Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa
File: HtwktgawS9kU4817XxNB3GwiZsE.roa (raw, json)
Hash identifier: nDyNtxrzg9l75vn3GIkTbPZpzDWx+szYXjJ3OtX8sqE=
Subject key identifier: 1E:DC:24:B6:06:B0:4B:D9:14:E3:CD:7B:5F:13:41:DC:6C:22:66:C1
Certificate issuer: /CN=e3786587ad47205a81128e578c90caee1e48828b
Certificate serial: 01856F0B3697F8D666E87180D4CA0BF895A9
Authority key identifier: E3:78:65:87:AD:47:20:5A:81:12:8E:57:8C:90:CA:EE:1E:48:82:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43hlh61HIFqBEo5XjJDK7h5Igos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa
Signing time: Sun 01 Jan 2023 20:34:43 +0000
ROA not before: Sun 01 Jan 2023 20:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200978
IP address blocks: 185.89.228.0/22 maxlen: 22
91.227.98.0/23 maxlen: 23
2a05:d980::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:36:97:f8:d6:66:e8:71:80:d4:ca:0b:f8:95:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3786587ad47205a81128e578c90caee1e48828b
Validity
Not Before: Jan 1 20:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1edc24b606b04bd914e3cd7b5f1341dc6c2266c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:13:03:9e:16:c5:31:8e:b2:88:5b:02:a1:73:
aa:c9:84:46:88:e9:ad:eb:6f:2d:e1:f0:b6:af:6e:
5a:00:b0:70:6a:8c:32:a1:e8:45:f6:71:5d:20:89:
3e:aa:53:71:9b:b1:3c:db:0f:cb:1d:ca:95:26:c3:
7c:0e:37:dc:4b:95:7e:d1:70:81:3b:6c:88:68:41:
79:c7:e0:5e:63:36:1d:d8:73:9d:f1:c4:f2:8f:32:
71:7b:45:d4:8c:ca:07:19:0e:bc:6e:45:31:a6:b6:
de:36:2a:73:6f:19:7d:90:a2:02:bc:be:15:eb:86:
ab:07:de:69:ec:23:53:f2:ac:b0:02:a5:df:b0:e5:
8c:3b:00:04:9f:c3:0e:de:b3:9f:ba:14:0d:5e:96:
d2:48:b5:5e:2b:db:e1:44:0e:ce:26:98:79:fe:9b:
0e:d0:86:07:60:74:9e:db:d5:f3:0d:7e:d8:6c:81:
f7:7c:5c:68:2c:0e:5e:8e:e9:80:55:6c:1d:22:2c:
0f:9a:df:02:17:51:62:29:64:2f:b9:41:33:bd:ec:
ff:ac:cd:20:3d:87:3e:8e:c2:58:d2:0b:9e:7a:ac:
62:9e:49:48:40:2d:a7:cd:1e:86:72:2a:50:e8:b5:
57:34:c3:16:e6:67:84:7b:77:4a:c9:b7:a2:f4:cd:
48:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DC:24:B6:06:B0:4B:D9:14:E3:CD:7B:5F:13:41:DC:6C:22:66:C1
X509v3 Authority Key Identifier:
keyid:E3:78:65:87:AD:47:20:5A:81:12:8E:57:8C:90:CA:EE:1E:48:82:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43hlh61HIFqBEo5XjJDK7h5Igos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/43hlh61HIFqBEo5XjJDK7h5Igos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.98.0/23
185.89.228.0/22
IPv6:
2a05:d980::/29
Signature Algorithm: sha256WithRSAEncryption
a4:d9:e4:ec:4e:ea:6a:2d:21:31:ac:0d:98:54:d0:07:a6:8e:
