Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cfcb93-d8f4-469a-90f9-8f34df304927/1/hBmlXIF_6FCD274_NiNsUfBE9NA.roa
File: hBmlXIF_6FCD274_NiNsUfBE9NA.roa (raw, json)
Hash identifier: MDQV5sO7utHyWYDGq5QvK5lP860TqV9Z1Ln9Kd4o8vk=
Subject key identifier: 84:19:A5:5C:81:7F:E8:50:83:DB:BE:3F:36:23:6C:51:F0:44:F4:D0
Certificate issuer: /CN=8fc6338b2e921d9126c536303f078c9ebb9a8752
Certificate serial: 01856D0AC6AACF530A3D8A63F157B5137F2F
Authority key identifier: 8F:C6:33:8B:2E:92:1D:91:26:C5:36:30:3F:07:8C:9E:BB:9A:87:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8Yziy6SHZEmxTYwPweMnruah1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cfcb93-d8f4-469a-90f9-8f34df304927/1/hBmlXIF_6FCD274_NiNsUfBE9NA.roa
Signing time: Sun 01 Jan 2023 11:15:00 +0000
ROA not before: Sun 01 Jan 2023 11:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60145
IP address blocks: 185.55.184.0/24 maxlen: 24
185.55.185.0/24 maxlen: 24
185.55.186.0/24 maxlen: 24
185.55.184.0/22 maxlen: 22
185.55.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c6:aa:cf:53:0a:3d:8a:63:f1:57:b5:13:7f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc6338b2e921d9126c536303f078c9ebb9a8752
Validity
Not Before: Jan 1 11:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8419a55c817fe85083dbbe3f36236c51f044f4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ce:e8:23:b1:88:7f:f3:3c:30:1a:8c:2d:e2:
68:d4:98:05:3e:87:d3:59:94:91:24:db:73:78:57:
19:66:e8:c0:16:fd:b6:0d:35:e5:b6:d6:a4:48:6f:
27:83:0b:44:4c:62:d6:4f:9c:d1:3e:be:2e:4f:5e:
c0:09:64:8e:62:ae:ca:58:b9:2e:10:47:9c:59:29:
30:83:03:88:ce:cf:68:ec:1e:65:58:46:82:78:c7:
5a:1f:41:67:a2:0b:ac:30:00:f9:86:c7:8e:02:c2:
26:44:64:9f:a3:ea:8a:6e:cf:61:43:40:b1:dc:ae:
49:7e:cc:cf:42:fd:3c:82:f6:a0:73:b2:96:cf:40:
11:72:bf:8f:a6:47:e7:65:e5:cf:ec:4a:0a:34:80:
95:bf:6c:d9:24:a4:33:f9:44:e2:16:af:3b:5e:3c:
89:18:c1:84:e1:8a:8f:20:35:01:d8:9e:2e:95:c0:
05:36:bc:9d:c6:d1:66:ae:71:ca:39:45:99:7a:da:
9b:b7:d8:08:83:e6:99:41:80:d2:91:0d:b8:18:26:
3b:36:39:7c:8b:8c:76:b4:bc:1b:12:af:56:c4:be:
e0:42:42:4f:fc:37:6d:2b:69:70:56:a1:1c:77:bc:
8f:8f:6c:d9:34:79:29:7b:47:cc:2d:f3:37:30:2e:
f8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:19:A5:5C:81:7F:E8:50:83:DB:BE:3F:36:23:6C:51:F0:44:F4:D0
X509v3 Authority Key Identifier:
keyid:8F:C6:33:8B:2E:92:1D:91:26:C5:36:30:3F:07:8C:9E:BB:9A:87:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8Yziy6SHZEmxTYwPweMnruah1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cfcb93-d8f4-469a-90f9-8f34df304927/1/hBmlXIF_6FCD274_NiNsUfBE9NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cfcb93-d8f4-469a-90f9-8f34df304927/1/j8Yziy6SHZEmxTYwPweMnruah1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.184.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:c8:d1:94:63:ed:d3:de:c8:6c:b6:a9:1e:6f:56:d8:f9:70:
