Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/HPpBcn9dLA3VrN-xZprSLlKxLws.roa
File: HPpBcn9dLA3VrN-xZprSLlKxLws.roa (raw, json)
Hash identifier: IveuoV4VwLdsWJdlbwvfFRovGTT9i30Otm6H9ccVeaw=
Subject key identifier: 1C:FA:41:72:7F:5D:2C:0D:D5:AC:DF:B1:66:9A:D2:2E:52:B1:2F:0B
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 01859872318D1B2F8B90AA1061AF60EA9CF9
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/HPpBcn9dLA3VrN-xZprSLlKxLws.roa
Signing time: Mon 09 Jan 2023 21:31:38 +0000
ROA not before: Mon 09 Jan 2023 21:31:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 212.68.172.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:98:72:31:8d:1b:2f:8b:90:aa:10:61:af:60:ea:9c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jan 9 21:31:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cfa41727f5d2c0dd5acdfb1669ad22e52b12f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:af:63:cc:b1:62:d1:a5:6e:5c:80:59:57:
ff:aa:cc:1e:f1:c6:81:c5:ae:f8:19:a8:aa:fe:3e:
00:52:c7:12:b3:06:08:d6:21:ad:88:a1:5e:bb:6c:
f3:45:ff:42:29:6b:17:3e:a9:c9:0f:4f:fc:81:37:
da:3e:74:39:49:1c:ce:44:d8:63:8f:ee:1b:01:aa:
53:a3:14:ab:9e:ca:67:ac:95:bb:21:61:f4:66:c1:
1e:de:bc:7d:8d:b8:05:16:33:99:f9:ae:25:4d:2c:
2b:dc:37:aa:0d:dd:1b:14:76:be:c8:34:78:34:0b:
70:56:3d:a2:7f:64:e5:7e:57:5a:27:16:84:d3:77:
e9:01:1f:65:4f:11:04:67:ce:95:78:c6:21:52:40:
96:80:fd:fe:96:e8:ca:4f:90:56:1a:10:50:eb:2f:
dc:c5:d3:56:57:f8:06:0e:a4:30:94:0d:d3:a0:95:
f8:bf:37:d5:dd:e3:3c:90:4f:c6:c1:57:00:06:0e:
c2:fd:87:c6:3e:3d:43:d5:de:26:82:f5:59:7a:18:
91:88:c7:8d:7d:82:6f:5a:93:cc:f4:71:81:2a:0b:
a3:b9:82:3b:a7:7d:00:f4:98:89:2c:f8:9a:92:9c:
76:94:d5:a7:67:96:59:df:f0:88:07:eb:c9:6f:01:
fc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FA:41:72:7F:5D:2C:0D:D5:AC:DF:B1:66:9A:D2:2E:52:B1:2F:0B
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/HPpBcn9dLA3VrN-xZprSLlKxLws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.172.0/22
212.68.180.0-212.68.187.255
Signature Algorithm: sha256WithRSAEncryption
9a:8e:b2:d3:6c:a5:d2:f8:07:c8:61:d8:71:8c:db:68:a3:bf:
0d:ec:a2:50:36:a0:5b:f0:2e:a1:61:8e:d6:3e:ba:6a:62:a0:
72:43:fd:2d:61:5a:82:59:42:13:3c:de:21:62:1d:43:19:a5:
0b:44:19:cf:ed:56:3b:56:8d:f0:15:aa:da:0e:14:86:af:7a:
ef:60:60:ae:49:65:93:7a:17:10:b4:b2:de:66:f7:43:87:c9:
af:59:20:49:ef:61:bb:3c:9c:7a:1d:41:88:dc:dc:ea:ae:61:
3c:5d:fb:e4:65:e2:19:41:75:a4:91:fa:bb:a2:57:ef:eb:f3:
6c:22:bc:78:e3:78:8d:f8:54:e8:2e:c2:33:c0:7e:fc:eb:84:
86:b6:3d:37:4d:70:16:98:e5:ea:da:79:14:5a:8d:a7:38:b0:
76:4f:fb:b3:13:0a:f4:91:00:fe:83:d8:77:36:34:56:5e:41:
5b:15:68:0c:ee:3a:c2:8f:97:db:71:24:5c:80:23:02:4f:85:
ec:3d:ed:d2:39:1c:c1:37:2d:10:17:c8:f4:3f:f9:10:c2:92:
df:1b:d3:c4:01:58:f4:ab:b5:ce:7a:43:38:b6:55:42:22:c4:
ba:5d:a4:90:a9:14:fd:4a:b7:67:cd:5b:37:ec:f6:81:e2:d5:
9b:f3:12:33
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYWYcjGNGy+LkKoQYa9g6pz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMwMTA5MjEzMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZhNDE3MjdmNWQyYzBkZDVhY2RmYjE2NjlhZDIyZTUyYjEyZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2mvY8yxYtGlblyAWVf/qswe8caB
xa74Gaiq/j4AUscSswYI1iGtiKFeu2zzRf9CKWsXPqnJD0/8gTfaPnQ5SRzORNhj
j+4bAapToxSrnspnrJW7IWH0ZsEe3rx9jbgFFjOZ+a4lTSwr3DeqDd0bFHa+yDR4
NAtwVj2if2TlfldaJxaE03fpAR9lTxEEZ86VeMYhUkCWgP3+lujKT5BWGhBQ6y/c
xdNWV/gGDqQwlA3ToJX4vzfV3eM8kE/GwVcABg7C/YfGPj1D1d4mgvVZehiRiMeN
fYJvWpPM9HGBKgujuYI7p30A9JiJLPiakpx2lNWnZ5ZZ3/CIB+vJbwH8EwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBz6QXJ/XSwN1azfsWaa0i5SsS8LMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvSFBwQmNuOWRMQTNWck4teFpwclNMbEt4THdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1ESsMAwD
BALURLQDBALURLgwDQYJKoZIhvcNAQELBQADggEBAJqOstNspdL4B8hh2HGM22ij
vw3solA2oFvwLqFhjtY+umpioHJD/S1hWoJZQhM83iFiHUMZpQtEGc/tVjtWjfAV
qtoOFIaveu9gYK5JZZN6FxC0st5m90OHya9ZIEnvYbs8nHodQYjc3OquYTxd++Rl
4hlBdaSR+ruiV+/r82wivHjjeI34VOguwjPAfvzrhIa2PTdNcBaY5eraeRRajac4
sHZP+7MTCvSRAP6D2Hc2NFZeQVsVaAzuOsKPl9txJFyAIwJPhew97dI5HME3LRAX
yPQ/+RDCkt8b08QBWPSrtc56Qzi2VUIixLpdpJCpFP1Kt2fNWzfs9oHi1ZvzEjM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:19 2023 by rpki-client on console.sobornost.net