Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hrmWGAespKrFUCEtg5pT5T_du74.roa
File: hrmWGAespKrFUCEtg5pT5T_du74.roa (raw, json)
Hash identifier: rQyh3wY0oZVgLXGkUyRvfCO1BEtBVl+3TQnP9ZWxt/M=
Subject key identifier: 86:B9:96:18:07:AC:A4:AA:C5:50:21:2D:83:9A:53:E5:3F:DD:BB:BE
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53F4737EE7F35B9B8713072BF6EBBB
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hrmWGAespKrFUCEtg5pT5T_du74.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44541
IP address blocks: 185.142.142.0/24 maxlen: 32
2a06:7a06::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f4:73:7e:e7:f3:5b:9b:87:13:07:2b:f6:eb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86b9961807aca4aac550212d839a53e53fddbbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:f6:48:6c:a0:8d:5c:da:d0:36:c5:13:ff:
73:db:91:63:95:fc:17:b9:43:09:f9:60:55:a2:f0:
76:bd:f8:c6:73:a3:8a:f3:8d:df:eb:a2:b9:f3:ac:
1f:b8:84:46:40:41:5a:9d:8a:78:12:a0:8e:58:20:
e8:ab:d7:77:4f:5f:4b:36:e2:c6:96:0f:5c:b8:c9:
56:23:c0:54:b7:d3:9f:66:3a:23:57:3a:f4:cd:1f:
4d:64:25:f1:93:b6:7b:87:0e:01:48:ed:79:1e:55:
79:b2:83:23:9e:04:5e:3c:9b:6e:aa:fa:e1:a2:fc:
2c:00:34:ae:9f:f3:76:c1:9c:ad:9c:10:ac:0c:f6:
83:a3:be:cd:fb:a3:fb:e9:a5:38:3b:e9:d1:2c:ab:
14:d7:19:7c:4f:6a:17:49:32:26:60:2f:a8:23:7c:
98:95:d8:5b:aa:ad:08:02:3a:f9:04:df:ae:34:01:
db:f0:ed:f0:01:53:ef:34:54:aa:e6:12:47:46:6d:
be:1e:4d:0a:f1:d9:4e:ef:e4:24:fd:8a:48:eb:07:
07:1e:54:a3:f4:1e:8f:02:78:38:29:a1:02:dc:56:
99:ef:c7:35:5d:ba:b6:c7:a5:78:25:a0:d0:b6:05:
e4:a5:00:dd:43:a1:d2:68:ee:09:da:69:5f:21:2d:
88:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:96:18:07:AC:A4:AA:C5:50:21:2D:83:9A:53:E5:3F:DD:BB:BE
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hrmWGAespKrFUCEtg5pT5T_du74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.142.0/24
IPv6:
2a06:7a06::/48
Signature Algorithm: sha256WithRSAEncryption
19:56:be:89:0c:45:9e:c3:5a:cb:e8:d8:10:97:96:cc:e3:28:
f1:a7:62:e9:6a:97:b2:37:a2:7b:0a:8a:b4:33:4a:35:64:f5:
c0:ef:9e:80:ba:66:e0:d3:f6:d0:42:6d:bd:b3:ee:0a:bf:b1:
f3:3c:3a:58:67:fa:b0:25:98:a9:20:24:a3:9f:0e:19:10:0b:
48:cd:62:c2:c1:dd:91:e8:ce:42:7c:5f:40:36:96:66:d8:c5:
5a:a0:13:7f:59:5c:b0:e2:e9:ed:96:f2:df:db:89:2d:03:af:
5e:e0:e6:d1:f8:c7:b7:bd:e3:1b:05:54:76:93:3c:45:4a:ec:
e1:2e:a6:02:ab:b6:fc:f9:74:42:b7:cc:02:4f:22:c2:93:06:
c9:4f:96:c2:0a:ab:ca:dc:08:3d:31:a1:1d:dc:28:4b:2a:15:
c9:3f:ae:0a:08:32:df:0b:82:03:6e:12:74:02:6c:78:35:2f:
22:70:95:82:7a:c6:29:74:d0:6c:5c:ef:2a:5a:88:84:1c:0a:
e1:27:3c:2b:ab:3f:40:98:53:19:1d:12:7d:96:8d:71:ec:d5:
6f:0a:b7:60:9c:f3:24:f3:09:38:0b:aa:91:0a:4b:99:e5:c2:
b7:1f:7a:d6:9a:51:b8:44:d3:44:da:0f:68:f3:2e:a6:1d:ab:
b7:41:37:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsU/RzfufzW5uHEwcr9uu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI5OTYxODA3YWNhNGFhYzU1MDIxMmQ4MzlhNTNlNTNmZGRiYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSz2SGygjVza0DbFE/9z25FjlfwX
uUMJ+WBVovB2vfjGc6OK843f66K586wfuIRGQEFanYp4EqCOWCDoq9d3T19LNuLG
lg9cuMlWI8BUt9OfZjojVzr0zR9NZCXxk7Z7hw4BSO15HlV5soMjngRePJtuqvrh
ovwsADSun/N2wZytnBCsDPaDo77N+6P76aU4O+nRLKsU1xl8T2oXSTImYC+oI3yY
ldhbqq0IAjr5BN+uNAHb8O3wAVPvNFSq5hJHRm2+Hk0K8dlO7+Qk/YpI6wcHHlSj
9B6PAng4KaEC3FaZ78c1Xbq2x6V4JaDQtgXkpQDdQ6HSaO4J2mlfIS2IhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIa5lhgHrKSqxVAhLYOaU+U/3bu+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaHJtV0dBZXNwS3JGVUNFdGc1cFQ1VF9kdTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuY6OMA8E
AgACMAkDBwAqBnoGAAAwDQYJKoZIhvcNAQELBQADggEBABlWvokMRZ7DWsvo2BCX
lszjKPGnYulql7I3onsKirQzSjVk9cDvnoC6ZuDT9tBCbb2z7gq/sfM8Olhn+rAl
mKkgJKOfDhkQC0jNYsLB3ZHozkJ8X0A2lmbYxVqgE39ZXLDi6e2W8t/biS0Dr17g
5tH4x7e94xsFVHaTPEVK7OEupgKrtvz5dEK3zAJPIsKTBslPlsIKq8rcCD0xoR3c
KEsqFck/rgoIMt8LggNuEnQCbHg1LyJwlYJ6xil00Gxc7ypaiIQcCuEnPCurP0CY
UxkdEn2WjXHs1W8Kt2Cc8yTzCTgLqpEKS5nlwrcfetaaUbhE00TaD2jzLqYdq7dB
Nyw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org