Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/HzvIlIcREtAwHkJygwCjvwGkdus.roa
File: HzvIlIcREtAwHkJygwCjvwGkdus.roa (raw, json)
Hash identifier: Bdae0g7DnVAlpF8mszJxwHLokFQzBOEmTnqPKp2C5sQ=
Subject key identifier: 1F:3B:C8:94:87:11:12:D0:30:1E:42:72:83:00:A3:BF:01:A4:76:EB
Certificate issuer: /CN=fbb26952b1213f9cbd1d8c9671fb22357ad8d322
Certificate serial: 01856C01346E93A5D8308604F3402C9BEFE7
Authority key identifier: FB:B2:69:52:B1:21:3F:9C:BD:1D:8C:96:71:FB:22:35:7A:D8:D3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/HzvIlIcREtAwHkJygwCjvwGkdus.roa
Signing time: Sun 01 Jan 2023 06:24:56 +0000
ROA not before: Sun 01 Jan 2023 06:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201928
IP address blocks: 185.115.41.0/24 maxlen: 24
185.59.44.0/24 maxlen: 24
185.115.40.0/24 maxlen: 24
185.115.43.0/24 maxlen: 24
185.115.42.0/24 maxlen: 24
185.59.47.0/24 maxlen: 24
185.59.46.0/24 maxlen: 24
185.59.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:34:6e:93:a5:d8:30:86:04:f3:40:2c:9b:ef:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbb26952b1213f9cbd1d8c9671fb22357ad8d322
Validity
Not Before: Jan 1 06:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3bc894871112d0301e42728300a3bf01a476eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c7:99:49:01:af:bc:3a:0c:01:cc:0a:49:79:
82:49:72:17:db:98:13:98:46:d0:1f:8e:3a:e9:fe:
a7:2b:cb:08:52:28:75:15:31:b4:f0:3b:91:be:57:
c1:56:03:ca:be:15:7e:ae:e8:29:d8:2e:10:85:f8:
92:03:f7:3a:aa:d8:4b:6d:61:b4:ea:4b:54:65:12:
d3:fe:cc:b6:44:95:46:88:8a:d4:bf:42:32:07:ed:
b8:17:68:f6:dd:c4:54:7c:5e:aa:74:34:c1:bb:29:
37:16:a2:32:3e:bf:be:95:44:5f:fd:24:a4:30:7c:
c7:42:1b:f2:38:79:44:29:e4:cd:17:d9:47:68:5d:
b9:09:49:1d:6f:8c:41:82:17:e2:b1:9f:45:f1:2e:
4a:55:4a:96:f5:3e:58:93:fe:96:84:a0:d4:e0:de:
33:11:c6:29:4c:80:13:c2:2f:94:77:69:20:e0:97:
f3:42:1a:95:01:d9:b4:77:eb:84:38:3c:e7:a2:a2:
14:db:03:57:fb:a1:8d:50:c7:6c:43:05:56:14:a1:
88:a9:0f:94:12:83:6f:3c:d5:91:66:2f:e2:2f:a0:
87:bb:8a:61:74:4b:a3:f6:3f:1a:88:cf:a1:3d:25:
92:55:50:f0:f7:14:72:43:bd:55:93:bd:a8:49:27:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:C8:94:87:11:12:D0:30:1E:42:72:83:00:A3:BF:01:A4:76:EB
X509v3 Authority Key Identifier:
keyid:FB:B2:69:52:B1:21:3F:9C:BD:1D:8C:96:71:FB:22:35:7A:D8:D3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/HzvIlIcREtAwHkJygwCjvwGkdus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.44.0/22
185.115.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:31:ea:c4:d3:33:6f:8b:01:f8:a1:90:86:84:fe:19:08:8e:
