Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/HbPm9gYPApnFftLYoi9sUM9LTSw.roa
File: HbPm9gYPApnFftLYoi9sUM9LTSw.roa (raw, json)
Hash identifier: HDRRW+WWiFMaQ8mHa1iKn+hs/J1ZSH2P554TL9LJNyw=
Subject key identifier: 1D:B3:E6:F6:06:0F:02:99:C5:7E:D2:D8:A2:2F:6C:50:CF:4B:4D:2C
Certificate issuer: /CN=d71ee53337a1d05baa47e009cb5ba9f2c4570144
Certificate serial: 01857228083F1B4F7AC0218F260CB3FE4E24
Authority key identifier: D7:1E:E5:33:37:A1:D0:5B:AA:47:E0:09:CB:5B:A9:F2:C4:57:01:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1x7lMzeh0FuqR-AJy1up8sRXAUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/HbPm9gYPApnFftLYoi9sUM9LTSw.roa
Signing time: Mon 02 Jan 2023 11:05:04 +0000
ROA not before: Mon 02 Jan 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.211.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:08:3f:1b:4f:7a:c0:21:8f:26:0c:b3:fe:4e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d71ee53337a1d05baa47e009cb5ba9f2c4570144
Validity
Not Before: Jan 2 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1db3e6f6060f0299c57ed2d8a22f6c50cf4b4d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:a8:5f:dc:35:ef:d4:f7:36:e8:70:72:48:
d9:8a:00:eb:c4:3c:7a:92:d5:8f:e4:0f:a7:c3:59:
e9:63:46:b6:ed:94:c4:01:4a:dd:bc:1a:69:39:c4:
60:e8:9c:9c:fe:c1:70:29:a0:a3:83:be:32:83:ad:
f9:0d:97:01:2f:a6:74:c2:78:37:9b:0d:ae:38:5f:
df:4e:01:fa:e3:8a:79:17:c4:11:a8:ce:7f:75:94:
2c:ae:94:fa:96:7a:6a:c5:a1:81:b3:57:91:ae:bb:
63:95:20:d6:80:35:11:fc:11:88:1c:ef:32:bb:bc:
a2:af:53:84:48:f2:04:f4:20:5b:03:32:ef:1b:a6:
ae:5a:96:60:8c:fc:cc:02:ad:11:52:ae:4f:8c:85:
74:ee:9a:bf:44:f0:ac:50:03:9a:2a:37:e6:c0:78:
c7:72:c3:37:38:6c:d3:e2:d3:e6:5c:69:8b:03:98:
80:fc:ee:62:d6:69:b4:dd:cf:85:66:c2:bd:e8:83:
f2:57:ee:35:61:09:98:5b:95:2a:4b:ce:f1:54:ed:
6d:28:ed:dc:73:1e:b4:48:14:34:68:1b:ab:4b:7c:
70:f5:b1:c5:63:26:66:3e:83:bb:63:cb:67:9d:06:
9e:37:99:d0:60:da:4c:c4:3f:5b:77:b4:b2:d0:f1:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B3:E6:F6:06:0F:02:99:C5:7E:D2:D8:A2:2F:6C:50:CF:4B:4D:2C
X509v3 Authority Key Identifier:
keyid:D7:1E:E5:33:37:A1:D0:5B:AA:47:E0:09:CB:5B:A9:F2:C4:57:01:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1x7lMzeh0FuqR-AJy1up8sRXAUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/HbPm9gYPApnFftLYoi9sUM9LTSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/1x7lMzeh0FuqR-AJy1up8sRXAUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.168.0/24
Signature Algorithm: sha256WithRSAEncryption
