Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/HzIpAxETJtTdh7soz6WiumBVMzQ.roa
File: HzIpAxETJtTdh7soz6WiumBVMzQ.roa (raw, json)
Hash identifier: WPHs6fEw8KbrnHUalJcpO1tDupmmTcL4qkemX3JczqE=
Subject key identifier: 1F:32:29:03:11:13:26:D4:DD:87:BB:28:CF:A5:A2:BA:60:55:33:34
Certificate issuer: /CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Certificate serial: 01856F2FD5AFD305CC6856717C8617D6D994
Authority key identifier: BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/HzIpAxETJtTdh7soz6WiumBVMzQ.roa
Signing time: Sun 01 Jan 2023 21:14:43 +0000
ROA not before: Sun 01 Jan 2023 21:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5602
IP address blocks: 185.82.224.0/22 maxlen: 22
2a05:9540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:d5:af:d3:05:cc:68:56:71:7c:86:17:d6:d9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Validity
Not Before: Jan 1 21:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f322903111326d4dd87bb28cfa5a2ba60553334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b4:d8:28:01:05:44:23:be:b2:63:9a:a6:6f:
81:c5:db:d0:94:f8:c4:e6:e4:46:08:fb:b0:97:1f:
12:5b:b7:45:0b:4a:d2:62:fb:28:06:1c:52:ad:1e:
41:fe:95:ee:d3:b6:d0:ab:8a:b7:1d:d1:50:68:20:
e1:e6:08:d4:3a:b8:aa:e0:34:34:c6:58:be:cd:3f:
d3:36:d8:2e:9b:e9:3c:d8:e9:16:29:6f:09:fd:c0:
5f:54:75:07:70:39:4b:3f:d7:5d:84:57:86:fe:2c:
ee:ad:37:41:0b:65:d0:b3:51:be:b3:ff:c0:8b:4a:
3e:d1:e9:8a:c6:02:b4:1f:dc:d2:c9:93:4f:ce:ca:
5b:fd:bb:d6:80:32:79:95:46:a7:dd:86:87:b3:9e:
33:d0:c5:b4:a8:d8:eb:7d:d3:f2:8d:4b:06:8d:e8:
59:fc:cb:72:48:aa:00:72:f4:3d:fa:c7:0e:59:00:
62:90:e5:29:37:a0:03:54:74:5c:ed:34:0f:1a:95:
dc:b9:c6:4b:50:6f:22:cb:1e:bf:b4:95:ae:51:0e:
c3:cc:2c:29:4a:6b:f0:d0:97:c1:43:d0:7a:9a:ae:
14:03:b6:b3:33:ba:60:5e:bb:a5:10:82:cc:24:f7:
1a:0e:6d:0c:7b:1e:08:5e:42:46:25:54:03:de:6b:
98:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:32:29:03:11:13:26:D4:DD:87:BB:28:CF:A5:A2:BA:60:55:33:34
X509v3 Authority Key Identifier:
keyid:BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/HzIpAxETJtTdh7soz6WiumBVMzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.224.0/22
IPv6:
2a05:9540::/29
Signature Algorithm: sha256WithRSAEncryption
46:82:9f:2b:8d:ba:0d:7d:d4:92:1e:43:0f:6d:ff:cd:28:3d:
ef:eb:6d:67:a4:26:93:c0:93:5f:5c:55:8d:7c:cf:29:89:9c:
1c:7d:d8:56:09:14:82:84:fb:bd:0d:a9:11:03:e9:28:b1:29:
bf:d2:12:9a:05:7d:52:12:4e:56:d7:bf:3f:66:8a:9d:da:b9:
68:de:30:1a:04:b9:d1:2b:07:ad:67:57:d4:70:97:e7:ef:45:
3d:17:f5:2f:4e:f2:97:bd:87:ea:7a:14:83:d3:ba:56:25:0b:
f5:29:b4:dc:b4:bc:2b:45:cc:62:0e:c7:bb:70:93:31:ce:d4:
4b:aa:59:ef:40:4b:4d:61:50:ff:a1:d9:e5:1d:8a:45:59:b8:
ae:9a:e7:26:d8:15:2e:a7:71:f6:cb:2e:5f:8c:fc:ae:99:81:
5e:97:ce:0e:49:6b:81:49:30:2d:0f:28:d4:4e:7d:87:b0:54:
8c:d7:27:40:94:29:3a:48:f7:b2:d2:52:a2:fc:cd:a3:18:2f:
fe:49:5b:dc:46:05:3d:96:78:ae:b8:bb:c6:7f:1d:16:77:8c:
d8:87:7d:a3:e9:1c:5a:63:4a:5f:c9:b1:5e:ee:df:c9:06:0f:
02:f4:e9:0c:f6:f1:10:fa:a5:72:41:68:59:aa:ad:5a:bb:56:
94:a4:62:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL9Wv0wXMaFZxfIYX1tmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDA5YTg3NzQzODE3YzU2ZjgwODgwMDdhNTc0NmViNjlm
ZjJlMzAwHhcNMjMwMTAxMjExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMyMjkwMzExMTMyNmQ0ZGQ4N2JiMjhjZmE1YTJiYTYwNTUzMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrTYKAEFRCO+smOapm+BxdvQlPjE
5uRGCPuwlx8SW7dFC0rSYvsoBhxSrR5B/pXu07bQq4q3HdFQaCDh5gjUOriq4DQ0
xli+zT/TNtgum+k82OkWKW8J/cBfVHUHcDlLP9ddhFeG/izurTdBC2XQs1G+s//A
i0o+0emKxgK0H9zSyZNPzspb/bvWgDJ5lUan3YaHs54z0MW0qNjrfdPyjUsGjehZ
/MtySKoAcvQ9+scOWQBikOUpN6ADVHRc7TQPGpXcucZLUG8iyx6/tJWuUQ7DzCwp
Smvw0JfBQ9B6mq4UA7azM7pgXrulEILMJPcaDm0Mex4IXkJGJVQD3muYvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8yKQMREybU3Ye7KM+lorpgVTM0MB8GA1UdIwQY
MBaAFL/Qmod0OBfFb4CIAHpXRutp/y4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUt
ZGJjYThjMzFlYmM4LzEvSHpJcEF4RVRKdFRkaDdzb3o2V2l1bUJWTXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUtZGJjYThjMzFlYmM4
LzEvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVLgMA0E
AgACMAcDBQMqBZVAMA0GCSqGSIb3DQEBCwUAA4IBAQBGgp8rjboNfdSSHkMPbf/N
KD3v621npCaTwJNfXFWNfM8piZwcfdhWCRSChPu9DakRA+kosSm/0hKaBX1SEk5W
178/Zoqd2rlo3jAaBLnRKwetZ1fUcJfn70U9F/UvTvKXvYfqehSD07pWJQv1KbTc
tLwrRcxiDse7cJMxztRLqlnvQEtNYVD/odnlHYpFWbiumucm2BUup3H2yy5fjPyu
mYFel84OSWuBSTAtDyjUTn2HsFSM1ydAlCk6SPey0lKi/M2jGC/+SVvcRgU9lniu
uLvGfx0Wd4zYh32j6RxaY0pfybFe7t/JBg8C9OkM9vEQ+qVyQWhZqq1au1aUpGIT
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:55 2024 by rpki-client on console-ams.rpki-client.org