Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b7873e-2475-471d-b039-18ecd04a7b5e/1/HDIK4W-PwsbU2T8AuwE-9L2LyUk.roa
File: HDIK4W-PwsbU2T8AuwE-9L2LyUk.roa (raw, json)
Hash identifier: DYZ/lc7kPWut4iYfQp8t8eZuqivIphW3R726r4fB+qQ=
Subject key identifier: 1C:32:0A:E1:6F:8F:C2:C6:D4:D9:3F:00:BB:01:3E:F4:BD:8B:C9:49
Certificate issuer: /CN=77d18b0f6535fcbbb492f606cb880be7a26efcc2
Certificate serial: 018572E8299FBB807F0500CC7B41BBA2CD93
Authority key identifier: 77:D1:8B:0F:65:35:FC:BB:B4:92:F6:06:CB:88:0B:E7:A2:6E:FC:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9GLD2U1_Lu0kvYGy4gL56Ju_MI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b7873e-2475-471d-b039-18ecd04a7b5e/1/HDIK4W-PwsbU2T8AuwE-9L2LyUk.roa
Signing time: Mon 02 Jan 2023 14:34:55 +0000
ROA not before: Mon 02 Jan 2023 14:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206197
IP address blocks: 185.192.54.0/24 maxlen: 24
185.192.53.0/24 maxlen: 24
185.192.55.0/24 maxlen: 24
185.192.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:29:9f:bb:80:7f:05:00:cc:7b:41:bb:a2:cd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d18b0f6535fcbbb492f606cb880be7a26efcc2
Validity
Not Before: Jan 2 14:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c320ae16f8fc2c6d4d93f00bb013ef4bd8bc949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9f:6a:9e:d3:a0:1c:f4:7e:f4:11:cf:d0:04:
23:89:12:54:d2:c9:f4:11:a2:8f:e5:9e:bd:46:99:
96:aa:3b:9d:2f:7c:a6:fe:76:8e:14:48:44:52:2f:
dc:df:a8:65:25:87:6a:f5:55:e8:51:10:e2:28:93:
b9:cd:a8:7f:6a:b4:5a:35:f0:3a:45:78:3b:0c:b0:
af:82:49:c2:05:8b:81:f9:90:18:31:01:62:ff:95:
3c:f9:86:70:a1:91:e4:69:5d:d6:c0:d3:96:dd:0f:
1f:80:f1:32:b1:a1:47:1e:a0:57:5c:65:bb:51:ab:
58:f3:69:0e:0c:18:46:a1:f3:9e:00:a2:0f:05:65:
8b:f7:a2:e7:56:99:9d:27:8e:28:14:78:76:c4:61:
62:8b:29:63:db:fb:52:b4:be:21:15:b3:1a:06:7f:
e5:9d:bb:df:8b:3a:e5:66:48:4f:59:22:a8:45:11:
4d:4b:29:30:5e:c4:96:db:bf:46:d4:2f:70:79:46:
a3:61:41:53:bc:54:b0:d5:e7:38:66:67:21:ca:3d:
79:59:04:35:41:1a:71:a0:52:33:18:80:fb:0c:0a:
ec:0c:fd:de:37:27:d8:90:d7:20:fc:cb:c4:98:91:
5f:43:83:f8:07:56:23:b2:72:78:d6:3b:7a:ad:c5:
e9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:32:0A:E1:6F:8F:C2:C6:D4:D9:3F:00:BB:01:3E:F4:BD:8B:C9:49
X509v3 Authority Key Identifier:
keyid:77:D1:8B:0F:65:35:FC:BB:B4:92:F6:06:CB:88:0B:E7:A2:6E:FC:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9GLD2U1_Lu0kvYGy4gL56Ju_MI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b7873e-2475-471d-b039-18ecd04a7b5e/1/HDIK4W-PwsbU2T8AuwE-9L2LyUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b7873e-2475-471d-b039-18ecd04a7b5e/1/d9GLD2U1_Lu0kvYGy4gL56Ju_MI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.52.0/22
