Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/jLl77Eg3nHtXxxc6huD29WvzoTo.roa
File: jLl77Eg3nHtXxxc6huD29WvzoTo.roa (raw, json)
Hash identifier: bHJ4/Noj6fQbZ09ZCcWk8c6KcYHyH95/JvyJm47ap+k=
Subject key identifier: 8C:B9:7B:EC:48:37:9C:7B:57:C7:17:3A:86:E0:F6:F5:6B:F3:A1:3A
Certificate issuer: /CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
Certificate serial: 018B80B791970D77353F743DB65FFBF80F1E
Authority key identifier: 1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/jLl77Eg3nHtXxxc6huD29WvzoTo.roa
Signing time: Mon 30 Oct 2023 13:13:15 +0000
ROA not before: Mon 30 Oct 2023 13:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 185.248.164.0/23 maxlen: 23
185.248.167.0/24 maxlen: 24
2a0d:ed80:300::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:b7:91:97:0d:77:35:3f:74:3d:b6:5f:fb:f8:0f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
Validity
Not Before: Oct 30 13:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cb97bec48379c7b57c7173a86e0f6f56bf3a13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:bf:bf:4a:97:c7:dc:ef:d3:85:74:0c:60:
ee:4c:11:26:25:be:a3:5c:20:f2:2f:e1:70:39:bc:
d6:89:09:53:0e:0f:55:a1:e0:3c:e0:fa:1c:3a:f5:
ed:ff:3e:80:e7:2a:02:61:5c:8a:6a:5e:5a:d6:10:
11:52:b4:81:4b:77:42:62:9f:fa:ec:75:ff:03:9e:
c1:c8:d0:fc:ed:03:53:1b:79:09:6f:75:b1:78:69:
02:02:6a:91:e0:f9:4b:71:9a:02:4f:f0:70:7f:af:
96:7b:5b:ff:f4:23:38:df:bd:2b:51:c6:39:9c:92:
23:b7:f9:fb:05:22:1e:99:53:fd:c1:60:5d:40:00:
5c:72:88:f3:5a:70:c5:53:d7:ac:ec:cd:ae:e9:73:
48:df:f3:45:b1:93:7e:66:19:37:ea:3b:c6:10:42:
1e:4d:d1:ce:56:e2:ef:57:49:69:c6:a5:ef:9d:c2:
51:d3:2f:5b:76:5b:77:2d:8e:fe:6b:90:9d:e7:5c:
61:2c:b3:0e:11:91:96:13:39:89:39:c5:4d:0b:c0:
19:43:2c:2c:34:1a:33:09:49:46:11:68:96:dd:8c:
7b:2e:34:11:80:3a:f0:b3:84:25:20:4a:87:b1:39:
7f:5d:ef:fe:ec:d9:1f:7a:d8:f0:d8:89:8f:9c:06:
be:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B9:7B:EC:48:37:9C:7B:57:C7:17:3A:86:E0:F6:F5:6B:F3:A1:3A
X509v3 Authority Key Identifier:
keyid:1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/jLl77Eg3nHtXxxc6huD29WvzoTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.164.0/23
185.248.167.0/24
IPv6:
2a0d:ed80:300::/40
Signature Algorithm: sha256WithRSAEncryption
b2:1b:80:2e:70:df:61:31:a1:08:b9:0e:c5:d3:0e:cf:98:b8:
72:7a:8b:93:13:15:a5:c3:91:a7:f9:dd:02:da:81:62:2f:a3:
bb:1c:f7:c6:1f:4f:f0:30:ce:bd:1a:9b:fa:2d:2a:fa:4e:fd:
ed:ed:8b:e3:67:20:07:7e:39:fb:5a:fe:89:b0:23:07:bc:6a:
06:d7:93:c4:f0:c8:0e:87:b8:e2:88:03:b2:43:0a:78:f7:fb:
9c:c3:94:cc:76:a3:64:b1:73:71:f1:d5:64:3f:33:69:2b:70:
c6:de:3e:e2:49:59:ea:3e:09:5a:f1:a8:15:66:f3:a0:60:37:
4f:12:d3:22:95:4f:87:2b:87:92:ef:73:d6:72:c0:14:35:a0:
6d:3a:e9:87:68:a0:76:67:ec:4b:14:8b:18:68:a9:6c:f8:cb:
ac:da:5d:09:41:c6:6d:80:32:55:fe:df:02:b3:12:d5:be:f4:
47:74:b4:d8:27:29:bc:17:5e:9f:25:e4:4a:45:3b:e2:5f:96:
e0:cc:86:64:d9:8d:1d:9f:d7:2a:51:ee:62:38:76:21:a9:3d:
a5:8d:93:0f:16:a5:29:8b:6b:bd:d6:42:c5:e5:f7:ce:9a:77:
54:bd:cb:64:8e:9e:af:a6:0d:d8:31:95:1d:5b:b5:0d:8e:bc:
8e:56:3f:0e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYuAt5GXDXc1P3Q9tl/7+A8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTRiZTc5Yzg5MmI1MzU2YmYxYjdiY2QxMzEzOTdmMmMy
M2FkYzAwHhcNMjMxMDMwMTMxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I5N2JlYzQ4Mzc5YzdiNTdjNzE3M2E4NmUwZjZmNTZiZjNhMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7C/v0qXx9zv04V0DGDuTBEmJb6j
XCDyL+FwObzWiQlTDg9VoeA84PocOvXt/z6A5yoCYVyKal5a1hARUrSBS3dCYp/6
7HX/A57ByND87QNTG3kJb3WxeGkCAmqR4PlLcZoCT/Bwf6+We1v/9CM4370rUcY5
nJIjt/n7BSIemVP9wWBdQABccojzWnDFU9es7M2u6XNI3/NFsZN+Zhk36jvGEEIe
TdHOVuLvV0lpxqXvncJR0y9bdlt3LY7+a5Cd51xhLLMOEZGWEzmJOcVNC8AZQyws
NBozCUlGEWiW3Yx7LjQRgDrws4QlIEqHsTl/Xe/+7Nkfetjw2ImPnAa+AQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIy5e+xIN5x7V8cXOobg9vVr86E6MB8GA1UdIwQY
MBaAFB1UvnnIkrU1a/G3vNExOX8sI63AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWIt
ODAyYjYzNzZmNzQzLzEvakxsNzdFZzNuSHRYeHhjNmh1RDI5V3Z6b1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWItODAyYjYzNzZmNzQz
LzEvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBufikAwQA
ufinMA4EAgACMAgDBgAqDe2AAzANBgkqhkiG9w0BAQsFAAOCAQEAshuALnDfYTGh
CLkOxdMOz5i4cnqLkxMVpcORp/ndAtqBYi+juxz3xh9P8DDOvRqb+i0q+k797e2L
42cgB345+1r+ibAjB7xqBteTxPDIDoe44ogDskMKePf7nMOUzHajZLFzcfHVZD8z
aStwxt4+4klZ6j4JWvGoFWbzoGA3TxLTIpVPhyuHku9z1nLAFDWgbTrph2igdmfs
SxSLGGipbPjLrNpdCUHGbYAyVf7fArMS1b70R3S02CcpvBdenyXkSkU74l+W4MyG
ZNmNHZ/XKlHuYjh2Iak9pY2TDxalKYtrvdZCxeX3zpp3VL3LZI6er6YN2DGVHVu1
DY68jlY/Dg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:19 2024 by rpki-client on console-fra.rpki-client.org