Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/hbLSQ4RsfHd0Dx0RKIrkjfcpG_M.roa
File: hbLSQ4RsfHd0Dx0RKIrkjfcpG_M.roa (raw, json)
Hash identifier: bSnAHq78XmVU+NiHhOqHVfXvFaEfcw0kCm0+lobC2WQ=
Subject key identifier: 85:B2:D2:43:84:6C:7C:77:74:0F:1D:11:28:8A:E4:8D:F7:29:1B:F3
Certificate issuer: /CN=65e0062e54a5fcb6a0c99e598557fed6f37a4629
Certificate serial: 018571552521B2D541A45AC5B78D90C671F6
Authority key identifier: 65:E0:06:2E:54:A5:FC:B6:A0:C9:9E:59:85:57:FE:D6:F3:7A:46:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/hbLSQ4RsfHd0Dx0RKIrkjfcpG_M.roa
Signing time: Mon 02 Jan 2023 07:14:43 +0000
ROA not before: Mon 02 Jan 2023 07:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211491
IP address blocks: 193.22.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:25:21:b2:d5:41:a4:5a:c5:b7:8d:90:c6:71:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65e0062e54a5fcb6a0c99e598557fed6f37a4629
Validity
Not Before: Jan 2 07:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85b2d243846c7c77740f1d11288ae48df7291bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b9:c1:66:8a:a5:0b:2b:c8:b0:e8:c6:87:b2:
1e:dd:d2:72:52:a3:7b:e7:a4:91:d3:eb:66:6d:a4:
98:dc:0d:2b:12:47:61:de:a3:e1:76:22:fd:e1:a4:
b0:54:d2:39:57:cd:db:81:01:41:d2:6e:bb:80:e1:
6a:6c:e1:4e:d3:33:8a:7f:ba:ee:78:83:ef:b0:fb:
74:d2:ff:c2:48:b5:f4:34:0b:19:19:72:ad:48:7b:
6f:9d:f2:22:9a:4d:73:6b:9b:26:81:d5:4e:8a:f0:
eb:0d:47:44:f4:c2:59:d2:fc:1b:bd:d7:b7:20:03:
f1:ef:11:01:9b:ee:24:2c:92:22:38:b0:06:91:bf:
65:b2:a7:19:aa:d7:b9:0a:52:ce:75:0e:77:09:8d:
bb:c1:8d:a4:2d:83:25:21:d6:d8:81:8e:0d:47:69:
0e:4e:c9:17:67:ae:2d:b0:89:75:10:8b:79:15:2b:
87:7d:d2:a6:b3:b4:1c:ff:e9:ee:09:d4:b0:28:73:
4c:b7:ff:40:71:11:23:f8:0e:d6:e7:a7:59:58:75:
61:80:6c:28:8c:17:bf:cb:2c:42:a9:79:07:08:0b:
3a:f7:3f:b4:1f:1b:b3:df:2d:fa:08:43:6d:8f:39:
93:47:8f:06:8a:ae:cc:6a:25:fe:a8:62:2f:d7:b6:
b1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B2:D2:43:84:6C:7C:77:74:0F:1D:11:28:8A:E4:8D:F7:29:1B:F3
X509v3 Authority Key Identifier:
keyid:65:E0:06:2E:54:A5:FC:B6:A0:C9:9E:59:85:57:FE:D6:F3:7A:46:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/hbLSQ4RsfHd0Dx0RKIrkjfcpG_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/975e68-8662-43b9-8ed2-aae97e65015c/1/ZeAGLlSl_LagyZ5ZhVf-1vN6Rik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c4:e3:d5:3e:36:62:6e:ad:82:23:a4:43:87:d8:ea:d4:ab:
70:4c:3d:82:4b:fb:42:0a:68:80:d0:82:20:a5:f4:95:22:82:
34:d5:b5:fb:30:de:59:33:38:11:07:78:5d:37:e4:c1:f0:73:
fc:70:96:d6:96:26:8a:78:dc:b9:48:48:16:97:a5:ed:a3:a9:
81:67:9d:0c:d9:05:c4:64:e7:6a:18:f7:11:de:d3:df:be:16:
7e:6a:ab:de:7d:51:00:44:6c:c3:b5:c9:ae:9a:6f:f0:0a:97:
1d:f1:77:22:4b:3a:5e:0a:8a:d0:7f:1e:2c:35:8d:60:53:53:
c1:ad:3b:fd:dd:03:be:95:87:15:82:69:8e:0a:a1:6a:74:12:
db:d1:d9:bd:db:e0:b0:c5:1d:a9:a6:4b:28:fe:61:e5:07:8b:
ed:21:46:b1:92:d2:27:ae:0e:3f:38:81:51:50:10:3b:cb:b3:
59:53:8a:f9:15:a1:f7:5d:80:92:d3:24:b6:94:31:f3:65:87:
a0:72:ad:a2:8b:35:ed:60:84:2c:99:22:a9:4f:92:24:cf:24:
65:4a:57:97:44:5e:24:b1:6f:3f:72:72:6e:d3:9e:52:28:12:
0c:a2:45:d4:fe:a0:69:55:7e:2d:25:59:6c:5a:e7:f6:6e:a7:
8f:a9:3c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVSUhstVBpFrFt42QxnH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZTAwNjJlNTRhNWZjYjZhMGM5OWU1OTg1NTdmZWQ2ZjM3
YTQ2MjkwHhcNMjMwMTAyMDcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWIyZDI0Mzg0NmM3Yzc3NzQwZjFkMTEyODhhZTQ4ZGY3MjkxYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7nBZoqlCyvIsOjGh7Ie3dJyUqN7
56SR0+tmbaSY3A0rEkdh3qPhdiL94aSwVNI5V83bgQFB0m67gOFqbOFO0zOKf7ru
eIPvsPt00v/CSLX0NAsZGXKtSHtvnfIimk1za5smgdVOivDrDUdE9MJZ0vwbvde3
IAPx7xEBm+4kLJIiOLAGkb9lsqcZqte5ClLOdQ53CY27wY2kLYMlIdbYgY4NR2kO
TskXZ64tsIl1EIt5FSuHfdKms7Qc/+nuCdSwKHNMt/9AcREj+A7W56dZWHVhgGwo
jBe/yyxCqXkHCAs69z+0Hxuz3y36CENtjzmTR48Giq7MaiX+qGIv17ax2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWy0kOEbHx3dA8dESiK5I33KRvzMB8GA1UdIwQY
MBaAFGXgBi5Upfy2oMmeWYVX/tbzekYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmVBR0xsU2xfTGFneVo1WmhWZi0xdk42UmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85NzVlNjgtODY2Mi00M2I5LThlZDIt
YWFlOTdlNjUwMTVjLzEvaGJMU1E0UnNmSGQwRHgwUktJcmtqZmNwR19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85NzVlNjgtODY2Mi00M2I5LThlZDItYWFlOTdlNjUwMTVj
LzEvWmVBR0xsU2xfTGFneVo1WmhWZi0xdk42UmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRYUMA0G
CSqGSIb3DQEBCwUAA4IBAQAbxOPVPjZibq2CI6RDh9jq1KtwTD2CS/tCCmiA0IIg
pfSVIoI01bX7MN5ZMzgRB3hdN+TB8HP8cJbWliaKeNy5SEgWl6Xto6mBZ50M2QXE
ZOdqGPcR3tPfvhZ+aqvefVEARGzDtcmumm/wCpcd8XciSzpeCorQfx4sNY1gU1PB
rTv93QO+lYcVgmmOCqFqdBLb0dm92+CwxR2ppkso/mHlB4vtIUaxktInrg4/OIFR
UBA7y7NZU4r5FaH3XYCS0yS2lDHzZYegcq2iizXtYIQsmSKpT5IkzyRlSleXRF4k
sW8/cnJu055SKBIMokXU/qBpVX4tJVlsWuf2bqePqTwJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:35 2024 by rpki-client on console-fra.rpki-client.org