4:51:2b:77:71:44:b9:61:41:86:63:
37:c7:5c:85:df:05:c8:50:b3:c7:91:74:29:fa:60:
91:24:3c:66:09:f0:31:de:0f:69:d2:50:67:cd:3f:
3c:1c:15:b5:1a:ce:58:8f:bf:76:f6:3c:8f:2f:84:
27:c4:f6:8d:c8:ad:59:2e:7f:07:2e:b6:95:f1:42:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D9:0D:76:A0:F1:02:21:1F:1E:56:D2:0C:CB:84:3C:82:21:10:10
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/hdkNdqDxAiEfHlbSDMuEPIIhEBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/19
178.159.64.0/20
178.218.128.0/20
185.102.48.0/22
185.171.28.0/22
185.183.88.0/22
185.206.56.0/23
Signature Algorithm: sha256WithRSAEncryption
72:ef:97:29:b4:77:3f:8d:4a:d1:ca:65:95:e9:29:cb:46:dd:
5e:5c:38:2d:7a:fa:2e:e6:63:ee:76:c6:0c:ad:5a:38:c5:93:
18:5a:e6:9d:90:16:64:8f:b1:5d:2f:ba:5b:9f:b2:6b:ce:02:
b8:cd:8b:62:fc:84:45:bd:c3:01:1d:ee:81:ca:ec:89:5c:81:
85:8b:ce:0c:23:70:c2:39:53:47:0a:54:7c:a9:bb:7c:2e:40:
8f:de:f8:9d:a2:5d:31:b1:97:c7:28:55:50:70:f6:a9:c8:c9:
d1:15:d8:a5:d8:d9:47:4c:d9:69:8d:ee:c7:1f:52:48:50:f5:
2e:c5:bd:a1:39:3e:8d:51:10:26:b1:6f:44:79:5f:56:84:92:
84:bd:8c:08:5d:61:7f:e9:00:65:e8:16:70:48:99:76:20:73:
1e:78:fd:4d:cf:38:dd:8b:2f:1b:11:49:e8:5a:24:4f:a5:24:
e6:3e:e5:ed:d2:f4:47:e4:ce:c2:b0:6a:2e:47:db:37:3e:a5:
ea:0a:2b:84:83:04:c6:ec:a3:fa:3e:80:c3:c3:de:2b:47:be:
a2:6c:5f:ce:e8:de:8b:7a:4a:e3:9d:7b:f9:3d:1b:d0:88:75:
21:6f:79:be:ec:af:32:b4:24:72:31:72:30:fc:dd:8d:53:1c:
e9:d6:b5:99
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZWW/ac36rUaS+ZgNzjDf7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjMwMjE1MTgzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQ5MGQ3NmEwZjEwMjIxMWYxZTU2ZDIwY2NiODQzYzgyMjExMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpcQTGMN4D/H4RfnU4DPwdIZuoOC
BXgb83PZIT52vRBwQnGUwC7WOtYmEuadPHa8XTroBhTT549cc/2FFvIiEnpxGhgA
LiKk0ZW7Gddkfq+fXZReM29XKEzq39vzNI9s6QVVjR9oJWkb1eODoEytayo6jLeL
Z/gkj7xfJedMlIKxyVLr9av3slhNaAG0bq+lp/z3619XOk4al2MDVto3thcHvfAj
wTMFb3s5liHFFzN6+vmVeMlu9FErd3FEuWFBhmM3x1yF3wXIULPHkXQp+mCRJDxm
CfAx3g9p0lBnzT88HBW1Gs5Yj7929jyPL4QnxPaNyK1ZLn8HLraV8UJSiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIXZDXag8QIhHx5W0gzLhDyCIRAQMB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvaGRrTmRxRHhBaUVmSGxiU0RNdUVQSUloRUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFHyqAAwQE
sp9AAwQEstqAAwQCuWYwAwQCuascAwQCubdYAwQBuc44MA0GCSqGSIb3DQEBCwUA
A4IBAQBy75cptHc/jUrRymWV6SnLRt1eXDgtevou5mPudsYMrVo4xZMYWuadkBZk
j7FdL7pbn7JrzgK4zYti/IRFvcMBHe6ByuyJXIGFi84MI3DCOVNHClR8qbt8LkCP
3vidol0xsZfHKFVQcPapyMnRFdil2NlHTNlpje7HH1JIUPUuxb2hOT6NURAmsW9E
eV9WhJKEvYwIXWF/6QBl6BZwSJl2IHMeeP1Nzzjdiy8bEUnoWiRPpSTmPuXt0vRH
5M7CsGouR9s3PqXqCiuEgwTG7KP6PoDDw94rR76ibF/O6N6LekrjnXv5PRvQiHUh
b3m+7K8ytCRyMXIw/N2NUxzp1rWZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:31 2023 by rpki-client on console-fra.rpki-client.org