06:42:df:bc:ef:2d:bf:c6:2c:5c:bb:af:12:aa:7c:db:f2:6b:
d9:56:6e:4a:9e:f1:90:df:28:b8:b6:2e:10:92:87:8e:6b:1d:
11:48:54:84:7d:7c:ee:29:3d:c1:62:9b:ea:28:98:5b:7c:f0:
23:1e:90:a8:e2:2d:37:c5:3d:24:3c:96:55:e7:99:1e:73:d3:
6e:3d:6b:05:1d:0c:ac:8a:d0:0c:2b:e2:e3:cb:47:29:97:55:
00:4f:9b:17:5c:a4:dc:71:4d:21:74:6f:e9:d0:2d:19:3e:0d:
32:62:78:74:95:26:4a:31:54:4f:42:93:04:f0:82:f2:de:cb:
5e:8e:8a:86:ef:56:a2:df:f2:83:9c:6b:62:30:12:ad:d9:6c:
9c:67:5a:d1:87:a6:66:ba:ab:e1:8b:cd:88:6c:2e:ce:50:5d:
f7:42:01:97:f8:f0:f8:03:f0:af:fc:93:1a:f5:1d:28:77:45:
f6:49:e1:d6:d8:5f:2a:5e:d9:7c:8a:58:d7:51:80:a9:ee:70:
f2:86:f7:79:ea:d8:98:6a:51:37:0e:72:cc:73:15:e7:b6:cc:
8b:09:45:4c:33:44:91:a8:cb:6f:37:a4:9f:f0:ad:b1:8f:d6:
43:32:e1:a7:64:a8:21:8a:af:78:85:f9:6d:b2:52:6d:78:fc:
78:2b:b3:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyKAg/G096wCGPJgyz/k4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MWVlNTMzMzdhMWQwNWJhYTQ3ZTAwOWNiNWJhOWYyYzQ1
NzAxNDQwHhcNMjMwMTAyMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIzZTZmNjA2MGYwMjk5YzU3ZWQyZDhhMjJmNmM1MGNmNGI0ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhGoX9w179T3NuhwckjZigDrxDx6
ktWP5A+nw1npY0a27ZTEAUrdvBppOcRg6Jyc/sFwKaCjg74yg635DZcBL6Z0wng3
mw2uOF/fTgH644p5F8QRqM5/dZQsrpT6lnpqxaGBs1eRrrtjlSDWgDUR/BGIHO8y
u7yir1OESPIE9CBbAzLvG6auWpZgjPzMAq0RUq5PjIV07pq/RPCsUAOaKjfmwHjH
csM3OGzT4tPmXGmLA5iA/O5i1mm03c+FZsK96IPyV+41YQmYW5UqS87xVO1tKO3c
cx60SBQ0aBurS3xw9bHFYyZmPoO7Y8tnnQaeN5nQYNpMxD9bd7Sy0PFwPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2z5vYGDwKZxX7S2KIvbFDPS00sMB8GA1UdIwQY
MBaAFNce5TM3odBbqkfgCctbqfLEVwFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXg3bE16ZWgwRnVxUi1BSnkxdXA4c1JYQVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wODQyZWEtNzg4YS00OTViLWJkMjEt
NTE4MDE1ZjU5ZTQ3LzEvSGJQbTlnWVBBcG5GZnRMWW9pOXNVTTlMVFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wODQyZWEtNzg4YS00OTViLWJkMjEtNTE4MDE1ZjU5ZTQ3
LzEvMXg3bE16ZWgwRnVxUi1BSnkxdXA4c1JYQVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudOoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGQt+87y2/xixcu68Sqnzb8mvZVm5KnvGQ3yi4ti4Q
koeOax0RSFSEfXzuKT3BYpvqKJhbfPAjHpCo4i03xT0kPJZV55kec9NuPWsFHQys
itAMK+Ljy0cpl1UAT5sXXKTccU0hdG/p0C0ZPg0yYnh0lSZKMVRPQpME8ILy3ste
joqG71ai3/KDnGtiMBKt2WycZ1rRh6Zmuqvhi82IbC7OUF33QgGX+PD4A/Cv/JMa
9R0od0X2SeHW2F8qXtl8iljXUYCp7nDyhvd56tiYalE3DnLMcxXntsyLCUVMM0SR
qMtvN6Sf8K2xj9ZDMuGnZKghiq94hfltslJtePx4K7NP
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:49 2024 by rpki-client on console-fra.rpki-client.org