60:56:a9:ec:f3:37:fc:38:fb:1a:57:c9:99:10:cb:82:a2:37:
76:b3:90:5d:8d:9f:9e:75:6d:2c:48:c7:17:82:29:b3:8e:ba:
71:8e:22:90:61:e4:31:d3:9e:84:e8:d4:d8:97:a6:88:65:17:
00:5b:79:f3:56:02:fc:36:e7:d4:19:7f:69:16:44:9a:27:9a:
0f:20:43:11:72:09:93:dd:05:c2:d9:f9:75:1a:db:71:1c:c1:
a8:0c:37:60:dd:7f:e6:7f:dc:ee:51:d7:27:72:f1:d2:35:e1:
d3:6c:ea:13:44:17:ae:6b:70:21:6c:23:cd:1f:86:b9:71:da:
d5:37:ff:cd:e4:b4:cf:01:dd:49:a0:6e:9b:6f:cf:a8:71:ed:
e6:4c:7e:7b:ec:ae:b9:ad:41:ff:5c:1e:29:19:54:bd:74:e6:
c0:0e:40:90:32:19:ea:3a:da:ee:35:03:6c:c4:40:db:a0:63:
ac:08:c3:7b:9a:74:a2:f9:c1:38:ec:f4:f7:d0:fa:3e:5b:e3:
df:95:6f:34:e3:26:96:de:79:99:0c:56:29:60:6a:1c:e7:10:
6c:73:49:65:be:9c:99:f7:1b:6e:b0:30:82:b0:74:da:6b:a6:
80:e4:ad:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvCzaX+NZm6HGA1MoL+JWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzg2NTg3YWQ0NzIwNWE4MTEyOGU1NzhjOTBjYWVlMWU0
ODgyOGIwHhcNMjMwMTAxMjAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRjMjRiNjA2YjA0YmQ5MTRlM2NkN2I1ZjEzNDFkYzZjMjI2NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBMDnhbFMY6yiFsCoXOqyYRGiOmt
628t4fC2r25aALBwaowyoehF9nFdIIk+qlNxm7E82w/LHcqVJsN8DjfcS5V+0XCB
O2yIaEF5x+BeYzYd2HOd8cTyjzJxe0XUjMoHGQ68bkUxprbeNipzbxl9kKICvL4V
64arB95p7CNT8qywAqXfsOWMOwAEn8MO3rOfuhQNXpbSSLVeK9vhRA7OJph5/psO
0IYHYHSe29XzDX7YbIH3fFxoLA5ejumAVWwdIiwPmt8CF1FiKWQvuUEzvez/rM0g
PYc+jsJY0gueeqxinklIQC2nzR6GcipQ6LVXNMMW5meEe3dKybei9M1IhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB7cJLYGsEvZFOPNe18TQdxsImbBMB8GA1UdIwQY
MBaAFON4ZYetRyBagRKOV4yQyu4eSIKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNobGg2MUhJRnFCRW81WGpKREs3aDVJZ29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iYjZhN2MtMzFhNC00ZDMzLWE4NTMt
MDdjYzQ2ZTYzYjUwLzEvSHR3a3RnYXdTOWtVNDgxN1h4TkIzR3dpWnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9iYjZhN2MtMzFhNC00ZDMzLWE4NTMtMDdjYzQ2ZTYzYjUw
LzEvNDNobGg2MUhJRnFCRW81WGpKREs3aDVJZ29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+NiAwQC
uVnkMA0EAgACMAcDBQMqBdmAMA0GCSqGSIb3DQEBCwUAA4IBAQCk2eTsTupqLSEx
rA2YVNAHpo5gVqns8zf8OPsaV8mZEMuCojd2s5BdjZ+edW0sSMcXgimzjrpxjiKQ
YeQx056E6NTYl6aIZRcAW3nzVgL8NufUGX9pFkSaJ5oPIEMRcgmT3QXC2fl1Gttx
HMGoDDdg3X/mf9zuUdcncvHSNeHTbOoTRBeua3AhbCPNH4a5cdrVN//N5LTPAd1J
oG6bb8+oce3mTH577K65rUH/XB4pGVS9dObADkCQMhnqOtruNQNsxEDboGOsCMN7
mnSi+cE47PT30Po+W+PflW804yaW3nmZDFYpYGoc5xBsc0llvpyZ9xtusDCCsHTa
a6aA5K3d
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:53 2024 by rpki-client on console-fra.rpki-client.org