
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/Hd9g_fslfzGcrnXmdvMRbgKw42k.roa
File: Hd9g_fslfzGcrnXmdvMRbgKw42k.roa (raw, json)
Hash identifier: BIvps3s7h7Ut2VDVzXyW40zQav+NPTgrAb0ED6C5+SU=
Subject key identifier: 1D:DF:60:FD:FB:25:7F:31:9C:AE:75:E6:76:F3:11:6E:02:B0:E3:69
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 01856D5D27C3B4AF5246AD535CB8E53C1F24
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/Hd9g_fslfzGcrnXmdvMRbgKw42k.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62250
IP address blocks: 185.119.165.0/24 maxlen: 24
185.119.164.0/22 maxlen: 22
185.119.166.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
185.119.167.0/24 maxlen: 24
185.119.166.0/23 maxlen: 23
185.110.252.0/22 maxlen: 22
185.110.253.0/24 maxlen: 24
185.110.252.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.152.0/22 maxlen: 22
185.110.255.0/24 maxlen: 24
185.118.152.0/24 maxlen: 24
185.118.153.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.118.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:27:c3:b4:af:52:46:ad:53:5c:b8:e5:3c:1f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ddf60fdfb257f319cae75e676f3116e02b0e369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:94:49:d5:50:9f:b1:13:ff:fd:ce:b3:6c:72:
0b:16:16:2b:a1:92:84:1b:86:18:5b:8f:9f:20:4d:
38:e9:44:a7:e3:87:b2:5a:74:0e:70:af:01:e4:8f:
09:fb:81:72:86:2b:26:f5:ea:55:b0:7f:59:c8:27:
0d:d4:de:25:c9:d5:4d:77:f4:80:2b:08:bc:3b:9b:
df:f0:c2:0a:8c:88:af:0f:ed:ca:ef:82:7c:64:fd:
96:16:9c:ef:78:95:e3:1b:fa:72:83:a0:ec:83:20:
2f:29:1d:c3:b2:bd:b0:8a:19:ec:de:71:26:95:4b:
21:8e:f9:08:16:96:0b:2f:b0:db:fb:1b:fb:de:8a:
2c:db:9d:1d:a2:b2:c4:23:38:93:c5:e4:e5:a1:95:
a7:eb:3a:ef:3b:b8:9d:4e:6a:eb:28:38:53:3f:b3:
46:14:ae:2f:ef:56:90:d6:54:5a:f1:79:e1:01:50:
4f:64:fe:80:3f:47:23:a6:f5:97:39:fa:b3:b0:56:
7d:4f:7b:9a:48:59:45:a8:73:b2:b5:34:79:88:af:
de:bc:b2:b7:1f:88:8f:f0:25:81:b9:2e:dc:43:a7:
50:ea:6c:eb:29:0d:af:9f:a6:92:60:e6:4c:0b:d2:
42:50:87:4f:45:cc:9b:3c:be:4c:fd:45:5f:54:f6:
4c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DF:60:FD:FB:25:7F:31:9C:AE:75:E6:76:F3:11:6E:02:B0:E3:69
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/Hd9g_fslfzGcrnXmdvMRbgKw42k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.252.0/22
185.118.152.0/22
185.119.164.0/22
Signature Algorithm: sha256WithRSAEncryption
40:8c:5f:e9:59:6c:48:e6:54:05:b3:c5:9f:44:94:d2:fc:34:
de:d8:c9:51:20:b4:4b:bd:7a:4f:06:a8:f3:a1:3b:b2:58:2f:
36:e3:d1:c1:b4:f7:ed:49:f0:58:04:58:d2:40:58:6f:79:88:
2d:3e:d8:f7:9e:77:2b:21:fb:c3:ea:e0:f2:2c:0c:f1:75:f5:
74:ec:93:eb:59:bc:6f:47:ef:c9:da:8b:d9:97:3e:ef:68:c2:
dd:5d:7e:a1:56:8c:50:9c:65:03:4f:d4:d0:d8:88:be:83:ca:
e2:9e:e3:e3:82:71:4b:59:31:b9:cf:cc:64:84:f7:c1:4a:d6:
c5:62:6b:18:a0:23:42:55:50:d6:8b:e9:dd:72:da:e8:6c:75:
be:92:30:bc:39:eb:16:d4:40:0b:da:15:f2:6a:3d:bb:c5:d3:
a8:49:7c:f0:06:e1:eb:51:1c:07:7f:2b:9e:70:b2:9b:05:de:
d1:91:bb:55:76:95:d7:24:3d:a5:ae:ad:22:c2:22:ea:c6:e8:
3e:b8:f5:50:65:63:dd:93:58:02:37:eb:0b:7a:24:89:cf:03:
64:3e:00:67:db:8f:f8:06:7c:d1:ee:0d:a3:f8:a6:53:22:a6:
b1:dd:20:60:12:74:29:62:8d:ab:17:ad:7d:60:f3:55:30:04:
18:15:9b:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtXSfDtK9SRq1TXLjlPB8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRmNjBmZGZiMjU3ZjMxOWNhZTc1ZTY3NmYzMTE2ZTAyYjBlMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJRJ1VCfsRP//c6zbHILFhYroZKE
G4YYW4+fIE046USn44eyWnQOcK8B5I8J+4Fyhism9epVsH9ZyCcN1N4lydVNd/SA
Kwi8O5vf8MIKjIivD+3K74J8ZP2WFpzveJXjG/pyg6DsgyAvKR3Dsr2wihns3nEm
lUshjvkIFpYLL7Db+xv73oos250dorLEIziTxeTloZWn6zrvO7idTmrrKDhTP7NG
FK4v71aQ1lRa8XnhAVBPZP6AP0cjpvWXOfqzsFZ9T3uaSFlFqHOytTR5iK/evLK3
H4iP8CWBuS7cQ6dQ6mzrKQ2vn6aSYOZMC9JCUIdPRcybPL5M/UVfVPZMFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB3fYP37JX8xnK515nbzEW4CsONpMB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvSGQ5Z19mc2xmekdjcm5YbWR2TVJiZ0t3NDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuW78AwQC
uXaYAwQCuXekMA0GCSqGSIb3DQEBCwUAA4IBAQBAjF/pWWxI5lQFs8WfRJTS/DTe
2MlRILRLvXpPBqjzoTuyWC8249HBtPftSfBYBFjSQFhveYgtPtj3nncrIfvD6uDy
LAzxdfV07JPrWbxvR+/J2ovZlz7vaMLdXX6hVoxQnGUDT9TQ2Ii+g8rinuPjgnFL
WTG5z8xkhPfBStbFYmsYoCNCVVDWi+ndctrobHW+kjC8OesW1EAL2hXyaj27xdOo
SXzwBuHrURwHfyuecLKbBd7RkbtVdpXXJD2lrq0iwiLqxug+uPVQZWPdk1gCN+sL
eiSJzwNkPgBn24/4BnzR7g2j+KZTIqax3SBgEnQpYo2rF619YPNVMAQYFZvr
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:06 2024 by rpki-client on console.sobornost.net