Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/db4658-4275-43ba-9da9-6d810b0ada0a/1/HS-_aaohGkKK0gfbLX1KOcbBRJc.roa
File: HS-_aaohGkKK0gfbLX1KOcbBRJc.roa (raw, json)
Hash identifier: aY80EpOb3gysP3AeNO2HteKNOm3ojf0R/C9/xOvkOaQ=
Subject key identifier: 1D:2F:BF:69:AA:21:1A:42:8A:D2:07:DB:2D:7D:4A:39:C6:C1:44:97
Certificate issuer: /CN=e8c3e6452a63f8e47a257e53c1a8ffa75f91ea40
Certificate serial: 0185711E7B5B8658D60F8A84507D06F04D9F
Authority key identifier: E8:C3:E6:45:2A:63:F8:E4:7A:25:7E:53:C1:A8:FF:A7:5F:91:EA:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6MPmRSpj-OR6JX5Twaj_p1-R6kA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/db4658-4275-43ba-9da9-6d810b0ada0a/1/HS-_aaohGkKK0gfbLX1KOcbBRJc.roa
Signing time: Mon 02 Jan 2023 06:15:01 +0000
ROA not before: Mon 02 Jan 2023 06:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42035
IP address blocks: 185.199.140.0/22 maxlen: 22
2a0b:2b40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:7b:5b:86:58:d6:0f:8a:84:50:7d:06:f0:4d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8c3e6452a63f8e47a257e53c1a8ffa75f91ea40
Validity
Not Before: Jan 2 06:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d2fbf69aa211a428ad207db2d7d4a39c6c14497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:84:2a:49:60:78:f0:f2:c8:1f:26:78:bb:b1:
2b:3a:71:ab:19:a7:75:00:b0:5b:b8:76:c6:90:54:
4c:6a:7a:f2:e3:26:9d:ba:34:06:30:c7:14:ba:0f:
e0:09:fa:49:87:48:26:03:95:b6:5c:44:0c:29:88:
ac:63:27:07:2c:48:64:20:7d:69:e5:da:bc:ad:95:
2a:6b:d6:9f:c1:c5:6c:4f:85:11:60:c4:ff:99:be:
49:3d:fc:e9:bf:b9:e7:19:27:ec:02:66:8b:fb:75:
16:06:3f:d5:07:fd:21:f4:0f:60:28:45:7d:d7:65:
07:0c:93:70:da:c9:52:5c:8d:f3:8e:53:aa:92:47:
f3:a2:b7:ab:96:d2:39:66:f6:40:9d:f3:30:ec:7d:
75:69:9b:8c:3c:0e:10:3c:9d:5f:3a:8e:ee:13:fd:
99:45:23:8d:1a:39:de:4a:bd:0c:a6:c2:3b:a9:f0:
aa:40:c9:a5:fa:d3:3c:a2:22:90:67:77:79:2c:05:
5c:75:ee:92:31:69:9e:28:ac:67:e8:e2:1f:a1:fd:
32:4a:ec:d6:78:8b:ca:8d:9a:42:65:18:b9:48:3d:
3f:8d:7b:53:13:cb:d3:49:bb:05:a6:7f:47:39:10:
06:c0:86:89:a0:5a:f0:42:d2:97:cf:03:3c:61:64:
e0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2F:BF:69:AA:21:1A:42:8A:D2:07:DB:2D:7D:4A:39:C6:C1:44:97
X509v3 Authority Key Identifier:
keyid:E8:C3:E6:45:2A:63:F8:E4:7A:25:7E:53:C1:A8:FF:A7:5F:91:EA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MPmRSpj-OR6JX5Twaj_p1-R6kA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/db4658-4275-43ba-9da9-6d810b0ada0a/1/HS-_aaohGkKK0gfbLX1KOcbBRJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/db4658-4275-43ba-9da9-6d810b0ada0a/1/6MPmRSpj-OR6JX5Twaj_p1-R6kA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.140.0/22
