Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c82215-e939-485d-82d7-d188c8085305/1/H79KFLSM4IknSFe2bkrKQBT1aEE.roa
File: H79KFLSM4IknSFe2bkrKQBT1aEE.roa (raw, json)
Hash identifier: bR4m2rcmC7rcgSZqq3hWirCJwX2abajl/1nWViT3xps=
Subject key identifier: 1F:BF:4A:14:B4:8C:E0:89:27:48:57:B6:6E:4A:CA:40:14:F5:68:41
Certificate issuer: /CN=7c5dfdb6e1d93c092823de96bdd7c88bbc36a1d1
Certificate serial: 01856F02298DCF77F97F7F4E7FEAE1724A42
Authority key identifier: 7C:5D:FD:B6:E1:D9:3C:09:28:23:DE:96:BD:D7:C8:8B:BC:36:A1:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fF39tuHZPAkoI96WvdfIi7w2odE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c82215-e939-485d-82d7-d188c8085305/1/H79KFLSM4IknSFe2bkrKQBT1aEE.roa
Signing time: Sun 01 Jan 2023 20:24:50 +0000
ROA not before: Sun 01 Jan 2023 20:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204576
IP address blocks: 185.246.90.0/24 maxlen: 24
185.246.89.0/24 maxlen: 24
185.246.88.0/22 maxlen: 22
185.246.88.0/24 maxlen: 24
185.246.91.0/24 maxlen: 24
2a10:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:29:8d:cf:77:f9:7f:7f:4e:7f:ea:e1:72:4a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c5dfdb6e1d93c092823de96bdd7c88bbc36a1d1
Validity
Not Before: Jan 1 20:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fbf4a14b48ce089274857b66e4aca4014f56841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d4:98:24:28:1d:ff:9d:36:85:cb:2e:1e:a4:
c3:be:ee:96:8d:41:41:50:6a:81:61:20:6b:95:fb:
81:e5:29:ef:da:81:ce:01:8f:04:34:8e:b5:2c:75:
2b:3f:d6:38:be:75:ea:ce:31:96:44:d8:1d:df:a1:
b7:67:2f:1d:03:bd:ea:28:85:bd:5b:fd:c4:1a:35:
9c:45:c9:55:a9:21:69:6d:d3:7d:4b:49:7e:c1:92:
8c:e7:af:20:01:81:83:d9:ff:66:b4:32:51:a3:83:
69:a9:1a:10:92:c2:2c:c5:0f:c7:7e:5a:de:98:22:
40:75:fe:ba:86:1d:44:d0:55:33:03:ce:94:71:10:
4f:bf:f7:ba:7b:51:39:e9:ee:c2:f6:1d:c4:f0:54:
6f:3b:19:cc:e1:80:fe:d9:f0:2b:0c:21:4a:9d:f7:
ac:72:7f:c0:4a:94:00:9c:2c:6b:17:1c:7f:e2:98:
76:8b:a2:5f:d9:0d:73:ea:25:7f:50:eb:20:e1:c7:
92:ee:e0:d6:2c:e7:97:39:66:56:b0:4d:f6:1c:2b:
4a:03:b8:71:5d:08:a7:b4:d0:88:1f:a6:ca:6f:14:
33:be:e5:17:3a:13:f7:10:22:c0:d8:57:25:f8:4d:
8a:57:a5:3a:36:e8:1b:25:dc:f2:c0:4d:d2:4e:bb:
19:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BF:4A:14:B4:8C:E0:89:27:48:57:B6:6E:4A:CA:40:14:F5:68:41
X509v3 Authority Key Identifier:
keyid:7C:5D:FD:B6:E1:D9:3C:09:28:23:DE:96:BD:D7:C8:8B:BC:36:A1:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fF39tuHZPAkoI96WvdfIi7w2odE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c82215-e939-485d-82d7-d188c8085305/1/H79KFLSM4IknSFe2bkrKQBT1aEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c82215-e939-485d-82d7-d188c8085305/1/fF39tuHZPAkoI96WvdfIi7w2odE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.88.0/22
