Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/HMQjcyRVDBW8XS11z_MQDDIna88.roa
File: HMQjcyRVDBW8XS11z_MQDDIna88.roa (raw, json)
Hash identifier: OhN4+9GxcbETIGpbLr8s7CXQ6kdIQYJQ+oYvyc/9h1Q=
Subject key identifier: 1C:C4:23:73:24:55:0C:15:BC:5D:2D:75:CF:F3:10:0C:32:27:6B:CF
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 01857030550DFCE8B544FB53EB0C69D64692
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/HMQjcyRVDBW8XS11z_MQDDIna88.roa
Signing time: Mon 02 Jan 2023 01:54:53 +0000
ROA not before: Mon 02 Jan 2023 01:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51402
IP address blocks: 185.196.224.0/22 maxlen: 22
185.128.120.0/22 maxlen: 22
185.221.136.0/22 maxlen: 22
178.239.64.0/20 maxlen: 20
2a02:2760::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Dec 2023 12:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:55:0d:fc:e8:b5:44:fb:53:eb:0c:69:d6:46:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Jan 2 01:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cc4237324550c15bc5d2d75cff3100c32276bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d5:f0:65:15:a3:59:e0:a1:83:15:dd:f2:4b:
2d:b1:d5:d1:6f:92:fa:db:78:00:86:1c:96:5d:7d:
f5:2f:39:26:18:e6:57:28:48:b9:2b:26:10:fa:e3:
fa:8f:aa:11:04:2d:2c:ed:9d:2a:69:3c:79:5f:06:
28:e9:ca:0a:c4:87:ee:4d:8c:18:a6:eb:9c:0c:53:
a1:98:20:e2:b2:b2:5a:2c:73:6e:40:8d:bf:7e:e2:
17:ef:62:a6:8d:42:50:c3:c5:3e:26:d7:83:bd:c1:
42:e1:77:1f:b2:fb:da:35:a1:45:39:5a:10:17:f0:
be:46:ba:38:09:56:c7:36:bf:16:9e:ef:58:0b:71:
d7:38:e5:7a:ae:96:a1:b1:28:6f:38:ce:15:c6:c8:
69:19:8c:8b:81:cb:e7:d9:a7:f7:d0:8a:ee:8f:72:
84:a0:79:48:6d:41:e2:9b:c9:77:61:8c:e9:00:12:
08:0b:33:b7:34:22:c4:22:d8:13:fb:84:66:c7:8e:
ea:39:fc:91:b9:72:db:a1:a7:bc:fc:9a:de:bb:1d:
d5:92:01:ef:5d:29:d7:c3:91:38:29:8f:8f:3b:88:
df:d9:dd:25:12:5b:09:c6:34:a7:e7:e8:23:fd:3f:
40:2c:e5:de:84:8d:9e:c7:e1:f6:f1:40:f0:34:79:
30:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C4:23:73:24:55:0C:15:BC:5D:2D:75:CF:F3:10:0C:32:27:6B:CF
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/HMQjcyRVDBW8XS11z_MQDDIna88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.64.0/20
185.128.120.0/22
185.196.224.0/22
185.221.136.0/22
IPv6:
2a02:2760::/32
Signature Algorithm: sha256WithRSAEncryption
a3:60:dc:7b:d8:da:eb:07:03:a7:b5:08:a4:96:9a:2d:63:c0:
c7:76:46:0e:02:eb:09:b2:86:74:43:7f:2e:3c:df:8f:cd:23:
d7:2e:17:24:4a:67:01:30:8d:a6:ca:01:d6:da:e6:47:9f:cb:
99:b6:b7:6e:ff:76:1b:1b:10:62:f0:07:2a:d3:6a:7f:8b:62:
9e:ab:5c:7c:86:6b:26:c8:a3:dd:7b:c8:05:5b:27:ec:c1:e6:
5f:a6:58:f0:75:f6:54:9e:46:c2:99:12:45:0e:25:2e:b5:bf:
fd:53:94:fe:5b:80:0d:de:2c:7c:b1:e2:b3:41:e4:9a:bb:85:
4a:98:62:23:46:d2:85:ef:6a:c3:e7:4a:c7:cd:1e:82:db:ac:
01:7d:e6:c8:79:6a:a9:c5:56:5b:49:bb:e3:d3:69:0b:05:f1:
cc:1c:48:03:fc:62:2f:e3:93:4f:2e:e0:30:ba:fe:67:c0:f8:
2d:47:b8:60:2f:71:38:08:c3:9c:6b:a9:03:d9:89:1f:3f:a4:
f4:fa:76:10:9f:97:6d:50:40:db:7b:d1:c9:b5:a4:68:62:0e:
4e:2e:6f:b2:f3:23:ae:f9:23:c8:bf:51:52:a9:1b:53:9f:08:
8b:f6:47:81:c6:ea:f0:56:8a:89:4e:ac:cd:8a:52:bf:20:b1:
0a:48:5f:26
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwMFUN/Oi1RPtT6wxp1kaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl
YTU3MDIwHhcNMjMwMTAyMDE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M0MjM3MzI0NTUwYzE1YmM1ZDJkNzVjZmYzMTAwYzMyMjc2YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdXwZRWjWeChgxXd8kstsdXRb5L6
23gAhhyWXX31LzkmGOZXKEi5KyYQ+uP6j6oRBC0s7Z0qaTx5XwYo6coKxIfuTYwY
puucDFOhmCDisrJaLHNuQI2/fuIX72KmjUJQw8U+JteDvcFC4XcfsvvaNaFFOVoQ
F/C+Rro4CVbHNr8Wnu9YC3HXOOV6rpahsShvOM4VxshpGYyLgcvn2af30Iruj3KE
oHlIbUHim8l3YYzpABIICzO3NCLEItgT+4Rmx47qOfyRuXLboae8/Jreux3VkgHv
XSnXw5E4KY+PO4jf2d0lElsJxjSn5+gj/T9ALOXehI2ex+H28UDwNHkwMwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBzEI3MkVQwVvF0tdc/zEAwyJ2vPMB8GA1UdIwQY
MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt
ZjIyNzQ5NjVjMDk1LzEvSE1RamN5UlZEQlc4WFMxMXpfTVFEREluYTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEtZjIyNzQ5NjVjMDk1
LzEvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEsu9AAwQC
uYB4AwQCucTgAwQCud2IMA0EAgACMAcDBQAqAidgMA0GCSqGSIb3DQEBCwUAA4IB
AQCjYNx72NrrBwOntQiklpotY8DHdkYOAusJsoZ0Q38uPN+PzSPXLhckSmcBMI2m
ygHW2uZHn8uZtrdu/3YbGxBi8Acq02p/i2Keq1x8hmsmyKPde8gFWyfsweZfpljw
dfZUnkbCmRJFDiUutb/9U5T+W4AN3ix8seKzQeSau4VKmGIjRtKF72rD50rHzR6C
26wBfebIeWqpxVZbSbvj02kLBfHMHEgD/GIv45NPLuAwuv5nwPgtR7hgL3E4CMOc
a6kD2YkfP6T0+nYQn5dtUEDbe9HJtaRoYg5OLm+y8yOu+SPIv1FSqRtTnwiL9keB
xurwVoqJTqzNilK/ILEKSF8m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org