Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/HwJVA-kZ2wRbwH_7LV_7Oy9speU.roa
File: HwJVA-kZ2wRbwH_7LV_7Oy9speU.roa (raw, json)
Hash identifier: Fqq2ezUBCOkib1+c06HdQ67iagW1iEoOTcn8H1PBx0E=
Subject key identifier: 1F:02:55:03:E9:19:DB:04:5B:C0:7F:FB:2D:5F:FB:3B:2F:6C:A5:E5
Certificate issuer: /CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Certificate serial: 01856D540500B1B2A76B1C5A6B5ED07D0F33
Authority key identifier: E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/HwJVA-kZ2wRbwH_7LV_7Oy9speU.roa
Signing time: Sun 01 Jan 2023 12:35:00 +0000
ROA not before: Sun 01 Jan 2023 12:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 185.222.233.0/24 maxlen: 24
185.222.232.0/22 maxlen: 22
185.222.234.0/24 maxlen: 24
2a0d:800::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:05:00:b1:b2:a7:6b:1c:5a:6b:5e:d0:7d:0f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Validity
Not Before: Jan 1 12:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f025503e919db045bc07ffb2d5ffb3b2f6ca5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:49:65:a7:0c:d1:95:54:34:40:03:83:fe:
45:26:cf:ce:8d:cf:0e:56:cb:17:0c:73:ee:81:9e:
85:4c:04:fe:70:dc:b2:a1:6f:38:66:df:26:c0:fa:
26:e6:aa:ba:01:01:b4:63:c2:cc:00:a0:26:3c:d4:
fb:0c:e5:3a:9a:22:72:53:80:58:c3:9b:87:43:06:
89:f6:aa:a7:18:d6:79:14:5f:19:1d:09:ed:80:06:
c7:a8:db:0a:74:e0:1c:b5:03:5f:ef:97:49:96:08:
67:f4:a6:06:1d:2c:57:b3:d4:9d:31:bd:ae:15:a0:
6c:4c:f3:e9:77:ad:be:42:e8:92:fd:85:70:fa:ad:
34:45:8d:0e:a1:53:56:79:6a:af:18:31:ea:aa:eb:
90:a4:e0:ba:fb:b8:e7:70:ee:0c:1d:bb:6d:b6:cd:
51:79:c7:a5:d2:62:0f:fa:79:76:20:c4:1b:54:e2:
2f:fc:20:56:75:d8:44:5f:50:2f:3b:fa:15:ab:ee:
5d:d4:c3:80:6d:73:27:98:a0:79:07:19:37:92:65:
f4:a8:6b:53:57:e9:fd:f9:08:ce:2a:dc:b2:a8:3b:
51:c5:3f:52:0c:15:a3:b9:74:d3:53:2e:98:18:4c:
b6:f3:07:2f:91:01:df:8d:0f:57:6a:cb:96:99:d8:
17:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:02:55:03:E9:19:DB:04:5B:C0:7F:FB:2D:5F:FB:3B:2F:6C:A5:E5
X509v3 Authority Key Identifier:
keyid:E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/HwJVA-kZ2wRbwH_7LV_7Oy9speU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.232.0/22
IPv6:
2a0d:800::/29
Signature Algorithm: sha256WithRSAEncryption
e6:32:4d:f9:e9:eb:05:7c:f8:af:fd:ad:6d:86:7e:ca:fd:19:
80:8d:3b:44:da:65:3c:b3:cc:5e:45:67:54:84:18:80:e0:7a:
66:f8:17:61:c9:91:2e:1a:4e:8f:d6:02:85:fd:c0:8b:7b:a9:
96:97:a7:9f:5d:72:52:4e:2a:fa:a8:05:b1:2d:c2:e2:df:46:
e8:f7:6f:8a:f0:63:96:32:56:9a:6a:72:39:b1:8c:6b:1a:f8:
e6:d3:40:c5:08:62:e9:dc:44:c3:6d:fe:e2:08:97:43:af:88:
c1:af:9f:31:10:d1:ab:64:ea:c2:67:17:27:b9:9b:fc:91:6d:
7a:97:0b:d3:62:aa:10:68:9d:e6:b2:88:99:6e:5a:17:3a:00:
86:8c:59:9d:03:31:15:6e:fe:51:65:3f:91:aa:70:09:ab:84:
c0:e3:4d:45:43:08:5e:4e:6b:80:f0:97:82:9b:5a:91:6e:ea:
d3:2f:6f:97:18:40:4a:9e:ab:a4:af:b0:90:a0:7e:63:fd:98:
cb:cd:fe:3c:99:56:94:13:46:d9:a7:61:01:1e:6a:bd:f0:71:
6b:04:73:4c:32:cf:41:31:55:ec:d0:4a:3e:b4:8e:28:c9:35:
a5:73:a4:40:2b:42:08:e4:89:52:15:78:7a:a5:4c:c8:2f:75:
75:a9:d0:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAUAsbKnaxxaa17QfQ8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzEzNzEwNmMxYTQ2YWVhMDdjMjRiMTE3MjlmZDdkMjE2
YTI0ZjUwHhcNMjMwMTAxMTIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAyNTUwM2U5MTlkYjA0NWJjMDdmZmIyZDVmZmIzYjJmNmNhNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwORJZacM0ZVUNEADg/5FJs/Ojc8O
VssXDHPugZ6FTAT+cNyyoW84Zt8mwPom5qq6AQG0Y8LMAKAmPNT7DOU6miJyU4BY
w5uHQwaJ9qqnGNZ5FF8ZHQntgAbHqNsKdOActQNf75dJlghn9KYGHSxXs9SdMb2u
FaBsTPPpd62+QuiS/YVw+q00RY0OoVNWeWqvGDHqquuQpOC6+7jncO4MHbttts1R
ecel0mIP+nl2IMQbVOIv/CBWddhEX1AvO/oVq+5d1MOAbXMnmKB5Bxk3kmX0qGtT
V+n9+QjOKtyyqDtRxT9SDBWjuXTTUy6YGEy28wcvkQHfjQ9XasuWmdgX/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8CVQPpGdsEW8B/+y1f+zsvbKXlMB8GA1UdIwQY
MBaAFOLBNxBsGkauoHwksRcp/X0haiT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODIt
OWNhZjI1YTQ5OWQ3LzEvSHdKVkEta1oyd1Jid0hfN0xWXzdPeTlzcGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODItOWNhZjI1YTQ5OWQ3
LzEvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud7oMA0E
AgACMAcDBQMqDQgAMA0GCSqGSIb3DQEBCwUAA4IBAQDmMk356esFfPiv/a1thn7K
/RmAjTtE2mU8s8xeRWdUhBiA4Hpm+BdhyZEuGk6P1gKF/cCLe6mWl6efXXJSTir6
qAWxLcLi30bo92+K8GOWMlaaanI5sYxrGvjm00DFCGLp3ETDbf7iCJdDr4jBr58x
ENGrZOrCZxcnuZv8kW16lwvTYqoQaJ3msoiZbloXOgCGjFmdAzEVbv5RZT+RqnAJ
q4TA401FQwheTmuA8JeCm1qRburTL2+XGEBKnqukr7CQoH5j/ZjLzf48mVaUE0bZ
p2EBHmq98HFrBHNMMs9BMVXs0Eo+tI4oyTWlc6RAK0II5IlSFXh6pUzIL3V1qdDG
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:01 2024 by rpki-client on console.sobornost.net