Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/hYFmoWUVmha-YpydzhW1TELpWDU.roa
File: hYFmoWUVmha-YpydzhW1TELpWDU.roa (raw, json)
Hash identifier: L276bB91FAIRjok7UVvljjzYI2vKX/5vPbWSHgEB8+4=
Subject key identifier: 85:81:66:A1:65:15:9A:16:BE:62:9C:9D:CE:15:B5:4C:42:E9:58:35
Certificate issuer: /CN=5f0f162afa7bfd7b847c1dd0eb4aebea93c469cf
Certificate serial: 01856FA715994347E50E9466C4F95F018BA7
Authority key identifier: 5F:0F:16:2A:FA:7B:FD:7B:84:7C:1D:D0:EB:4A:EB:EA:93:C4:69:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw8WKvp7_XuEfB3Q60rr6pPEac8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/hYFmoWUVmha-YpydzhW1TELpWDU.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47737
IP address blocks: 94.124.168.0/21 maxlen: 21
78.142.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:15:99:43:47:e5:0e:94:66:c4:f9:5f:01:8b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0f162afa7bfd7b847c1dd0eb4aebea93c469cf
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=858166a165159a16be629c9dce15b54c42e95835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:87:ae:82:7c:9a:c8:39:5d:eb:ba:6c:70:
12:e4:21:23:35:cf:f3:aa:dc:f8:68:0c:4c:40:cf:
0e:22:a8:3d:9b:95:52:ae:84:18:cf:98:0d:15:b4:
83:69:86:cc:02:ec:b7:75:fa:10:a4:84:97:e8:d5:
5b:88:e1:cc:85:f6:4c:3c:a4:70:79:59:b2:36:5c:
1f:ad:07:0d:d0:06:2d:92:af:81:85:15:f4:2d:9a:
19:73:9d:6a:64:e7:ea:5d:61:67:c1:d2:3c:7e:84:
79:70:84:e5:a4:bc:6a:c8:a2:62:08:59:35:61:d7:
06:d8:9e:0f:4e:0f:5b:70:44:0d:0c:31:06:81:1c:
20:d3:a5:d8:e7:70:32:89:d3:b4:6d:1f:be:18:65:
ef:6d:9c:c2:f2:b7:ab:ca:8e:13:8d:f4:2c:d9:d6:
67:f4:7b:0c:a2:df:23:24:03:33:ae:d2:56:90:72:
b2:3e:3a:ec:e4:8c:e5:a4:c1:5d:6f:7c:76:3c:aa:
bd:01:62:e5:23:06:b9:07:7b:f0:dc:61:eb:5d:de:
50:5b:0e:79:91:73:fc:44:76:37:23:df:fe:46:bd:
97:b7:26:b2:24:15:91:05:95:f3:6a:89:13:09:ec:
d6:1e:d1:98:4c:01:a5:b0:61:2a:2b:9f:91:b7:c0:
4d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:81:66:A1:65:15:9A:16:BE:62:9C:9D:CE:15:B5:4C:42:E9:58:35
X509v3 Authority Key Identifier:
keyid:5F:0F:16:2A:FA:7B:FD:7B:84:7C:1D:D0:EB:4A:EB:EA:93:C4:69:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw8WKvp7_XuEfB3Q60rr6pPEac8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/hYFmoWUVmha-YpydzhW1TELpWDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Xw8WKvp7_XuEfB3Q60rr6pPEac8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.220.0/22
94.124.168.0/21
Signature Algorithm: sha256WithRSAEncryption
