Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HC6mmCd3r-Wsl3ybH-qaDniO3Nw.roa
File: HC6mmCd3r-Wsl3ybH-qaDniO3Nw.roa (raw, json)
Hash identifier: wMU5chu5iL6Z1MG+wTEcbDuBmn8M0t5/rsc8HcYExmw=
Subject key identifier: 1C:2E:A6:98:27:77:AF:E5:AC:97:7C:9B:1F:EA:9A:0E:78:8E:DC:DC
Certificate issuer: /CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Certificate serial: 0189682092494DD5C0D6FAF8D5E6C6C0F3A9
Authority key identifier: 1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HC6mmCd3r-Wsl3ybH-qaDniO3Nw.roa
Signing time: Tue 18 Jul 2023 08:31:52 +0000
ROA not before: Tue 18 Jul 2023 08:31:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43500
IP address blocks: 212.46.44.0/24 maxlen: 24
185.130.208.0/22 maxlen: 24
195.189.144.0/24 maxlen: 24
2a12:b40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:20:92:49:4d:d5:c0:d6:fa:f8:d5:e6:c6:c0:f3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Validity
Not Before: Jul 18 08:31:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c2ea6982777afe5ac977c9b1fea9a0e788edcdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c1:29:3c:ca:24:cf:33:44:51:0e:62:fc:66:
11:f0:3d:b8:9e:89:94:d4:37:4c:0c:4e:4a:91:a6:
9e:c9:2c:5a:6f:22:29:7d:7a:cd:30:26:2f:83:66:
61:bb:8b:5e:ab:1d:6b:5b:5a:2c:3b:34:63:ab:51:
3d:44:42:63:28:34:4d:74:1f:aa:66:94:08:58:94:
ce:fb:06:03:73:a9:5e:78:97:9a:af:11:a1:ce:b9:
77:a8:06:11:ba:e6:74:3f:08:43:06:7e:02:27:ea:
41:08:a2:5d:10:e0:d9:9c:3f:d6:a6:9f:f9:88:76:
20:e6:0b:cb:64:75:b8:0e:34:06:d9:69:16:fc:9f:
03:90:95:ee:24:00:e7:57:39:86:6f:33:5c:66:14:
bc:a5:42:cd:9b:22:36:5a:38:8e:35:13:e6:0e:78:
91:70:e9:4e:dc:c4:42:f9:d3:9f:99:2e:ae:5f:aa:
8e:c2:7f:e6:d4:2f:87:25:04:44:5f:a5:bf:64:0a:
36:44:a3:21:1e:02:56:d6:d5:e5:36:6b:a8:bb:46:
b4:c4:eb:d4:f8:49:95:44:24:5c:cf:97:74:c4:ca:
97:6b:c8:3a:90:ea:2d:5f:d6:b7:57:6b:c3:ab:a5:
ce:07:bc:c9:f8:5d:ac:ca:60:77:4b:87:43:39:f5:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2E:A6:98:27:77:AF:E5:AC:97:7C:9B:1F:EA:9A:0E:78:8E:DC:DC
X509v3 Authority Key Identifier:
keyid:1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HC6mmCd3r-Wsl3ybH-qaDniO3Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.208.0/22
195.189.144.0/24
212.46.44.0/24
IPv6:
2a12:b40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:7f:26:0e:93:a4:f7:57:c9:3d:d6:42:51:b5:98:05:f8:75:
5e:40:6d:d4:10:db:db:af:f9:59:49:98:c3:0c:c4:83:d8:92:
37:e9:c2:99:cf:e1:08:cf:4f:14:a3:4c:1b:53:dd:5d:be:07:
74:7b:06:38:4d:f0:a9:39:49:09:34:74:2c:3e:bb:e5:77:47:
62:15:d0:71:d4:5b:2a:b3:5a:4d:ab:c8:27:c4:00:18:70:3a:
fe:46:e2:4b:cb:52:50:49:8b:21:73:c4:ba:a1:77:8e:e7:cd:
f4:0b:a6:8e:76:8e:6d:8f:fb:ca:c9:ab:6b:ce:1f:b6:11:f0:
7a:60:f9:e2:5d:c6:2c:96:7c:3f:ea:59:a8:4d:a7:72:c9:92:
c9:a2:42:5f:cd:c2:93:15:41:6e:22:d3:c8:2b:91:b4:24:fa:
d4:85:57:5e:83:48:87:0a:e1:c4:78:c9:ea:a2:d7:4d:2b:d5:
ec:5b:87:95:e9:7d:40:63:ba:cf:63:1e:57:00:68:56:a2:3a:
b8:73:cb:be:2c:9d:7b:8c:22:28:6a:90:98:58:4e:16:ec:f2:
d4:ae:6a:ab:59:a8:3e:16:b4:2c:1f:8d:ee:f0:7d:c7:30:cc:
86:60:bc:ea:b9:a8:a2:2b:4e:d8:13:e7:94:75:06:ac:c3:96:
72:49:fb:b5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYloIJJJTdXA1vr41ebGwPOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzhiMTgzNmRlY2FiNGZmNWJkZmE1ZTM3N2EzZGY4N2Yx
OGZjMGYwHhcNMjMwNzE4MDgzMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJlYTY5ODI3NzdhZmU1YWM5NzdjOWIxZmVhOWEwZTc4OGVkY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcEpPMokzzNEUQ5i/GYR8D24nomU
1DdMDE5KkaaeySxabyIpfXrNMCYvg2Zhu4teqx1rW1osOzRjq1E9REJjKDRNdB+q
ZpQIWJTO+wYDc6leeJearxGhzrl3qAYRuuZ0PwhDBn4CJ+pBCKJdEODZnD/Wpp/5
iHYg5gvLZHW4DjQG2WkW/J8DkJXuJADnVzmGbzNcZhS8pULNmyI2WjiONRPmDniR
cOlO3MRC+dOfmS6uX6qOwn/m1C+HJQREX6W/ZAo2RKMhHgJW1tXlNmuou0a0xOvU
+EmVRCRcz5d0xMqXa8g6kOotX9a3V2vDq6XOB7zJ+F2symB3S4dDOfUU2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBwuppgnd6/lrJd8mx/qmg54jtzcMB8GA1UdIwQY
MBaAFBx4sYNt7KtP9b36Xjd6Pfh/GPwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYt
ZWMzY2IzNmQxMDI2LzEvSEM2bW1DZDNyLVdzbDN5YkgtcWFEbmlPM053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYtZWMzY2IzNmQxMDI2
LzEvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuYLQAwQA
w72QAwQA1C4sMA0EAgACMAcDBQMqEgtAMA0GCSqGSIb3DQEBCwUAA4IBAQB6fyYO
k6T3V8k91kJRtZgF+HVeQG3UENvbr/lZSZjDDMSD2JI36cKZz+EIz08Uo0wbU91d
vgd0ewY4TfCpOUkJNHQsPrvld0diFdBx1Fsqs1pNq8gnxAAYcDr+RuJLy1JQSYsh
c8S6oXeO5830C6aOdo5tj/vKyatrzh+2EfB6YPniXcYslnw/6lmoTadyyZLJokJf
zcKTFUFuItPIK5G0JPrUhVdeg0iHCuHEeMnqotdNK9XsW4eV6X1AY7rPYx5XAGhW
ojq4c8u+LJ17jCIoapCYWE4W7PLUrmqrWag+FrQsH43u8H3HMMyGYLzquaiiK07Y
E+eUdQasw5ZySfu1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org