Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/HG7mW6eYOu0x97wx84oxWb3Thes.roa
File: HG7mW6eYOu0x97wx84oxWb3Thes.roa (raw, json)
Hash identifier: ZnvJZcYmSAbECNGXjp2wFn/RUcOTBWftCbNdUTrE3MQ=
Subject key identifier: 1C:6E:E6:5B:A7:98:3A:ED:31:F7:BC:31:F3:8A:31:59:BD:D3:85:EB
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0185719E93E4D84DA26C4476D7ACE630AF7D
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/HG7mW6eYOu0x97wx84oxWb3Thes.roa
Signing time: Mon 02 Jan 2023 08:34:55 +0000
ROA not before: Mon 02 Jan 2023 08:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34950
IP address blocks: 193.192.54.0/23 maxlen: 23
185.222.176.0/22 maxlen: 22
193.41.168.0/23 maxlen: 23
193.8.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:93:e4:d8:4d:a2:6c:44:76:d7:ac:e6:30:af:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 2 08:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c6ee65ba7983aed31f7bc31f38a3159bdd385eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:2b:b7:11:31:fb:12:85:f1:b5:a4:0a:02:
2e:9b:4a:82:bb:69:76:c8:32:3f:c6:c0:9e:af:44:
1d:bd:ed:38:d2:0e:a1:58:15:a2:71:01:cf:16:48:
1f:88:c7:fd:0b:5b:d5:0e:d5:fd:40:65:36:7b:1d:
8c:83:54:14:ae:0f:b2:c3:4f:44:5b:d0:a9:9e:28:
5c:51:19:22:82:07:84:40:fa:b3:ea:7d:77:d6:1b:
f2:e0:32:72:e5:b9:64:8c:17:07:3e:7f:1e:61:fd:
26:5b:dd:68:72:24:46:e8:f4:96:db:8f:22:f1:72:
1d:e7:5c:e1:b0:fa:9d:8f:db:be:65:38:d7:a9:22:
89:9d:01:9e:8a:16:b6:0f:e8:84:2c:a8:7e:93:49:
2b:58:81:47:7b:ca:91:8a:12:1a:ab:55:6c:57:d8:
29:ec:e6:a7:c8:bd:c8:dd:a4:c8:0c:0f:fa:fe:8c:
be:fd:3f:c9:bf:52:fd:30:46:47:ba:a3:31:96:bb:
be:67:10:d5:cb:13:68:e1:7a:76:47:d8:ca:0d:ed:
88:52:29:65:21:33:f4:d6:3e:4d:38:f7:ff:df:e2:
e8:0a:bb:fd:9c:20:ce:f8:fc:56:f7:c4:65:0a:15:
7e:b8:10:2a:f8:b2:7a:92:d9:37:bd:8c:42:63:9d:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6E:E6:5B:A7:98:3A:ED:31:F7:BC:31:F3:8A:31:59:BD:D3:85:EB
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/HG7mW6eYOu0x97wx84oxWb3Thes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.176.0/22
193.8.32.0/22
193.41.168.0/23
193.192.54.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:48:a7:0b:7f:d2:5b:06:8a:10:ef:6e:8e:55:af:81:1b:11:
b9:a2:03:96:c8:b5:09:8b:5b:ac:6c:81:60:8b:5c:ee:e5:b3:
44:4e:db:e3:4e:41:b8:49:06:56:f8:07:97:f3:5c:48:34:f0:
8a:68:9d:c8:ab:36:a4:3a:52:23:46:4f:f6:3a:bb:ab:dc:4c:
86:df:72:54:95:c1:0b:53:db:1f:cf:fb:1e:9a:65:ff:55:59:
a5:8f:de:5f:bd:7c:2c:84:60:ae:f9:0b:41:94:96:b9:f7:82:
51:77:6c:32:65:9a:fc:db:1d:11:d9:bb:c4:37:fa:fd:74:d3:
ec:60:34:b9:11:f3:40:c4:18:75:6d:72:cb:ac:d4:17:2b:5f:
15:aa:f4:cc:d2:76:a8:bf:39:df:15:4b:b2:78:dd:f9:81:64:
46:85:ba:e4:e9:f3:04:6a:f7:e7:1c:c3:3e:7c:14:41:44:08:
bb:3b:8a:68:1f:67:b3:86:ae:6e:36:ac:a3:0c:a7:34:50:7f:
86:d8:cd:b8:85:cf:bc:5a:a8:f6:cd:c4:37:9a:c4:95:30:f4:
02:38:d2:f7:34:35:02:95:6b:dc:70:bc:15:b1:c2:73:40:95:
0b:d4:e7:35:de:a0:2c:69:76:b6:ac:79:e4:bb:8c:4c:4a:df:
9e:04:50:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxnpPk2E2ibER216zmMK99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjMwMTAyMDgzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZlZTY1YmE3OTgzYWVkMzFmN2JjMzFmMzhhMzE1OWJkZDM4NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg0rtxEx+xKF8bWkCgIum0qCu2l2
yDI/xsCer0Qdve040g6hWBWicQHPFkgfiMf9C1vVDtX9QGU2ex2Mg1QUrg+yw09E
W9CpnihcURkiggeEQPqz6n131hvy4DJy5blkjBcHPn8eYf0mW91ociRG6PSW248i
8XId51zhsPqdj9u+ZTjXqSKJnQGeiha2D+iELKh+k0krWIFHe8qRihIaq1VsV9gp
7OanyL3I3aTIDA/6/oy+/T/Jv1L9MEZHuqMxlru+ZxDVyxNo4Xp2R9jKDe2IUill
ITP01j5NOPf/3+LoCrv9nCDO+PxW98RlChV+uBAq+LJ6ktk3vYxCY52qqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBxu5lunmDrtMfe8MfOKMVm904XrMB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvSEc3bVc2ZVlPdTB4OTd3eDg0b3hXYjNUaGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCud6wAwQC
wQggAwQBwSmoAwQBwcA2MA0GCSqGSIb3DQEBCwUAA4IBAQC/SKcLf9JbBooQ726O
Va+BGxG5ogOWyLUJi1usbIFgi1zu5bNETtvjTkG4SQZW+AeX81xINPCKaJ3Iqzak
OlIjRk/2Orur3EyG33JUlcELU9sfz/semmX/VVmlj95fvXwshGCu+QtBlJa594JR
d2wyZZr82x0R2bvEN/r9dNPsYDS5EfNAxBh1bXLLrNQXK18VqvTM0naovznfFUuy
eN35gWRGhbrk6fMEavfnHMM+fBRBRAi7O4poH2ezhq5uNqyjDKc0UH+G2M24hc+8
Wqj2zcQ3msSVMPQCONL3NDUClWvccLwVscJzQJUL1Oc13qAsaXa2rHnku4xMSt+e
BFA8
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:11:06 2024 by rpki-client on console.sobornost.net