13:d9:ce:61:c2:09:64:4b:e3:e4:9b:1d:e8:60:0f:ec:3a:1d:
42:73:2b:57:c7:d2:8b:f1:9c:69:35:c1:1e:33:5c:c8:a8:e7:
e2:37:6b:4b:89:85:d7:f0:26:b5:6d:ce:d8:4c:19:62:28:ad:
a8:79:f8:27:80:38:17:53:64:b8:a1:be:a6:79:04:3e:29:c0:
c5:b6:35:7b:67:c4:a4:37:4d:25:a8:b1:26:f5:70:10:c0:05:
ac:ca:7a:18:8c:bb:e4:7c:15:1d:79:84:76:ca:04:bd:49:a9:
d3:6d:c8:82:6d:57:f0:5c:8f:24:be:86:b9:e0:d8:3c:42:91:
a9:16:d6:f9:dc:d4:8e:78:a0:60:59:19:04:e7:94:47:b6:2a:
ee:09:f3:6e:3e:2c:1f:d0:1a:9f:fe:16:fa:37:a0:0d:be:88:
80:fa:eb:2f:7e:00:6a:15:53:0b:37:40:25:78:e3:f4:54:a4:
ee:b9:0c:17:26:9f:73:3c:86:6f:4f:8d:bf:7c:2f:58:18:a9:
96:b6:e2:34:9e:b4:82:40:bd:f5:4b:69:0b:16:07:e2:9a:44:
8c:c1:6c:ef:7c:6c:b6:25:73:63:b7:a2:79:0f:44:aa:46:71:
c9:a1:6d:23:af:f1:c2:bf:c1:b4:b4:f6:9f:17:86:bf:60:8f:
37:d8:3a:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvpxWZQ0flDpRmxPlfAYunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGYxNjJhZmE3YmZkN2I4NDdjMWRkMGViNGFlYmVhOTNj
NDY5Y2YwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgxNjZhMTY1MTU5YTE2YmU2MjljOWRjZTE1YjU0YzQyZTk1ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLiHroJ8msg5Xeu6bHAS5CEjNc/z
qtz4aAxMQM8OIqg9m5VSroQYz5gNFbSDaYbMAuy3dfoQpISX6NVbiOHMhfZMPKRw
eVmyNlwfrQcN0AYtkq+BhRX0LZoZc51qZOfqXWFnwdI8foR5cITlpLxqyKJiCFk1
YdcG2J4PTg9bcEQNDDEGgRwg06XY53AyidO0bR++GGXvbZzC8reryo4TjfQs2dZn
9HsMot8jJAMzrtJWkHKyPjrs5IzlpMFdb3x2PKq9AWLlIwa5B3vw3GHrXd5QWw55
kXP8RHY3I9/+Rr2XtyayJBWRBZXzaokTCezWHtGYTAGlsGEqK5+Rt8BNJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWBZqFlFZoWvmKcnc4VtUxC6Vg1MB8GA1UdIwQY
MBaAFF8PFir6e/17hHwd0OtK6+qTxGnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHc4V0t2cDdfWHVFZkIzUTYwcnI2cFBFYWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MmQ2YWYtZWFjOC00ZDE4LTlhZWEt
Y2VlNGM1MTg3NzBkLzEvaFlGbW9XVVZtaGEtWXB5ZHpoVzFURUxwV0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MmQ2YWYtZWFjOC00ZDE4LTlhZWEtY2VlNGM1MTg3NzBk
LzEvWHc4V0t2cDdfWHVFZkIzUTYwcnI2cFBFYWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTo7cAwQD
XnyoMA0GCSqGSIb3DQEBCwUAA4IBAQAT2c5hwglkS+Pkmx3oYA/sOh1CcytXx9KL
8ZxpNcEeM1zIqOfiN2tLiYXX8Ca1bc7YTBliKK2oefgngDgXU2S4ob6meQQ+KcDF
tjV7Z8SkN00lqLEm9XAQwAWsynoYjLvkfBUdeYR2ygS9SanTbciCbVfwXI8kvoa5
4Ng8QpGpFtb53NSOeKBgWRkE55RHtiruCfNuPiwf0Bqf/hb6N6ANvoiA+usvfgBq
FVMLN0AleOP0VKTuuQwXJp9zPIZvT42/fC9YGKmWtuI0nrSCQL31S2kLFgfimkSM
wWzvfGy2JXNjt6J5D0SqRnHJoW0jr/HCv8G0tPafF4a/YI832Dop
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org