Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/hNDThwY6XqyIoJLU4HbKS4GspEQ.roa
File: hNDThwY6XqyIoJLU4HbKS4GspEQ.roa (raw, json)
Hash identifier: uz0ULGN1eLXNpLoKx2nZgKeAN7ZbunYmVKlZFCFHNZw=
Subject key identifier: 84:D0:D3:87:06:3A:5E:AC:88:A0:92:D4:E0:76:CA:4B:81:AC:A4:44
Certificate issuer: /CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Certificate serial: 01856F39393662947BC24409ED68FCF72D70
Authority key identifier: DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/hNDThwY6XqyIoJLU4HbKS4GspEQ.roa
Signing time: Sun 01 Jan 2023 21:24:59 +0000
ROA not before: Sun 01 Jan 2023 21:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210939
IP address blocks: 185.237.124.0/22 maxlen: 22
2a11:9700::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:39:36:62:94:7b:c2:44:09:ed:68:fc:f7:2d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Validity
Not Before: Jan 1 21:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d0d387063a5eac88a092d4e076ca4b81aca444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:fb:2c:ae:fe:dc:d7:51:5b:1d:87:6c:92:
6f:23:25:ab:14:50:0a:16:cf:4c:70:7b:92:fd:b3:
b9:f2:ab:29:73:fa:54:f4:10:d6:b2:02:c8:64:d5:
92:4a:e6:96:12:e3:16:53:e5:65:03:8f:0a:f4:bf:
3f:1b:d5:68:ac:51:84:d3:c4:a8:8a:1f:96:50:0d:
e6:9b:54:a8:0a:96:4c:3d:c0:f1:fa:8d:d9:fc:69:
e2:80:5d:28:a4:52:34:d9:c0:c3:04:0a:63:66:db:
93:10:c5:9f:9b:79:7a:9c:07:e2:11:b1:4f:cf:43:
7c:a8:d8:76:e0:e5:93:de:a5:09:38:81:96:df:c9:
ec:cd:01:88:12:3f:c1:d1:a2:45:36:7c:e0:1c:35:
d3:ac:93:ba:49:2b:56:e9:cb:37:e8:41:98:17:e3:
25:49:24:6a:d8:9e:08:5e:a2:d6:fc:2c:24:af:92:
e6:ca:4d:03:e9:bd:33:34:d9:fb:e0:f3:af:36:54:
90:e4:1e:67:a6:f9:74:22:f6:c7:b0:d7:1b:09:65:
fc:f6:8a:5d:8f:d3:b5:f1:e4:98:f0:c0:8c:54:f3:
65:13:c3:1e:a6:9c:1c:ce:92:c3:d6:92:ee:a3:4d:
1e:b5:5b:28:09:fd:65:25:98:06:ea:dd:dd:91:eb:
53:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D0:D3:87:06:3A:5E:AC:88:A0:92:D4:E0:76:CA:4B:81:AC:A4:44
X509v3 Authority Key Identifier:
keyid:DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/hNDThwY6XqyIoJLU4HbKS4GspEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.124.0/22
IPv6:
2a11:9700::/32
Signature Algorithm: sha256WithRSAEncryption
8e:87:9c:0d:f7:25:5d:86:fe:ea:ae:51:ae:87:f0:7b:0e:0d:
cf:35:75:8f:7c:5a:5a:81:4f:02:5d:1b:9f:94:86:f9:0a:de:
9f:68:5d:2f:92:ef:73:04:f7:8f:3b:df:8b:e0:75:95:5f:00:
fe:c7:60:be:8d:c8:b5:d3:d7:93:2d:13:44:26:f0:6c:48:d5:
9c:69:50:71:f5:53:88:df:43:11:91:89:dc:be:82:9a:aa:1f:
88:ad:7e:9b:07:cf:07:b3:3c:78:f8:f7:77:3c:5d:0b:b5:a4:
69:68:f2:bf:9d:b4:92:7c:12:2f:b7:ef:4b:be:3d:fe:a4:77:
3d:cd:60:50:4e:66:e0:46:94:b1:50:21:ad:9a:6c:9e:4c:86:
85:4e:20:b6:61:63:9d:75:9b:9e:5b:b7:95:06:d3:57:22:c7:
af:b6:e8:d1:ce:ca:aa:50:87:1f:41:2f:5f:2c:5e:00:c9:62:
f1:7a:8a:09:10:87:1a:ed:01:85:69:34:8e:da:d2:b9:49:f9:
4d:3f:fc:18:93:5e:2c:f0:54:9c:8d:8b:85:59:4e:f8:80:dc:
83:1f:0d:f4:90:5d:be:97:d8:b7:03:26:13:da:ea:b0:47:6a:
05:50:02:ee:41:b6:df:83:4f:ac:f8:e0:4c:37:fe:f9:14:1d:
cc:91:62:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOTk2YpR7wkQJ7Wj89y1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTBkMDRiZjU3ZmE0ODY4ZTY5OTk3YzgzYjNhZDc3MWZk
NTBhOWQwHhcNMjMwMTAxMjEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQwZDM4NzA2M2E1ZWFjODhhMDkyZDRlMDc2Y2E0YjgxYWNhNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozr7LK7+3NdRWx2HbJJvIyWrFFAK
Fs9McHuS/bO58qspc/pU9BDWsgLIZNWSSuaWEuMWU+VlA48K9L8/G9VorFGE08So
ih+WUA3mm1SoCpZMPcDx+o3Z/GnigF0opFI02cDDBApjZtuTEMWfm3l6nAfiEbFP
z0N8qNh24OWT3qUJOIGW38nszQGIEj/B0aJFNnzgHDXTrJO6SStW6cs36EGYF+Ml
SSRq2J4IXqLW/Cwkr5Lmyk0D6b0zNNn74POvNlSQ5B5npvl0IvbHsNcbCWX89opd
j9O18eSY8MCMVPNlE8MeppwczpLD1pLuo00etVsoCf1lJZgG6t3dketTiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFITQ04cGOl6siKCS1OB2ykuBrKREMB8GA1UdIwQY
MBaAFNqQ0Ev1f6SGjmmZfIOzrXcf1QqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgt
NTFhZDljMzgyYThkLzEvaE5EVGh3WTZYcXlJb0pMVTRIYktTNEdzcEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgtNTFhZDljMzgyYThk
LzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue18MA0E
AgACMAcDBQAqEZcAMA0GCSqGSIb3DQEBCwUAA4IBAQCOh5wN9yVdhv7qrlGuh/B7
Dg3PNXWPfFpagU8CXRuflIb5Ct6faF0vku9zBPePO9+L4HWVXwD+x2C+jci109eT
LRNEJvBsSNWcaVBx9VOI30MRkYncvoKaqh+IrX6bB88Hszx4+Pd3PF0LtaRpaPK/
nbSSfBIvt+9Lvj3+pHc9zWBQTmbgRpSxUCGtmmyeTIaFTiC2YWOddZueW7eVBtNX
IsevtujRzsqqUIcfQS9fLF4AyWLxeooJEIca7QGFaTSO2tK5SflNP/wYk14s8FSc
jYuFWU74gNyDHw30kF2+l9i3AyYT2uqwR2oFUALuQbbfg0+s+OBMN/75FB3MkWJW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:14 2024 by rpki-client on console-fra.rpki-client.org