Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HwIZgna5IXkuDHqpV_O2vjGvhVM.roa
File: HwIZgna5IXkuDHqpV_O2vjGvhVM.roa (raw, json)
Hash identifier: 9yBvmWKeX/AXcy/t8OnsB7Ph2SicCwT3l+7aXw3b0Ak=
Subject key identifier: 1F:02:19:82:76:B9:21:79:2E:0C:7A:A9:57:F3:B6:BE:31:AF:85:53
Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial: 01870A11BABFEF396C3A6428C1A19B9EDF20
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HwIZgna5IXkuDHqpV_O2vjGvhVM.roa
Signing time: Wed 22 Mar 2023 16:05:46 +0000
ROA not before: Wed 22 Mar 2023 16:05:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211095
IP address blocks: 185.68.235.0/24 maxlen: 24
185.68.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:11:ba:bf:ef:39:6c:3a:64:28:c1:a1:9b:9e:df:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Validity
Not Before: Mar 22 16:05:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f02198276b921792e0c7aa957f3b6be31af8553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:f2:b0:e7:94:78:f9:b6:49:ef:7c:3b:4f:
52:b6:4e:44:b0:53:80:16:e3:00:d6:af:56:a8:16:
2f:18:99:92:e2:0b:d9:a8:84:aa:39:15:56:dd:c3:
c1:2e:84:47:ac:c1:fc:ac:f1:c1:91:5d:3f:88:1b:
59:c9:3d:89:2b:50:9f:55:a9:f1:ef:cc:01:96:f6:
a8:d5:cc:c8:38:55:91:48:cc:51:4c:d1:01:ba:e1:
1c:50:e4:0d:12:ea:82:f9:52:92:f9:44:86:1f:80:
f6:f5:4b:0c:71:41:64:61:c8:a7:c2:b0:96:74:2c:
03:66:13:64:73:64:4d:83:bd:17:89:c6:01:0b:c8:
d4:60:34:27:64:06:99:0b:a5:5b:fd:c5:72:c2:7e:
2f:30:9a:8f:6a:4b:ab:96:83:49:3f:79:5a:1d:c2:
12:eb:a8:ee:61:76:ad:c3:b8:f1:ba:9f:59:70:7f:
5e:60:ff:c3:04:01:39:4f:00:de:1c:b6:57:2b:89:
e3:06:eb:4c:e3:52:d3:ab:8a:55:1c:3a:4f:73:0e:
c8:89:8c:ae:3a:50:36:01:41:73:3f:86:c5:2f:74:
19:e9:f8:41:47:64:e9:79:70:f6:8b:9b:1f:ee:f5:
e8:6a:99:0d:ad:6d:4d:df:88:2c:ab:3a:dc:72:73:
20:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:02:19:82:76:B9:21:79:2E:0C:7A:A9:57:F3:B6:BE:31:AF:85:53
X509v3 Authority Key Identifier:
keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HwIZgna5IXkuDHqpV_O2vjGvhVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.234.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:c6:a7:ef:b9:e1:b5:0a:a7:73:23:82:59:2f:94:3e:94:0e:
e3:fa:26:93:5d:b1:58:22:ea:b0:00:2d:7a:65:35:dc:20:8c:
44:6e:8d:fc:8d:73:fa:48:03:75:52:04:07:8e:09:71:de:3b:
16:f7:98:3e:32:45:57:73:75:cf:65:ed:6b:2e:4a:56:bd:5a:
e7:36:f0:e2:1a:fc:48:ce:3c:c5:55:03:4c:eb:02:cd:27:37:
ac:b6:a0:76:78:48:ba:29:c5:97:27:2a:92:43:a3:a3:4a:bd:
a3:ba:e0:e6:0f:0a:aa:33:bc:96:98:d5:00:04:ab:16:72:af:
d4:46:45:9d:2b:dd:eb:5d:26:6e:35:05:d6:b4:d8:66:db:bb:
fc:62:03:18:42:6d:65:bd:bd:74:d2:a6:95:e4:d0:3d:26:25:
f7:ee:a1:ca:74:48:c5:22:1f:31:7c:49:9a:99:6d:91:8b:0d:
b4:b6:bb:e4:ba:b9:f2:09:e2:10:9f:48:97:07:cd:7c:96:b2:
3d:e7:fe:08:13:fe:70:ce:71:52:35:d6:89:68:c5:93:b8:1f:
45:d5:70:29:8e:aa:dc:f3:09:4b:4f:9e:2e:4c:8c:f1:fd:99:
da:a2:71:9e:6a:ae:a7:4c:5b:63:54:1b:15:b3:ee:5e:e5:08:
08:70:2e:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcKEbq/7zlsOmQowaGbnt8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjMwMzIyMTYwNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAyMTk4Mjc2YjkyMTc5MmUwYzdhYTk1N2YzYjZiZTMxYWY4NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXbysOeUePm2Se98O09Stk5EsFOA
FuMA1q9WqBYvGJmS4gvZqISqORVW3cPBLoRHrMH8rPHBkV0/iBtZyT2JK1CfVanx
78wBlvao1czIOFWRSMxRTNEBuuEcUOQNEuqC+VKS+USGH4D29UsMcUFkYcinwrCW
dCwDZhNkc2RNg70XicYBC8jUYDQnZAaZC6Vb/cVywn4vMJqPakurloNJP3laHcIS
66juYXatw7jxup9ZcH9eYP/DBAE5TwDeHLZXK4njButM41LTq4pVHDpPcw7IiYyu
OlA2AUFzP4bFL3QZ6fhBR2TpeXD2i5sf7vXoapkNrW1N34gsqzrccnMgywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8CGYJ2uSF5Lgx6qVfztr4xr4VTMB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvSHdJWmduYTVJWGt1REhxcFZfTzJ2akd2aFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0
LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUTqMA0G
CSqGSIb3DQEBCwUAA4IBAQCnxqfvueG1CqdzI4JZL5Q+lA7j+iaTXbFYIuqwAC16
ZTXcIIxEbo38jXP6SAN1UgQHjglx3jsW95g+MkVXc3XPZe1rLkpWvVrnNvDiGvxI
zjzFVQNM6wLNJzestqB2eEi6KcWXJyqSQ6OjSr2juuDmDwqqM7yWmNUABKsWcq/U
RkWdK93rXSZuNQXWtNhm27v8YgMYQm1lvb100qaV5NA9JiX37qHKdEjFIh8xfEma
mW2Riw20trvkurnyCeIQn0iXB818lrI95/4IE/5wznFSNdaJaMWTuB9F1XApjqrc
8wlLT54uTIzx/ZnaonGeaq6nTFtjVBsVs+5e5QgIcC41
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:17 2024 by rpki-client on console-fra.rpki-client.org