Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hheY8xJW-dLOezQftWT3l56J5pA.roa
File: hheY8xJW-dLOezQftWT3l56J5pA.roa (raw, json)
Hash identifier: 6yQHwtMZpqFVWoRVCIYNTTdzq1LtMboUWugOa7p170U=
Subject key identifier: 86:17:98:F3:12:56:F9:D2:CE:7B:34:1F:B5:64:F7:97:9E:89:E6:90
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8029157FE583DEAC363EBD9100987D5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hheY8xJW-dLOezQftWT3l56J5pA.roa
Signing time: Tue 02 Jan 2024 02:31:00 +0000
ROA not before: Tue 02 Jan 2024 02:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210531
IP address blocks: 185.194.29.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 18:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:91:57:fe:58:3d:ea:c3:63:eb:d9:10:09:87:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=861798f31256f9d2ce7b341fb564f7979e89e690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:e3:b0:67:32:fd:4c:88:aa:f9:95:9d:0e:
9a:c2:e5:93:0a:54:63:81:89:f5:87:7d:fe:ea:86:
bd:8d:87:92:23:f7:96:05:9d:5b:37:61:58:84:b3:
cd:34:b6:8d:b0:eb:b3:f0:42:f4:54:5c:c4:36:d4:
4f:00:04:13:43:e9:ee:61:52:08:13:e2:53:76:0f:
ef:c7:e6:18:23:48:00:26:88:02:b9:52:0a:70:03:
8a:d6:7b:15:e3:03:9a:5b:7b:43:37:bf:00:e1:8d:
98:75:b6:b9:ce:b3:e3:b6:12:74:83:22:76:59:4f:
6c:25:95:2d:4a:0e:6b:bf:d9:8b:d5:9e:c4:a9:6c:
dc:b8:3c:10:82:ea:52:37:fe:84:9f:df:ec:d1:5d:
3a:db:32:fa:bb:2d:ed:75:e9:2c:7d:c1:ea:a9:ef:
51:b0:80:c6:88:d1:b8:9f:9c:7d:54:4b:8b:bb:63:
73:4d:16:4d:52:2c:01:da:fb:a6:56:aa:f1:e3:e0:
80:28:cc:40:b6:71:41:40:db:d1:dd:e4:d4:97:d1:
59:76:81:9e:32:7c:cd:6b:65:c2:30:09:67:15:1b:
b8:23:34:9d:09:dc:21:61:31:ba:80:95:d4:53:40:
26:53:95:93:42:22:3b:4d:3c:93:80:08:7c:eb:41:
8b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:17:98:F3:12:56:F9:D2:CE:7B:34:1F:B5:64:F7:97:9E:89:E6:90
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hheY8xJW-dLOezQftWT3l56J5pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.81.0/24
185.194.29.0/24
185.246.113.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:4f:86:1e:de:8d:49:7a:e9:92:30:11:aa:af:2e:be:46:3b:
f7:b9:66:cc:17:85:11:56:39:66:7c:b4:01:75:c1:bc:2c:43:
2f:1a:33:87:d0:78:58:89:69:ac:f3:35:60:b3:53:76:b4:d8:
2d:60:fe:21:d5:0b:9f:22:05:da:d3:d0:8b:3f:dc:eb:8d:f0:
56:4e:07:fb:14:30:c1:08:ed:8d:70:5d:b8:e8:35:4f:67:05:
1b:14:a2:78:c1:14:92:8e:aa:ad:3b:8e:90:b9:9f:f7:a3:08:
53:c2:9f:62:94:13:91:9c:b7:df:12:78:70:68:b6:36:e3:53:
a2:ca:e1:65:cc:5d:19:e0:e2:b5:7a:13:1f:06:85:7a:a1:68:
d8:0b:8f:10:92:00:61:7d:7f:6a:0f:f4:c9:3c:c8:d4:02:c7:
ac:5b:3d:cb:bf:99:70:37:ee:e6:83:04:05:cb:51:1b:b7:8f:
51:ad:f2:83:a5:6d:05:09:03:5e:e6:81:32:0c:5d:e3:21:00:
62:4e:e1:6d:09:8e:d1:04:c8:55:15:27:11:c3:69:86:10:8a:
53:27:0c:ec:d1:b8:01:2b:52:ba:a0:85:f2:cb:16:53:74:92:
b7:4c:e0:39:6b:5b:0f:a3:d7:e8:42:a8:f9:6f:3b:a7:39:0e:
73:a7:29:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIApFX/lg96sNj69kQCYfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE3OThmMzEyNTZmOWQyY2U3YjM0MWZiNTY0Zjc5NzllODllNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIjjsGcy/UyIqvmVnQ6awuWTClRj
gYn1h33+6oa9jYeSI/eWBZ1bN2FYhLPNNLaNsOuz8EL0VFzENtRPAAQTQ+nuYVII
E+JTdg/vx+YYI0gAJogCuVIKcAOK1nsV4wOaW3tDN78A4Y2Ydba5zrPjthJ0gyJ2
WU9sJZUtSg5rv9mL1Z7EqWzcuDwQgupSN/6En9/s0V062zL6uy3tdeksfcHqqe9R
sIDGiNG4n5x9VEuLu2NzTRZNUiwB2vumVqrx4+CAKMxAtnFBQNvR3eTUl9FZdoGe
MnzNa2XCMAlnFRu4IzSdCdwhYTG6gJXUU0AmU5WTQiI7TTyTgAh860GL+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIYXmPMSVvnSzns0H7Vk95eeieaQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaGhlWTh4SlctZExPZXpRZnRXVDNsNTZKNXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuX5RAwQA
ucIdAwQAufZxMA0GCSqGSIb3DQEBCwUAA4IBAQCqT4Ye3o1JeumSMBGqry6+Rjv3
uWbMF4URVjlmfLQBdcG8LEMvGjOH0HhYiWms8zVgs1N2tNgtYP4h1QufIgXa09CL
P9zrjfBWTgf7FDDBCO2NcF246DVPZwUbFKJ4wRSSjqqtO46QuZ/3owhTwp9ilBOR
nLffEnhwaLY241OiyuFlzF0Z4OK1ehMfBoV6oWjYC48QkgBhfX9qD/TJPMjUAses
Wz3Lv5lwN+7mgwQFy1Ebt49RrfKDpW0FCQNe5oEyDF3jIQBiTuFtCY7RBMhVFScR
w2mGEIpTJwzs0bgBK1K6oIXyyxZTdJK3TOA5a1sPo9foQqj5bzunOQ5zpyme
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org