Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hcjRl984ONRfRmVj_KkHfnu4Nm0.roa
File: hcjRl984ONRfRmVj_KkHfnu4Nm0.roa (raw, json)
Hash identifier: Goes+EvVMVSOljFNU6Mz9fqeIHsG97V/rNPNhh7tSb4=
Subject key identifier: 85:C8:D1:97:DF:38:38:D4:5F:46:65:63:FC:A9:07:7E:7B:B8:36:6D
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018A26942F22658BDC4C98EBEC4FB108304D
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hcjRl984ONRfRmVj_KkHfnu4Nm0.roa
Signing time: Thu 24 Aug 2023 08:06:00 +0000
ROA not before: Thu 24 Aug 2023 08:06:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:94:2f:22:65:8b:dc:4c:98:eb:ec:4f:b1:08:30:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Aug 24 08:06:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85c8d197df3838d45f466563fca9077e7bb8366d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f8:77:3e:64:4c:a7:e5:73:d5:cb:84:1a:75:
94:63:ea:75:04:00:08:53:a7:0d:7c:99:c5:e4:69:
68:22:96:4a:11:e1:3a:6d:70:d8:05:64:63:ed:5b:
c1:eb:ab:ca:b4:5b:41:5f:b6:f7:f0:6a:66:38:39:
f6:b2:0b:9b:09:ba:0f:7b:d8:7d:8d:82:df:6b:cf:
17:95:64:4c:16:fd:e5:ec:9e:5a:cc:5c:d9:17:03:
4c:b0:c8:b7:85:b3:3f:bf:c2:f5:94:00:ac:cd:c5:
76:79:f3:f7:d3:57:0f:ad:75:34:e1:7d:1f:46:a3:
0b:25:a6:c1:59:3f:ef:71:69:8d:f2:d4:36:ff:f6:
d6:5d:08:e8:de:fe:75:ef:6f:11:76:5b:b5:94:11:
33:8b:d5:4c:24:39:76:cd:99:eb:49:2e:6b:a6:51:
c1:b8:33:ea:9a:93:1f:7e:2b:78:f5:d4:7b:52:51:
49:8a:a3:7e:d1:79:db:da:20:29:a2:8d:9b:bd:85:
fd:a5:32:62:b0:1f:49:73:66:af:2e:bc:cd:00:52:
82:0a:c3:d3:77:b5:f1:03:ac:9e:f3:95:e6:20:b7:
15:fc:3b:39:79:cd:1e:1c:be:9f:6c:e8:f1:ea:76:
74:63:c2:63:01:b8:41:41:a2:fe:53:58:32:2f:40:
0b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C8:D1:97:DF:38:38:D4:5F:46:65:63:FC:A9:07:7E:7B:B8:36:6D
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hcjRl984ONRfRmVj_KkHfnu4Nm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/24
141.98.137.0/24
141.98.139.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:62:26:6c:b8:8b:e9:81:0c:13:4b:e8:6f:a5:2e:3f:33:cc:
8e:48:05:f3:4a:2d:4e:38:9a:b3:9c:88:21:6c:de:e5:86:aa:
6e:bd:f0:4f:05:e6:6f:8e:b9:18:2f:3c:68:50:ad:1b:86:4f:
05:0a:51:ad:6c:6f:d0:37:b9:e9:c9:28:65:6f:4a:56:d1:66:
a2:4a:de:1c:11:49:c0:7f:a6:c0:c5:76:ba:a3:0a:7a:d2:53:
ed:5c:18:43:72:ef:ff:7b:c9:57:37:49:22:fd:7a:7b:ab:1d:
74:77:39:de:cd:34:58:73:54:e9:00:20:0e:08:98:0b:82:7e:
7c:e4:f6:75:49:ca:35:e4:5b:41:2f:b6:50:9a:61:5e:78:6b:
e6:9f:2b:95:40:04:ff:6d:e0:6a:72:f1:f1:ab:46:46:96:ab:
03:b9:de:b2:30:9e:f0:e9:4d:13:50:4c:2a:fa:5b:d5:83:f6:
7b:82:0f:d9:ff:2e:0f:c2:53:9f:ce:d6:95:b4:b0:2f:75:a6:
8c:4c:15:28:c8:ef:29:4a:ce:61:b1:d1:6e:f8:72:d3:e4:c4:
a1:a2:65:b1:3a:ef:86:e1:dd:61:58:e8:78:b3:c0:30:c6:d1:
f2:a8:97:1d:f9:9a:04:e8:b6:d3:48:f1:9b:b9:a1:e1:54:71:
a1:9b:37:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYomlC8iZYvcTJjr7E+xCDBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwODI0MDgwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM4ZDE5N2RmMzgzOGQ0NWY0NjY1NjNmY2E5MDc3ZTdiYjgzNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovh3PmRMp+Vz1cuEGnWUY+p1BAAI
U6cNfJnF5GloIpZKEeE6bXDYBWRj7VvB66vKtFtBX7b38GpmODn2sgubCboPe9h9
jYLfa88XlWRMFv3l7J5azFzZFwNMsMi3hbM/v8L1lACszcV2efP301cPrXU04X0f
RqMLJabBWT/vcWmN8tQ2//bWXQjo3v51728Rdlu1lBEzi9VMJDl2zZnrSS5rplHB
uDPqmpMffit49dR7UlFJiqN+0Xnb2iApoo2bvYX9pTJisB9Jc2avLrzNAFKCCsPT
d7XxA6ye85XmILcV/Ds5ec0eHL6fbOjx6nZ0Y8JjAbhBQaL+U1gyL0ALqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIXI0ZffODjUX0ZlY/ypB357uDZtMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvaGNqUmw5ODRPTlJmUm1Wal9La0hmbnU0Tm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALq+CAwQA
e/3UAwQAjWKJAwQAjWKLMA0GCSqGSIb3DQEBCwUAA4IBAQBLYiZsuIvpgQwTS+hv
pS4/M8yOSAXzSi1OOJqznIghbN7lhqpuvfBPBeZvjrkYLzxoUK0bhk8FClGtbG/Q
N7npyShlb0pW0WaiSt4cEUnAf6bAxXa6owp60lPtXBhDcu//e8lXN0ki/Xp7qx10
dznezTRYc1TpACAOCJgLgn585PZ1Sco15FtBL7ZQmmFeeGvmnyuVQAT/beBqcvHx
q0ZGlqsDud6yMJ7w6U0TUEwq+lvVg/Z7gg/Z/y4PwlOfztaVtLAvdaaMTBUoyO8p
Ss5hsdFu+HLT5MShomWxOu+G4d1hWOh4s8AwxtHyqJcd+ZoE6LbTSPGbuaHhVHGh
mzc5
Generated at Sat Aug 26 05:09:31 2023 by rpki-client on console-ams.rpki-client.org