Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/4HMY34L6r0leBY5gqcBB4PhpnSE.roa
File: 4HMY34L6r0leBY5gqcBB4PhpnSE.roa (raw, json)
Hash identifier: VTCwZ0gjRb/Iu3+PI6xySDnjOsduDqa9V25qGiysIAs=
Subject key identifier: E0:73:18:DF:82:FA:AF:49:5E:05:8E:60:A9:C0:41:E0:F8:69:9D:21
Certificate issuer: /CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Certificate serial: 018572F139835CC284B356C1EFCB26DF82E9
Authority key identifier: 90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/4HMY34L6r0leBY5gqcBB4PhpnSE.roa
Signing time: Mon 02 Jan 2023 14:44:49 +0000
ROA not before: Mon 02 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207936
IP address blocks: 194.124.234.0/23 maxlen: 24
2a0f:3cc0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:39:83:5c:c2:84:b3:56:c1:ef:cb:26:df:82:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Validity
Not Before: Jan 2 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e07318df82faaf495e058e60a9c041e0f8699d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:13:d2:0a:98:cc:80:38:6e:17:41:32:f4:
68:2c:78:12:f0:cd:d2:0c:20:55:38:8f:5d:8b:86:
16:69:41:c6:2a:f8:4c:90:74:b8:3b:2f:1d:3e:b5:
d2:7a:2f:d6:14:92:6b:49:03:f5:ce:df:42:97:5a:
81:38:db:62:54:c3:11:10:a0:dd:31:64:7f:75:f1:
c1:8a:a9:a3:59:53:77:77:61:02:88:41:df:64:4f:
27:c8:53:17:03:4a:1f:52:53:cd:7c:c7:0c:7e:75:
5a:c9:91:bc:9d:bb:e3:26:23:97:6c:a8:c0:fb:10:
f7:f7:4c:19:fc:75:fa:9a:72:f7:95:2a:ef:51:84:
33:de:23:6d:aa:09:a2:70:6e:93:e5:ba:1b:79:0e:
14:cc:b0:7b:61:4d:aa:f4:e6:c1:be:3e:20:19:16:
2c:60:ce:bf:82:58:32:12:43:82:51:65:b8:51:3d:
77:c3:f1:c9:d7:6a:05:c4:89:cf:a2:5e:04:a7:4e:
65:b9:5a:61:21:44:f6:43:3f:3e:03:d0:86:99:84:
b4:32:32:3b:7d:32:39:64:f6:2b:5e:44:17:f0:e8:
5c:e4:2e:f5:9c:a9:e2:39:c4:0e:e3:ef:d9:48:2c:
e5:6f:2d:28:61:bf:f8:5e:7b:7a:df:5c:5e:29:d9:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:73:18:DF:82:FA:AF:49:5E:05:8E:60:A9:C0:41:E0:F8:69:9D:21
X509v3 Authority Key Identifier:
keyid:90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/4HMY34L6r0leBY5gqcBB4PhpnSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/kELoOXbjX-KaAdPEOpvFlks3tEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/23
IPv6:
2a0f:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
73:92:6b:a4:de:f1:7b:8d:32:88:8e:d3:0a:a4:d7:c8:4d:21:
df:39:e7:fd:b0:00:0c:45:4c:9d:a4:57:db:85:35:eb:74:01:
b0:e4:8e:8a:94:ac:c8:aa:d5:c6:01:ff:12:c3:38:87:c5:5c:
12:4c:6a:92:37:6c:7c:28:c8:fc:83:7f:18:4b:c4:94:8b:4e:
81:10:a7:73:72:b1:5f:c4:b3:9e:f7:9d:61:8b:5a:47:11:10:
33:03:82:9b:5b:16:3d:7e:2d:a8:ef:dc:13:73:dc:36:38:17:
a9:8c:1b:1f:06:ab:71:26:bd:a3:c2:d0:a8:ab:51:6d:ef:c7:
97:82:4f:be:36:b8:ec:61:4d:97:8b:31:3f:3f:d0:21:58:af:
28:ea:1a:fa:ec:b0:4c:7c:15:30:90:36:ea:a3:5e:cf:56:a3:
40:45:c8:56:cb:01:0f:e9:3b:03:56:5b:4a:76:ab:95:02:a6:
a6:3b:99:b0:cd:63:75:53:12:8a:b3:b2:ea:45:a5:66:9e:5d:
45:43:e3:28:b6:b8:f6:d1:8f:57:c6:34:e5:07:ae:19:fd:ff:
0c:13:35:6a:e4:25:5c:b6:54:ed:e0:55:ce:0e:b0:64:b5:9a:
f6:7d:37:2c:2f:1b:14:1a:51:29:5c:17:12:c7:6b:5c:ca:7f:
17:16:87:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy8TmDXMKEs1bB78sm34LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDJlODM5NzZlMzVmZTI5YTAxZDNjNDNhOWJjNTk2NGIz
N2I0NDMwHhcNMjMwMTAyMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDczMThkZjgyZmFhZjQ5NWUwNThlNjBhOWMwNDFlMGY4Njk5ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyYT0gqYzIA4bhdBMvRoLHgS8M3S
DCBVOI9di4YWaUHGKvhMkHS4Oy8dPrXSei/WFJJrSQP1zt9Cl1qBONtiVMMREKDd
MWR/dfHBiqmjWVN3d2ECiEHfZE8nyFMXA0ofUlPNfMcMfnVayZG8nbvjJiOXbKjA
+xD390wZ/HX6mnL3lSrvUYQz3iNtqgmicG6T5bobeQ4UzLB7YU2q9ObBvj4gGRYs
YM6/glgyEkOCUWW4UT13w/HJ12oFxInPol4Ep05luVphIUT2Qz8+A9CGmYS0MjI7
fTI5ZPYrXkQX8Ohc5C71nKniOcQO4+/ZSCzlby0oYb/4Xnt631xeKdl0mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOBzGN+C+q9JXgWOYKnAQeD4aZ0hMB8GA1UdIwQY
MBaAFJBC6Dl241/imgHTxDqbxZZLN7RDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VMb09YYmpYLUthQWRQRU9wdkZsa3MzdEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hODdiNmUtZDg0Mi00YzBjLTg4MWIt
MjEwOTQwZGExNzdiLzEvNEhNWTM0TDZyMGxlQlk1Z3FjQkI0UGhwblNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hODdiNmUtZDg0Mi00YzBjLTg4MWItMjEwOTQwZGExNzdi
LzEva0VMb09YYmpYLUthQWRQRU9wdkZsa3MzdEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwnzqMA0E
AgACMAcDBQMqDzzAMA0GCSqGSIb3DQEBCwUAA4IBAQBzkmuk3vF7jTKIjtMKpNfI
TSHfOef9sAAMRUydpFfbhTXrdAGw5I6KlKzIqtXGAf8SwziHxVwSTGqSN2x8KMj8
g38YS8SUi06BEKdzcrFfxLOe951hi1pHERAzA4KbWxY9fi2o79wTc9w2OBepjBsf
BqtxJr2jwtCoq1Ft78eXgk++NrjsYU2XizE/P9AhWK8o6hr67LBMfBUwkDbqo17P
VqNARchWywEP6TsDVltKdquVAqamO5mwzWN1UxKKs7LqRaVmnl1FQ+Motrj20Y9X
xjTlB64Z/f8MEzVq5CVctlTt4FXODrBktZr2fTcsLxsUGlEpXBcSx2tcyn8XFodU
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:01 2024 by rpki-client on console.sobornost.net