Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/HG6Zszpc8DotgX7eHIKfdI9wZ-8.roa
File: HG6Zszpc8DotgX7eHIKfdI9wZ-8.roa (raw, json)
Hash identifier: P1djU5ihiLDgqI1LIhNYptgGDvmMQhBmM1oosFwykoc=
Subject key identifier: 1C:6E:99:B3:3A:5C:F0:3A:2D:81:7E:DE:1C:82:9F:74:8F:70:67:EF
Certificate issuer: /CN=3c02094c2210d8b21715f98df8598b353208d10c
Certificate serial: 0185715E5808B92CDE0764461C31C2F1C0F1
Authority key identifier: 3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/HG6Zszpc8DotgX7eHIKfdI9wZ-8.roa
Signing time: Mon 02 Jan 2023 07:24:46 +0000
ROA not before: Mon 02 Jan 2023 07:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211200
IP address blocks: 92.119.39.0/24 maxlen: 24
194.180.63.0/24 maxlen: 24
194.180.62.0/24 maxlen: 24
194.180.61.0/24 maxlen: 24
194.180.60.0/22 maxlen: 22
194.180.60.0/24 maxlen: 24
2a0b:e340::/32 maxlen: 32
2a0b:e341::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:58:08:b9:2c:de:07:64:46:1c:31:c2:f1:c0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c02094c2210d8b21715f98df8598b353208d10c
Validity
Not Before: Jan 2 07:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c6e99b33a5cf03a2d817ede1c829f748f7067ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:38:40:08:25:2c:c4:62:95:a0:28:63:38:
9a:4f:0d:8d:94:77:62:30:98:ac:65:9e:00:ce:de:
66:21:8b:a9:57:ad:24:4f:e7:b3:85:2f:02:28:1c:
59:34:51:e7:82:78:4d:73:b9:4d:3e:a1:05:3e:cd:
60:3d:3d:6a:a7:a0:f2:44:c8:ff:cd:84:f6:a9:06:
fd:9f:e2:97:93:f4:35:7c:25:b2:16:e3:d4:2d:5b:
8b:fc:a8:b0:f1:8d:b8:ee:88:c5:24:51:74:c9:0d:
7f:8e:a9:40:3f:9e:db:51:29:87:98:3f:66:3e:33:
a8:8c:4e:96:7a:5f:6c:42:8e:86:bf:3c:20:5b:47:
05:e9:8b:48:4c:81:ef:3a:fc:ea:43:8a:26:46:92:
bd:31:3e:a6:0b:e5:26:7f:8b:e6:eb:57:6c:29:0d:
6a:2a:69:23:11:99:21:2b:a1:39:0a:06:8d:82:55:
97:99:2b:19:27:92:ce:e2:97:f9:ec:44:19:25:61:
36:16:ef:47:d8:13:f7:d2:91:b6:19:02:61:2c:85:
be:e8:fc:ea:da:d8:d0:e7:c0:f8:be:62:65:5e:02:
77:0f:ac:a4:a7:b4:45:e7:77:3d:03:ef:7f:1a:65:
d6:4a:cb:7b:31:7b:5e:d5:6f:26:85:c2:35:32:2a:
c7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6E:99:B3:3A:5C:F0:3A:2D:81:7E:DE:1C:82:9F:74:8F:70:67:EF
X509v3 Authority Key Identifier:
keyid:3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/HG6Zszpc8DotgX7eHIKfdI9wZ-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.39.0/24
194.180.60.0/22
IPv6:
2a0b:e340::/31
Signature Algorithm: sha256WithRSAEncryption
39:cb:1e:e1:0a:6d:d1:20:fb:e3:e7:12:54:f2:1b:e0:e6:03:
