Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/HCHAsd2R03CSSGv0Fvac2oZ4V20.roa
File: HCHAsd2R03CSSGv0Fvac2oZ4V20.roa (raw, json)
Hash identifier: YowIvlUXnD2P2XxMH+sl5AksdqVX6EOWzEzs5QcVryg=
Subject key identifier: 1C:21:C0:B1:DD:91:D3:70:92:48:6B:F4:16:F6:9C:DA:86:78:57:6D
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 0185AA5B3DDA07D7E00BA566EA50E643EF64
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/HCHAsd2R03CSSGv0Fvac2oZ4V20.roa
Signing time: Fri 13 Jan 2023 08:59:44 +0000
ROA not before: Fri 13 Jan 2023 08:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 192.35.206.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 18:16:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:5b:3d:da:07:d7:e0:0b:a5:66:ea:50:e6:43:ef:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 13 08:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c21c0b1dd91d37092486bf416f69cda8678576d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:8b:b3:8b:42:78:32:6c:8f:c7:90:14:fa:
1c:57:ec:79:cc:bd:dc:ab:8e:51:e4:71:81:0f:cf:
d6:c0:df:34:14:06:16:53:7d:73:fe:b8:61:ef:b6:
7e:5e:0b:41:39:42:3d:07:63:9a:be:0b:f9:46:13:
28:d1:59:3b:22:aa:f9:4f:df:a7:1b:68:01:33:55:
4b:ab:45:16:a6:b6:05:bd:6b:6d:58:f0:5f:cb:10:
47:a7:d3:f5:0d:d6:91:c6:b5:80:3b:ed:85:55:61:
f7:41:3d:3b:70:54:35:92:f1:62:a4:f4:8e:9f:4f:
fc:2f:ac:d8:99:dc:6c:67:9b:73:87:36:6e:00:4a:
ea:b9:56:88:c1:cb:23:a3:d8:7e:e3:25:8b:b1:20:
0a:5c:1a:b8:6f:7a:25:92:38:5b:01:b5:5f:ad:94:
ff:e5:9b:39:b7:7f:ca:a8:4a:1e:24:09:4d:3c:c5:
00:b8:d6:2f:45:52:f2:2e:89:92:d3:9b:1c:a4:1f:
b4:fa:86:ba:d1:ca:9f:d2:40:a9:3b:8d:85:e8:04:
9b:fe:0f:d6:cc:bf:2e:58:69:2d:29:84:d3:2c:37:
b7:41:15:20:e2:85:46:00:bc:41:86:88:ab:a4:4c:
6e:a6:82:2e:8d:11:d8:0c:94:3c:f6:7b:eb:b3:9c:
ab:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:21:C0:B1:DD:91:D3:70:92:48:6B:F4:16:F6:9C:DA:86:78:57:6D
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/HCHAsd2R03CSSGv0Fvac2oZ4V20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
192.35.206.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fd:f1:7a:34:04:ca:e7:10:34:15:ef:bf:a3:c1:a1:e0:8e:
19:b9:87:91:63:ce:94:e0:7b:d5:82:32:62:a9:9c:2a:4f:0b:
d4:3a:b4:5c:04:c3:56:bc:76:54:63:5e:ab:75:9b:e0:2d:f6:
91:34:44:de:5f:0c:cf:0b:ac:91:cd:85:96:0a:27:8b:ed:3d:
06:73:3e:e3:3f:5a:62:20:ec:c5:95:2f:8f:0a:8b:66:e1:dd:
53:c0:96:39:13:a3:45:30:ef:90:df:6f:19:1a:7c:fe:a9:6f:
8c:14:d7:e8:ca:75:de:e5:10:c3:48:55:9b:99:42:9c:8b:a5:
9a:99:22:14:82:b2:ef:51:a5:d7:48:2a:e5:26:98:a6:4b:ed:
a4:cc:2d:11:13:05:27:2a:3d:8b:0b:5b:91:50:04:cd:37:f4:
fa:cd:eb:4c:55:60:c5:34:57:63:95:f5:66:a6:f5:d5:6b:6a:
6a:2b:ce:cc:4a:a7:3c:75:1a:41:42:9a:cf:ae:bc:38:96:d8:
5c:ea:35:e4:89:3a:e6:65:02:7a:41:de:aa:fa:92:af:2c:1e:
d9:ca:e5:51:69:3f:22:fd:d1:99:a0:cc:c7:87:72:e4:5f:27:
e9:0e:11:4a:d4:95:b2:dd:d5:47:b5:c5:b1:85:05:74:ab:35:
bc:37:56:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWqWz3aB9fgC6Vm6lDmQ+9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwMTEzMDg1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIxYzBiMWRkOTFkMzcwOTI0ODZiZjQxNmY2OWNkYTg2Nzg1NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD6Ls4tCeDJsj8eQFPocV+x5zL3c
q45R5HGBD8/WwN80FAYWU31z/rhh77Z+XgtBOUI9B2Oavgv5RhMo0Vk7Iqr5T9+n
G2gBM1VLq0UWprYFvWttWPBfyxBHp9P1DdaRxrWAO+2FVWH3QT07cFQ1kvFipPSO
n0/8L6zYmdxsZ5tzhzZuAErquVaIwcsjo9h+4yWLsSAKXBq4b3olkjhbAbVfrZT/
5Zs5t3/KqEoeJAlNPMUAuNYvRVLyLomS05scpB+0+oa60cqf0kCpO42F6ASb/g/W
zL8uWGktKYTTLDe3QRUg4oVGALxBhoirpExupoIujRHYDJQ89nvrs5yr5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBwhwLHdkdNwkkhr9Bb2nNqGeFdtMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvSENIQXNkMlIwM0NTU0d2MEZ2YWMyb1o0VjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHxkLAwQA
k72jAwQAwCPOMA0GCSqGSIb3DQEBCwUAA4IBAQBf/fF6NATK5xA0Fe+/o8Gh4I4Z
uYeRY86U4HvVgjJiqZwqTwvUOrRcBMNWvHZUY16rdZvgLfaRNETeXwzPC6yRzYWW
CieL7T0Gcz7jP1piIOzFlS+PCotm4d1TwJY5E6NFMO+Q328ZGnz+qW+MFNfoynXe
5RDDSFWbmUKci6WamSIUgrLvUaXXSCrlJpimS+2kzC0REwUnKj2LC1uRUATNN/T6
zetMVWDFNFdjlfVmpvXVa2pqK87MSqc8dRpBQprPrrw4lthc6jXkiTrmZQJ6Qd6q
+pKvLB7ZyuVRaT8i/dGZoMzHh3LkXyfpDhFK1JWy3dVHtcWxhQV0qzW8N1be
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org