b7:9d:cd:79:c3:18:f3:bb:16:70:c9:bf:92:2f:96:a7:f1:2e:
a0:92:71:d8:44:b1:ce:1a:b5:12:fd:65:a2:4d:e0:44:29:ce:
5d:b9:9a:f0:49:41:d8:f8:f6:63:fe:a4:9f:13:dc:9c:e0:6c:
84:5a:07:c1:a7:30:0d:10:b3:4f:e0:72:b3:cd:de:28:ea:cf:
44:d6:e7:5e:92:32:65:44:cb:29:dd:38:04:88:6c:17:f6:5b:
1f:26:c5:22:20:72:ab:b5:c1:b2:ff:09:bb:e9:c2:cc:f7:65:
a0:2a:be:02:4c:72:f7:2d:82:72:7e:37:88:d2:a8:fc:a1:b2:
d7:84:ae:c0:4e:80:79:92:de:62:ac:a9:ab:0f:5b:23:58:27:
5b:de:1d:12:8b:0f:09:62:c0:01:c7:e9:6b:de:fd:d8:1d:54:
07:1e:ca:df:07:4a:3c:20:0c:8e:e8:53:4e:9e:55:ea:cd:2f:
a2:07:1f:70:a4:e6:fb:5c:6f:65:ac:56:f6:16:7f:35:04:c3:
82:83:16:b9:59:25:57:9e:8d:2c:6e:12:8c:87:0b:05:f4:ce:
2b:a0:29:07:74:ae:d0:86:2b:09:74:d6:ed:03:aa:93:18:e7:
ca:19:cf:88
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsATRuk6XYMIYE80Asm+/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYjI2OTUyYjEyMTNmOWNiZDFkOGM5NjcxZmIyMjM1N2Fk
OGQzMjIwHhcNMjMwMTAxMDYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNiYzg5NDg3MTExMmQwMzAxZTQyNzI4MzAwYTNiZjAxYTQ3NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgseZSQGvvDoMAcwKSXmCSXIX25gT
mEbQH4466f6nK8sIUih1FTG08DuRvlfBVgPKvhV+rugp2C4QhfiSA/c6qthLbWG0
6ktUZRLT/sy2RJVGiIrUv0IyB+24F2j23cRUfF6qdDTBuyk3FqIyPr++lURf/SSk
MHzHQhvyOHlEKeTNF9lHaF25CUkdb4xBghfisZ9F8S5KVUqW9T5Yk/6WhKDU4N4z
EcYpTIATwi+Ud2kg4JfzQhqVAdm0d+uEODznoqIU2wNX+6GNUMdsQwVWFKGIqQ+U
EoNvPNWRZi/iL6CHu4phdEuj9j8aiM+hPSWSVVDw9xRyQ71Vk72oSSd1KQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB87yJSHERLQMB5CcoMAo78BpHbrMB8GA1UdIwQY
MBaAFPuyaVKxIT+cvR2MlnH7IjV62NMiMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03SnBVckVoUDV5OUhZeVdjZnNpTlhyWTB5SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvMjU5OThkLTRiN2EtNDJiMi1iNDZk
LWRkMjMyOTFmN2ExOS8xL0h6dklsSWNSRXRBd0hrSnlnd0NqdndHa2R1cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvMjU5OThkLTRiN2EtNDJiMi1iNDZkLWRkMjMyOTFmN2Ex
OS8xLzEtN0pwVXJFaFA1eTlIWXlXY2ZzaU5YclkweUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5OywD
BAK5cygwDQYJKoZIhvcNAQELBQADggEBAH0x6sTTM2+LAfihkIaE/hkIjredzXnD
GPO7FnDJv5IvlqfxLqCScdhEsc4atRL9ZaJN4EQpzl25mvBJQdj49mP+pJ8T3Jzg
bIRaB8GnMA0Qs0/gcrPN3ijqz0TW516SMmVEyyndOASIbBf2Wx8mxSIgcqu1wbL/
Cbvpwsz3ZaAqvgJMcvctgnJ+N4jSqPyhsteErsBOgHmS3mKsqasPWyNYJ1veHRKL
DwliwAHH6Wve/dgdVAceyt8HSjwgDI7oU06eVerNL6IHH3Ck5vtcb2WsVvYWfzUE
w4KDFrlZJVeejSxuEoyHCwX0ziugKQd0rtCGKwl01u0DqpMY58oZz4g=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:50 2024 by rpki-client on console.sobornost.net