IPv6:
2a10:2040::/29
Signature Algorithm: sha256WithRSAEncryption
5d:f8:58:12:9a:6f:70:b4:09:db:40:d9:03:8e:a3:e9:09:28:
43:27:06:b3:78:4b:5e:56:4a:98:62:68:88:a3:f5:18:5c:44:
46:aa:50:56:29:7d:f4:30:53:fe:61:31:66:f8:45:8b:1f:d7:
1d:48:17:31:7f:31:09:c7:7d:64:33:0b:48:55:00:bd:02:aa:
4f:f8:47:f0:6e:34:e8:28:02:48:b8:8f:0c:7e:4b:05:02:22:
f9:07:ed:6b:b3:4e:c9:18:6c:00:a6:34:85:94:58:d6:02:4d:
5a:d0:8f:e4:c7:c1:15:c8:58:5f:f7:85:42:c2:a7:27:30:0f:
a9:b0:1c:6b:91:7f:04:53:47:ec:d8:85:f1:e6:ca:49:ff:00:
66:c5:23:ab:36:1d:9d:50:61:11:a2:c9:2e:90:8d:fc:34:67:
18:db:fb:71:de:2e:32:39:df:04:b6:4e:e4:e0:32:0e:f4:36:
13:99:8d:95:05:30:5e:9c:7e:2b:08:75:71:8f:f8:7e:69:c3:
bd:68:3b:c0:10:34:c8:99:5d:c3:44:11:1f:74:2c:33:c4:db:
48:cf:4c:98:de:ef:97:24:86:4b:50:d5:f5:b1:6f:96:92:a8:
f6:ce:2c:20:97:0a:aa:b5:83:8e:dd:2d:4b:e4:cd:fc:1e:08:
94:25:a8:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAimNz3f5f39Of+rhckpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNWRmZGI2ZTFkOTNjMDkyODIzZGU5NmJkZDdjODhiYmMz
NmExZDEwHhcNMjMwMTAxMjAyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmJmNGExNGI0OGNlMDg5Mjc0ODU3YjY2ZTRhY2E0MDE0ZjU2ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtSYJCgd/502hcsuHqTDvu6WjUFB
UGqBYSBrlfuB5Snv2oHOAY8ENI61LHUrP9Y4vnXqzjGWRNgd36G3Zy8dA73qKIW9
W/3EGjWcRclVqSFpbdN9S0l+wZKM568gAYGD2f9mtDJRo4NpqRoQksIsxQ/Hflre
mCJAdf66hh1E0FUzA86UcRBPv/e6e1E56e7C9h3E8FRvOxnM4YD+2fArDCFKnfes
cn/ASpQAnCxrFxx/4ph2i6Jf2Q1z6iV/UOsg4ceS7uDWLOeXOWZWsE32HCtKA7hx
XQintNCIH6bKbxQzvuUXOhP3ECLA2Fcl+E2KV6U6NugbJdzywE3STrsZxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB+/ShS0jOCJJ0hXtm5KykAU9WhBMB8GA1UdIwQY
MBaAFHxd/bbh2TwJKCPelr3XyIu8NqHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkYzOXR1SFpQQWtvSTk2V3ZkZklpN3cyb2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jODIyMTUtZTkzOS00ODVkLTgyZDct
ZDE4OGM4MDg1MzA1LzEvSDc5S0ZMU000SWtuU0ZlMmJrcktRQlQxYUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jODIyMTUtZTkzOS00ODVkLTgyZDctZDE4OGM4MDg1MzA1
LzEvZkYzOXR1SFpQQWtvSTk2V3ZkZklpN3cyb2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufZYMA0E
AgACMAcDBQMqECBAMA0GCSqGSIb3DQEBCwUAA4IBAQBd+FgSmm9wtAnbQNkDjqPp
CShDJwazeEteVkqYYmiIo/UYXERGqlBWKX30MFP+YTFm+EWLH9cdSBcxfzEJx31k
MwtIVQC9AqpP+EfwbjToKAJIuI8MfksFAiL5B+1rs07JGGwApjSFlFjWAk1a0I/k
x8EVyFhf94VCwqcnMA+psBxrkX8EU0fs2IXx5spJ/wBmxSOrNh2dUGERoskukI38
NGcY2/tx3i4yOd8Etk7k4DIO9DYTmY2VBTBenH4rCHVxj/h+acO9aDvAEDTImV3D
RBEfdCwzxNtIz0yY3u+XJIZLUNX1sW+Wkqj2ziwglwqqtYOO3S1L5M38HgiUJagB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:29 2024 by rpki-client on console-ams.rpki-client.org