Signature Algorithm: sha256WithRSAEncryption
99:46:dd:38:93:fe:e2:9d:1c:9c:4d:64:58:dd:34:f2:5c:d5:
1c:73:60:4a:4a:b6:98:23:cf:95:70:df:cf:18:ea:dc:49:50:
8d:8f:b6:12:35:fd:31:1a:a0:5a:78:e6:ac:cb:e1:36:11:b9:
5b:aa:6b:0e:52:eb:2e:4e:6e:12:a8:6a:4d:f9:0f:d2:7f:7b:
f6:54:bf:35:80:10:0f:d5:93:06:da:5c:fc:79:fa:e9:30:da:
71:b2:a3:c3:4f:0e:75:24:f2:ae:16:87:c3:67:d9:75:02:13:
95:77:3a:4a:eb:f5:bf:b8:6d:55:f1:bd:3a:9f:fa:a6:92:4e:
b7:5b:45:48:eb:1b:9a:57:15:89:38:c4:46:5a:e2:63:55:8b:
7f:97:9b:a0:23:22:29:86:99:2d:a5:7f:33:7b:f0:b0:c9:aa:
83:e3:e3:f3:9f:2a:c1:92:e1:f9:5e:7e:ee:92:f3:15:66:bd:
cd:9e:a6:37:63:17:df:2e:31:6d:73:7f:37:0f:4d:e0:a2:f6:
e6:cc:f6:1a:a5:c8:8e:91:e3:c0:4b:3c:70:46:99:db:ab:d0:
d0:68:22:00:50:cd:4a:7c:43:d4:1d:03:c1:8b:b9:7a:ec:58:
89:8b:fb:f6:cd:2e:6c:bf:1d:68:88:8b:e4:68:6c:cf:6e:8f:
48:20:4a:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6Cmfu4B/BQDMe0G7os2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDE4YjBmNjUzNWZjYmJiNDkyZjYwNmNiODgwYmU3YTI2
ZWZjYzIwHhcNMjMwMTAyMTQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMyMGFlMTZmOGZjMmM2ZDRkOTNmMDBiYjAxM2VmNGJkOGJjOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J9qntOgHPR+9BHP0AQjiRJU0sn0
EaKP5Z69RpmWqjudL3ym/naOFEhEUi/c36hlJYdq9VXoURDiKJO5zah/arRaNfA6
RXg7DLCvgknCBYuB+ZAYMQFi/5U8+YZwoZHkaV3WwNOW3Q8fgPEysaFHHqBXXGW7
UatY82kODBhGofOeAKIPBWWL96LnVpmdJ44oFHh2xGFiiylj2/tStL4hFbMaBn/l
nbvfizrlZkhPWSKoRRFNSykwXsSW279G1C9weUajYUFTvFSw1ec4Zmchyj15WQQ1
QRpxoFIzGID7DArsDP3eNyfYkNcg/MvEmJFfQ4P4B1YjsnJ41jt6rcXpiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwyCuFvj8LG1Nk/ALsBPvS9i8lJMB8GA1UdIwQY
MBaAFHfRiw9lNfy7tJL2BsuIC+eibvzCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlHTEQyVTFfTHUwa3ZZR3k0Z0w1Nkp1X01JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iNzg3M2UtMjQ3NS00NzFkLWIwMzkt
MThlY2QwNGE3YjVlLzEvSERJSzRXLVB3c2JVMlQ4QXV3RS05TDJMeVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iNzg3M2UtMjQ3NS00NzFkLWIwMzktMThlY2QwNGE3YjVl
LzEvZDlHTEQyVTFfTHUwa3ZZR3k0Z0w1Nkp1X01JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucA0MA0G
CSqGSIb3DQEBCwUAA4IBAQCZRt04k/7inRycTWRY3TTyXNUcc2BKSraYI8+VcN/P
GOrcSVCNj7YSNf0xGqBaeOasy+E2EblbqmsOUusuTm4SqGpN+Q/Sf3v2VL81gBAP
1ZMG2lz8efrpMNpxsqPDTw51JPKuFofDZ9l1AhOVdzpK6/W/uG1V8b06n/qmkk63
W0VI6xuaVxWJOMRGWuJjVYt/l5ugIyIphpktpX8ze/CwyaqD4+PznyrBkuH5Xn7u
kvMVZr3NnqY3YxffLjFtc383D03govbmzPYapciOkePASzxwRpnbq9DQaCIAUM1K
fEPUHQPBi7l67FiJi/v2zS5svx1oiIvkaGzPbo9IIEpJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org