ef:3e:54:64:79:07:7e:b3:5d:bf:e3:18:28:a0:0d:24:54:21:
3d:2c:1c:d8:93:55:e0:12:b0:3b:1c:98:2c:85:a9:0f:82:cb:
fa:00:09:a2:d5:60:4f:25:b3:1e:15:cd:6d:32:54:1b:9f:50:
93:9f:1b:ce:14:78:46:d5:d0:d5:9a:e4:44:bd:87:20:6c:57:
d6:ad:44:e5:09:8a:d1:31:f6:ee:89:bf:54:c6:0f:43:5e:1f:
98:8f:6a:ce:e6:a3:09:05:c0:ea:f8:b5:c7:71:49:2a:f1:a9:
e7:56:25:44:f5:01:9f:cc:03:df:4c:bd:f6:59:6c:95:fe:f5:
89:d7:17:34:cc:c7:45:1b:33:7a:28:29:4c:ee:67:73:e7:59:
91:1f:96:eb:ab:2d:f7:b6:95:5f:e2:6d:49:0a:9e:b3:d8:42:
d8:2b:33:f7:a5:02:4b:04:7c:02:e9:91:f9:21:bb:b0:9f:ad:
87:e7:46:60:f2:83:02:c7:13:83:1c:91:6d:c8:db:c2:dd:f5:
4a:cd:97:fb:e2:8d:50:61:0d:8e:c1:1f:7d:83:85:51:b3:36:
bd:44:15:3e:ce:29:77:04:5d:95:8f:75:6f:1f:99:25:58:af:
a0:0f:90:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCsaqz1MKPYpj8Ve1E38vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzYzMzhiMmU5MjFkOTEyNmM1MzYzMDNmMDc4YzllYmI5
YTg3NTIwHhcNMjMwMTAxMTExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE5YTU1YzgxN2ZlODUwODNkYmJlM2YzNjIzNmM1MWYwNDRmNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx87oI7GIf/M8MBqMLeJo1JgFPofT
WZSRJNtzeFcZZujAFv22DTXlttakSG8ngwtETGLWT5zRPr4uT17ACWSOYq7KWLku
EEecWSkwgwOIzs9o7B5lWEaCeMdaH0FnogusMAD5hseOAsImRGSfo+qKbs9hQ0Cx
3K5JfszPQv08gvagc7KWz0ARcr+PpkfnZeXP7EoKNICVv2zZJKQz+UTiFq87XjyJ
GMGE4YqPIDUB2J4ulcAFNrydxtFmrnHKOUWZetqbt9gIg+aZQYDSkQ24GCY7Njl8
i4x2tLwbEq9WxL7gQkJP/DdtK2lwVqEcd7yPj2zZNHkpe0fMLfM3MC74lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQZpVyBf+hQg9u+PzYjbFHwRPTQMB8GA1UdIwQY
MBaAFI/GM4sukh2RJsU2MD8HjJ67modSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhZeml5NlNIWkVteFRZd1B3ZU1ucnVhaDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZmNiOTMtZDhmNC00NjlhLTkwZjkt
OGYzNGRmMzA0OTI3LzEvaEJtbFhJRl82RkNEMjc0X05pTnNVZkJFOU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZmNiOTMtZDhmNC00NjlhLTkwZjktOGYzNGRmMzA0OTI3
LzEvajhZeml5NlNIWkVteFRZd1B3ZU1ucnVhaDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTe4MA0G
CSqGSIb3DQEBCwUAA4IBAQBuyNGUY+3T3shstqkeb1bY+XDvPlRkeQd+s12/4xgo
oA0kVCE9LBzYk1XgErA7HJgshakPgsv6AAmi1WBPJbMeFc1tMlQbn1CTnxvOFHhG
1dDVmuREvYcgbFfWrUTlCYrRMfbuib9Uxg9DXh+Yj2rO5qMJBcDq+LXHcUkq8ann
ViVE9QGfzAPfTL32WWyV/vWJ1xc0zMdFGzN6KClM7mdz51mRH5brqy33tpVf4m1J
Cp6z2ELYKzP3pQJLBHwC6ZH5Ibuwn62H50Zg8oMCxxODHJFtyNvC3fVKzZf74o1Q
YQ2OwR99g4VRsza9RBU+zil3BF2Vj3VvH5klWK+gD5A0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:53 2024 by rpki-client on console-ams.rpki-client.org