Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HCUewHqnNARRw7ygMOu71fUxm2o.roa
File: HCUewHqnNARRw7ygMOu71fUxm2o.roa (raw, json)
Hash identifier: kBJ8Dy2pI2XG8bA/EV18fEWEKAS/U+wMYdohWmxxqyo=
Subject key identifier: 1C:25:1E:C0:7A:A7:34:04:51:C3:BC:A0:30:EB:BB:D5:F5:31:9B:6A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A4711D23975664518E1840F272D15F2F8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HCUewHqnNARRw7ygMOu71fUxm2o.roa
Signing time: Wed 30 Aug 2023 15:31:04 +0000
ROA not before: Wed 30 Aug 2023 15:31:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.218.103.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.223.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Sep 2023 09:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:11:d2:39:75:66:45:18:e1:84:0f:27:2d:15:f2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 30 15:31:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c251ec07aa7340451c3bca030ebbbd5f5319b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0a:31:c0:5f:95:cd:4f:c7:36:0c:b7:1c:a5:
d9:fd:c1:43:ff:d6:89:67:ba:1a:d6:c3:b2:8d:74:
34:12:ae:c8:93:20:1f:21:bd:f3:69:c6:e1:b6:d9:
ea:39:55:cb:4f:90:67:b4:be:8b:90:2a:f1:46:42:
3c:88:94:af:b0:a6:41:95:c1:15:40:5e:2c:f3:7e:
a4:03:72:ba:bd:63:84:40:64:33:8c:6e:1f:9d:bd:
cf:c0:ed:5e:71:65:b9:f2:5e:19:4f:81:27:9c:8f:
ba:85:d5:d7:2e:91:9a:fe:d3:24:08:08:5d:1e:0e:
39:77:6c:ba:e2:6b:30:a0:b2:81:db:cc:0e:51:70:
4d:c2:ff:c2:42:fe:3c:2e:76:84:87:3e:59:2e:72:
d4:83:ba:aa:88:c4:e9:90:84:a6:19:d7:d7:ea:34:
f9:76:c6:a3:8b:7b:2f:bd:8d:9f:eb:78:96:57:04:
90:6c:ed:60:9d:54:2b:fa:ee:e2:c7:4a:d0:94:1b:
2a:9c:b9:be:95:73:27:c1:0c:c1:56:4a:78:3d:25:
31:fa:85:28:0b:9d:bd:9b:0d:66:d6:8c:3a:09:43:
cf:26:52:e8:f5:7e:1b:b3:c1:5f:4e:54:cb:43:11:
0d:bd:c5:22:26:01:30:e0:eb:e5:dd:e5:4e:99:bf:
0b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:25:1E:C0:7A:A7:34:04:51:C3:BC:A0:30:EB:BB:D5:F5:31:9B:6A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HCUewHqnNARRw7ygMOu71fUxm2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.100.0/24
185.218.101.0/24
185.218.103.0/24
185.220.248.0/24
185.223.81.0/24
185.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:21:c7:4f:43:c7:2c:d9:08:9a:72:8f:d2:b4:ab:b4:f5:4a:
86:18:2a:92:ce:17:55:6d:fa:5b:a3:11:f3:84:f7:1a:b6:64:
4b:b3:be:d4:47:cc:d7:63:9a:26:e2:d7:24:24:ae:29:81:9b:
5c:22:01:5a:b6:c6:e5:58:f6:69:3d:21:40:c0:a5:6f:9a:c9:
91:26:a9:e4:57:61:9a:e5:18:cf:1e:41:2e:6c:16:4d:6d:44:
3a:7c:b3:fc:53:47:68:b3:41:46:f3:b4:1c:c1:01:94:55:ab:
a8:29:1a:45:bb:3f:53:44:a0:8a:75:b8:a4:60:f9:5d:e8:50:
7a:5d:9d:8b:9d:26:c0:6a:8f:ee:bb:76:e5:85:80:8f:8a:3d:
9b:b1:91:50:10:0e:99:a3:64:7d:a9:11:a2:65:c3:84:aa:2a:
9b:89:b4:ee:d7:fe:de:b1:58:8c:e3:cf:5f:9b:df:cf:0f:a1:
09:48:c9:3d:22:18:95:c8:15:82:08:e3:f1:5c:2a:ff:8d:26:
94:74:22:e8:11:68:a5:87:45:80:97:80:3c:67:7a:d9:59:65:
17:37:40:93:22:8b:6c:5d:48:7f:f5:9b:2a:cb:b4:f8:24:44:
da:50:51:3e:4c:f2:ea:61:14:6c:04:f5:8d:2a:1d:f5:21:b1:
5f:24:7d:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYpHEdI5dWZFGOGEDyctFfL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODMwMTUzMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI1MWVjMDdhYTczNDA0NTFjM2JjYTAzMGViYmJkNWY1MzE5YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygoxwF+VzU/HNgy3HKXZ/cFD/9aJ
Z7oa1sOyjXQ0Eq7IkyAfIb3zacbhttnqOVXLT5BntL6LkCrxRkI8iJSvsKZBlcEV
QF4s836kA3K6vWOEQGQzjG4fnb3PwO1ecWW58l4ZT4EnnI+6hdXXLpGa/tMkCAhd
Hg45d2y64mswoLKB28wOUXBNwv/CQv48LnaEhz5ZLnLUg7qqiMTpkISmGdfX6jT5
dsaji3svvY2f63iWVwSQbO1gnVQr+u7ix0rQlBsqnLm+lXMnwQzBVkp4PSUx+oUo
C529mw1m1ow6CUPPJlLo9X4bs8FfTlTLQxENvcUiJgEw4Ovl3eVOmb8LuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBwlHsB6pzQEUcO8oDDru9X1MZtqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSENVZXdIcW5OQVJSdzd5Z01PdTcxZlV4bTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAudZkAwQA
udplAwQAudpnAwQAudz4AwQAud9RAwQAufZwMA0GCSqGSIb3DQEBCwUAA4IBAQCz
IcdPQ8cs2Qiaco/StKu09UqGGCqSzhdVbfpboxHzhPcatmRLs77UR8zXY5om4tck
JK4pgZtcIgFatsblWPZpPSFAwKVvmsmRJqnkV2Ga5RjPHkEubBZNbUQ6fLP8U0do
s0FG87QcwQGUVauoKRpFuz9TRKCKdbikYPld6FB6XZ2LnSbAao/uu3blhYCPij2b
sZFQEA6Zo2R9qRGiZcOEqiqbibTu1/7esViM489fm9/PD6EJSMk9IhiVyBWCCOPx
XCr/jSaUdCLoEWilh0WAl4A8Z3rZWWUXN0CTIotsXUh/9Zsqy7T4JETaUFE+TPLq
YRRsBPWNKh31IbFfJH39
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org