8c:63:2a:9b:f9:f5:7f:5b:66:8d:36:53:33:6f:1c:74:d7:a2:
64:1e:c1:3f:cb:7b:ba:f6:b8:ab:f5:26:24:92:8d:ee:93:8e:
f7:dc:46:7c:9a:f1:3e:bc:75:eb:2b:8e:c0:c4:4a:aa:e0:31:
af:07:34:2e:2b:a9:d2:9c:e9:7e:4a:e2:53:41:d1:7d:6b:65:
06:59:64:e8:3c:cb:c4:b5:4c:42:d4:1e:67:4d:e3:1e:a4:d1:
1c:52:4d:94:e3:ea:c3:98:c0:76:d0:1f:36:c1:f8:9f:63:73:
a5:57:39:24:ce:1c:7c:94:8d:67:a9:28:48:00:5c:73:aa:e3:
0e:0c:12:14:4d:81:a1:ec:e3:4a:12:92:73:14:dc:d5:3f:29:
6f:3a:b1:82:f9:d8:71:08:f1:4d:97:06:9a:73:cb:43:e5:41:
91:b0:c2:0a:fb:fe:e5:9e:2d:dd:8d:aa:3b:fd:a1:19:99:09:
7b:54:03:6b:51:b6:59:19:77:e6:6e:b8:35:85:4e:27:e7:6a:
ff:a6:f0:c1:2b:7f:d2:c6:24:4b:01:89:90:97:42:09:07:44:
2c:cc:df:3a:20:97:a2:ce:fa:fa:6e:85:9b:a5:2f:39:2b:25:
91:ca:f1:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxXlgIuSzeB2RGHDHC8cDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMDIwOTRjMjIxMGQ4YjIxNzE1Zjk4ZGY4NTk4YjM1MzIw
OGQxMGMwHhcNMjMwMTAyMDcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZlOTliMzNhNWNmMDNhMmQ4MTdlZGUxYzgyOWY3NDhmNzA2N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiQ4QAglLMRilaAoYziaTw2NlHdi
MJisZZ4Azt5mIYupV60kT+ezhS8CKBxZNFHngnhNc7lNPqEFPs1gPT1qp6DyRMj/
zYT2qQb9n+KXk/Q1fCWyFuPULVuL/Kiw8Y247ojFJFF0yQ1/jqlAP57bUSmHmD9m
PjOojE6Wel9sQo6GvzwgW0cF6YtITIHvOvzqQ4omRpK9MT6mC+Umf4vm61dsKQ1q
KmkjEZkhK6E5CgaNglWXmSsZJ5LO4pf57EQZJWE2Fu9H2BP30pG2GQJhLIW+6Pzq
2tjQ58D4vmJlXgJ3D6ykp7RF53c9A+9/GmXWSst7MXte1W8mhcI1MirHwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBxumbM6XPA6LYF+3hyCn3SPcGfvMB8GA1UdIwQY
MBaAFDwCCUwiENiyFxX5jfhZizUyCNEMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFJSlRDSVEyTElYRmZtTi1GbUxOVElJMFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85ODNjMmMtZGRhYi00MjJiLWJjZDIt
MTczNzRiZmZiNzFhLzEvSEc2WnN6cGM4RG90Z1g3ZUhJS2ZkSTl3Wi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85ODNjMmMtZGRhYi00MjJiLWJjZDItMTczNzRiZmZiNzFh
LzEvUEFJSlRDSVEyTElYRmZtTi1GbUxOVElJMFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXHcnAwQC
wrQ8MA0EAgACMAcDBQEqC+NAMA0GCSqGSIb3DQEBCwUAA4IBAQA5yx7hCm3RIPvj
5xJU8hvg5gOMYyqb+fV/W2aNNlMzbxx016JkHsE/y3u69rir9SYkko3uk4733EZ8
mvE+vHXrK47AxEqq4DGvBzQuK6nSnOl+SuJTQdF9a2UGWWToPMvEtUxC1B5nTeMe
pNEcUk2U4+rDmMB20B82wfifY3OlVzkkzhx8lI1nqShIAFxzquMODBIUTYGh7ONK
EpJzFNzVPylvOrGC+dhxCPFNlwaac8tD5UGRsMIK+/7lni3djao7/aEZmQl7VANr
UbZZGXfmbrg1hU4n52r/pvDBK3/SxiRLAYmQl0IJB0QszN86IJeizvr6boWbpS85
KyWRyvEu
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:00 2024 by rpki-client on console-fra.rpki-client.org