IPv6:
2a0b:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
21:3c:cd:ea:48:a1:9f:0a:f5:bd:18:37:45:4a:8e:15:d8:23:
22:8c:a6:b3:86:c5:ee:25:ca:46:9d:e3:48:1a:4d:62:d8:10:
76:e2:41:82:9b:33:68:9f:99:53:be:8b:ef:6d:46:f1:c8:76:
9f:1b:d1:40:61:67:8a:cf:69:5f:92:bc:70:ca:a7:bb:6d:40:
72:c5:40:4e:96:8e:0c:47:85:2b:7b:f0:d7:34:53:81:9a:5a:
76:6d:72:0b:dc:d1:85:21:d6:5d:f6:dd:69:ab:a7:47:0e:45:
24:f6:43:b9:cf:6b:63:0d:0c:b0:c3:7f:9f:d8:64:51:f3:95:
ba:02:e8:50:85:3c:c7:0b:c7:e0:3e:26:95:a8:a6:71:a9:26:
aa:16:7a:b6:a4:3c:03:7a:ee:d5:92:be:69:1d:9b:0b:bc:eb:
1e:2f:af:26:5d:d6:f6:89:7c:e0:9c:ad:21:96:bb:5f:7b:59:
75:f4:04:de:b9:4d:51:17:5a:d3:b3:c0:e3:e2:86:ca:94:e3:
1e:71:16:80:21:ce:0e:ca:ad:13:6d:e0:bc:7d:51:fb:a0:32:
02:94:71:52:98:49:76:ea:3a:b3:94:dd:75:f9:8a:35:27:6a:
69:ad:87:09:c8:f2:e5:98:c1:bb:2a:0a:47:7a:da:3a:3c:38:
ae:c2:c5:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHntbhljWD4qEUH0G8E2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzNlNjQ1MmE2M2Y4ZTQ3YTI1N2U1M2MxYThmZmE3NWY5
MWVhNDAwHhcNMjMwMTAyMDYxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJmYmY2OWFhMjExYTQyOGFkMjA3ZGIyZDdkNGEzOWM2YzE0NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYQqSWB48PLIHyZ4u7ErOnGrGad1
ALBbuHbGkFRManry4yadujQGMMcUug/gCfpJh0gmA5W2XEQMKYisYycHLEhkIH1p
5dq8rZUqa9afwcVsT4URYMT/mb5JPfzpv7nnGSfsAmaL+3UWBj/VB/0h9A9gKEV9
12UHDJNw2slSXI3zjlOqkkfzorerltI5ZvZAnfMw7H11aZuMPA4QPJ1fOo7uE/2Z
RSONGjneSr0MpsI7qfCqQMml+tM8oiKQZ3d5LAVcde6SMWmeKKxn6OIfof0ySuzW
eIvKjZpCZRi5SD0/jXtTE8vTSbsFpn9HORAGwIaJoFrwQtKXzwM8YWTgfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0vv2mqIRpCitIH2y19SjnGwUSXMB8GA1UdIwQY
MBaAFOjD5kUqY/jkeiV+U8Go/6dfkepAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1QbVJTcGotT1I2Slg1VHdhal9wMS1SNmtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kYjQ2NTgtNDI3NS00M2JhLTlkYTkt
NmQ4MTBiMGFkYTBhLzEvSFMtX2Fhb2hHa0tLMGdmYkxYMUtPY2JCUkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kYjQ2NTgtNDI3NS00M2JhLTlkYTktNmQ4MTBiMGFkYTBh
LzEvNk1QbVJTcGotT1I2Slg1VHdhal9wMS1SNmtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuceMMA0E
AgACMAcDBQMqCytAMA0GCSqGSIb3DQEBCwUAA4IBAQAhPM3qSKGfCvW9GDdFSo4V
2CMijKazhsXuJcpGneNIGk1i2BB24kGCmzNon5lTvovvbUbxyHafG9FAYWeKz2lf
krxwyqe7bUByxUBOlo4MR4Ure/DXNFOBmlp2bXIL3NGFIdZd9t1pq6dHDkUk9kO5
z2tjDQyww3+f2GRR85W6AuhQhTzHC8fgPiaVqKZxqSaqFnq2pDwDeu7Vkr5pHZsL
vOseL68mXdb2iXzgnK0hlrtfe1l19ATeuU1RF1rTs8Dj4obKlOMecRaAIc4Oyq0T
beC8fVH7oDIClHFSmEl26jqzlN11+Yo1J2pprYcJyPLlmMG7KgpHeto6PDiuwsUS
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:54 2024 by rpki-client on console-ams.rpki-client.org