Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hHIm2otIaJzoYAs1aaun1jP1km8.roa
File: hHIm2otIaJzoYAs1aaun1jP1km8.roa (raw, json)
Hash identifier: RUNHms5VZVRelQU2ekCwk4OJ+HagEKD7j7+IdYY1gpE=
Subject key identifier: 84:72:26:DA:8B:48:68:9C:E8:60:0B:35:69:AB:A7:D6:33:F5:92:6F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018AF9F37B82B67E8D79D274EC83187930D7
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hHIm2otIaJzoYAs1aaun1jP1km8.roa
Signing time: Wed 04 Oct 2023 09:09:58 +0000
ROA not before: Wed 04 Oct 2023 09:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199652
IP address blocks: 185.249.24.0/22 maxlen: 24
185.6.4.0/22 maxlen: 24
185.91.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:f3:7b:82:b6:7e:8d:79:d2:74:ec:83:18:79:30:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Oct 4 09:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=847226da8b48689ce8600b3569aba7d633f5926f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5d:43:3f:76:4a:c9:08:d8:1c:32:66:ca:52:
a0:15:62:e7:c4:db:12:4b:99:60:f1:aa:bc:3f:cf:
d6:d1:17:e7:3c:32:f8:00:b0:1d:68:46:01:43:c0:
05:9b:f4:0f:5a:30:b1:5d:20:bb:08:8b:d2:cb:2d:
3a:27:ea:24:7e:f3:49:4a:a2:07:e8:ce:f0:92:29:
9c:81:61:a4:18:38:d0:c2:33:15:49:ba:1c:5a:7f:
59:77:79:48:a9:99:8c:e6:27:54:e7:c3:7d:f9:8c:
f6:13:d7:8d:9d:5b:55:ad:10:c2:9f:cc:96:8e:fd:
a8:9e:42:3b:2d:5e:f5:44:95:c4:4a:80:f6:9f:f6:
29:a8:cc:39:d1:04:36:c1:94:d1:04:58:4a:60:16:
51:ca:2c:58:5d:3f:f5:27:e2:d0:90:94:30:90:c5:
e8:3f:f3:15:d1:6c:8d:e6:c8:02:b8:3e:e4:6c:74:
1d:fa:8d:82:72:07:5b:1e:1f:37:a5:1f:be:7e:3f:
c1:8f:d3:de:f1:48:5f:56:d0:6a:ce:3b:eb:02:e0:
8c:56:e2:c2:d8:b0:34:db:60:df:a2:84:76:bc:ca:
5e:1d:02:02:32:33:a4:05:2e:4b:6d:0c:3b:4c:38:
c4:11:ef:92:97:e0:51:75:fe:25:53:2e:ba:68:6c:
28:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:72:26:DA:8B:48:68:9C:E8:60:0B:35:69:AB:A7:D6:33:F5:92:6F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/hHIm2otIaJzoYAs1aaun1jP1km8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.4.0/22
185.91.228.0/22
185.249.24.0/22
Signature Algorithm: sha256WithRSAEncryption
47:96:cd:87:47:50:8d:04:6f:68:09:45:c6:dc:32:ba:5f:f2:
ed:f4:01:91:1c:07:aa:7f:95:60:6c:a7:70:17:2c:65:b0:ab:
65:f3:c6:44:93:54:41:98:d7:0a:2a:55:5d:9a:cd:26:56:ae:
c7:ca:4a:00:28:3f:c0:5c:ba:0d:0a:3a:66:03:fe:7f:7a:3e:
be:16:1c:30:0a:47:d1:dd:d0:50:ce:e1:dd:b3:cf:42:87:5b:
a8:e9:00:f7:7d:15:63:32:dc:27:ba:fc:bd:2f:c0:be:1b:eb:
24:0d:1e:e9:7a:b9:6c:3f:ec:24:29:74:be:30:45:ab:c4:26:
b0:cf:d2:f9:f3:e3:c6:51:91:4e:38:db:25:0e:e8:73:f1:3d:
75:e9:e9:21:43:d6:30:1c:3c:c9:b5:94:c3:fa:d0:ce:6f:30:
87:03:d2:65:1a:e6:87:a1:f4:72:89:12:08:51:dd:ca:19:07:
fc:f2:57:58:ba:b2:4e:bb:33:50:bd:80:06:fd:93:bf:24:17:
42:a4:dd:bc:d0:83:ec:d4:c3:e8:e6:8a:f8:18:99:27:29:4b:
0c:a4:79:29:59:cc:16:b5:7f:18:89:7c:3a:94:c7:12:0b:00:
48:ac:52:9c:67:22:ec:b6:1f:e3:82:e3:c8:9c:48:71:af:67:
2c:ba:13:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr583uCtn6NedJ07IMYeTDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMxMDA0MDkwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDcyMjZkYThiNDg2ODljZTg2MDBiMzU2OWFiYTdkNjMzZjU5MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF1DP3ZKyQjYHDJmylKgFWLnxNsS
S5lg8aq8P8/W0RfnPDL4ALAdaEYBQ8AFm/QPWjCxXSC7CIvSyy06J+okfvNJSqIH
6M7wkimcgWGkGDjQwjMVSbocWn9Zd3lIqZmM5idU58N9+Yz2E9eNnVtVrRDCn8yW
jv2onkI7LV71RJXESoD2n/YpqMw50QQ2wZTRBFhKYBZRyixYXT/1J+LQkJQwkMXo
P/MV0WyN5sgCuD7kbHQd+o2CcgdbHh83pR++fj/Bj9Pe8UhfVtBqzjvrAuCMVuLC
2LA022DfooR2vMpeHQICMjOkBS5LbQw7TDjEEe+Sl+BRdf4lUy66aGwo0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIRyJtqLSGic6GALNWmrp9Yz9ZJvMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvaEhJbTJvdElhSnpvWUFzMWFhdW4xalAxa204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQYEAwQC
uVvkAwQCufkYMA0GCSqGSIb3DQEBCwUAA4IBAQBHls2HR1CNBG9oCUXG3DK6X/Lt
9AGRHAeqf5VgbKdwFyxlsKtl88ZEk1RBmNcKKlVdms0mVq7HykoAKD/AXLoNCjpm
A/5/ej6+FhwwCkfR3dBQzuHds89Ch1uo6QD3fRVjMtwnuvy9L8C+G+skDR7perls
P+wkKXS+MEWrxCawz9L58+PGUZFOONslDuhz8T116ekhQ9YwHDzJtZTD+tDObzCH
A9JlGuaHofRyiRIIUd3KGQf88ldYurJOuzNQvYAG/ZO/JBdCpN280IPs1MPo5or4
GJknKUsMpHkpWcwWtX8YiXw6lMcSCwBIrFKcZyLsth/jguPInEhxr2csuhMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org