Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/hyjSItD-ceMtZdFct8PJNAdw9O8.roa
File: hyjSItD-ceMtZdFct8PJNAdw9O8.roa (raw, json)
Hash identifier: lGTYfqtPus4uAcQv43y61F1GCHI2ZJK03lDqXBwinu4=
Subject key identifier: 87:28:D2:22:D0:FE:71:E3:2D:65:D1:5C:B7:C3:C9:34:07:70:F4:EF
Certificate issuer: /CN=28dc81ea389dd6aac4efbc34d52d778eba7a7fc4
Certificate serial: 01856E38EDD70A1E425F8BC1F06DD25B084E
Authority key identifier: 28:DC:81:EA:38:9D:D6:AA:C4:EF:BC:34:D5:2D:77:8E:BA:7A:7F:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNyB6jid1qrE77w01S13jrp6f8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/hyjSItD-ceMtZdFct8PJNAdw9O8.roa
Signing time: Sun 01 Jan 2023 16:45:02 +0000
ROA not before: Sun 01 Jan 2023 16:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61013
IP address blocks: 45.143.40.0/22 maxlen: 24
194.53.160.0/22 maxlen: 24
194.53.164.0/23 maxlen: 24
2001:67c:2828::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:ed:d7:0a:1e:42:5f:8b:c1:f0:6d:d2:5b:08:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28dc81ea389dd6aac4efbc34d52d778eba7a7fc4
Validity
Not Before: Jan 1 16:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8728d222d0fe71e32d65d15cb7c3c9340770f4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0a:26:eb:e9:39:68:e7:c3:24:a9:b6:53:df:
ec:a3:8b:40:92:97:b2:26:2b:a0:35:dc:94:ca:d0:
40:2a:6f:84:d4:30:5c:43:b8:0f:fd:01:9b:a9:62:
e9:e5:fa:4e:57:59:fb:af:5c:c6:71:d3:5c:a6:67:
8b:9a:b5:97:ad:14:3f:57:30:2c:32:61:c9:b4:80:
da:92:59:9b:91:fe:26:ba:d7:08:6e:47:7c:dd:4e:
1c:2a:c2:9c:0a:d8:fe:a7:13:2e:13:86:86:10:90:
f3:e7:57:8c:0e:4e:7a:45:dc:c6:b2:92:a0:cf:06:
7c:8b:e5:c0:1e:87:9a:59:a7:0d:b0:90:48:7b:ce:
30:c3:17:2f:f7:6c:b7:b4:b2:72:6a:1d:48:6f:ef:
c4:40:65:a2:8d:e6:35:15:1d:0e:e5:26:38:c3:f2:
2a:c2:28:8c:d8:66:93:5b:89:78:69:ff:29:83:ba:
f8:16:46:60:48:b6:d3:22:04:1f:3a:c2:79:1b:13:
c1:13:bb:fc:3e:47:bd:ce:57:0b:6b:f6:29:d9:78:
b0:5d:09:f9:c2:a9:21:a5:50:f8:ef:c2:8f:66:82:
53:07:1e:dd:97:8d:c3:bb:12:00:f0:fd:31:ec:fb:
f7:30:e8:f1:e1:2e:7a:d5:69:fa:24:cf:4d:f4:73:
a6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:D2:22:D0:FE:71:E3:2D:65:D1:5C:B7:C3:C9:34:07:70:F4:EF
X509v3 Authority Key Identifier:
keyid:28:DC:81:EA:38:9D:D6:AA:C4:EF:BC:34:D5:2D:77:8E:BA:7A:7F:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNyB6jid1qrE77w01S13jrp6f8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/hyjSItD-ceMtZdFct8PJNAdw9O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/KNyB6jid1qrE77w01S13jrp6f8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.40.0/22
194.53.160.0-194.53.165.255
IPv6:
2001:67c:2828::/48
Signature Algorithm: sha256WithRSAEncryption
08:c9:a6:5b:d9:ac:22:1f:72:55:29:94:6a:39:ec:09:c7:fe:
5b:f0:9a:2a:36:58:99:87:23:ae:77:83:2d:2b:3c:67:3c:73:
43:b7:c4:db:9f:42:6f:f1:c4:a0:18:56:6b:f6:2a:ed:a2:e0:
79:29:5f:a9:0e:96:7b:37:88:18:5f:b2:70:44:0c:0b:1e:28:
3f:98:3f:1f:02:c9:06:59:3d:d7:2d:41:8c:0c:82:d0:0f:3f:
59:df:40:ed:bc:17:eb:42:dc:ae:96:89:52:45:9b:96:66:53:
a5:f2:6b:01:c3:1e:73:41:6a:4d:6c:d3:59:af:66:d1:7c:2f:
8c:98:07:12:60:64:d9:cf:f9:c6:a5:bc:f7:2b:51:21:ff:e8:
37:92:62:ae:35:a7:8c:f9:35:12:f9:94:1a:5f:0a:9f:08:c8:
79:ad:a2:f5:45:5c:39:ae:0f:15:82:d4:68:b0:a2:92:83:a8:
31:16:a0:c9:cf:38:e5:12:01:d0:25:e0:c1:12:c3:0c:16:ee:
6f:36:10:9a:06:eb:0d:01:54:61:00:c9:3b:53:ce:63:5f:a4:
f3:be:26:a2:85:83:14:3d:1f:de:39:10:83:63:fa:eb:93:ce:
94:ea:47:1d:f3:10:e4:44:37:46:d5:ff:ef:89:01:52:a1:c0:
79:73:7b:d6
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVuOO3XCh5CX4vB8G3SWwhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZGM4MWVhMzg5ZGQ2YWFjNGVmYmMzNGQ1MmQ3NzhlYmE3
YTdmYzQwHhcNMjMwMTAxMTY0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI4ZDIyMmQwZmU3MWUzMmQ2NWQxNWNiN2MzYzkzNDA3NzBmNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAom6+k5aOfDJKm2U9/so4tAkpey
JiugNdyUytBAKm+E1DBcQ7gP/QGbqWLp5fpOV1n7r1zGcdNcpmeLmrWXrRQ/VzAs
MmHJtIDaklmbkf4mutcIbkd83U4cKsKcCtj+pxMuE4aGEJDz51eMDk56RdzGspKg
zwZ8i+XAHoeaWacNsJBIe84wwxcv92y3tLJyah1Ib+/EQGWijeY1FR0O5SY4w/Iq
wiiM2GaTW4l4af8pg7r4FkZgSLbTIgQfOsJ5GxPBE7v8Pke9zlcLa/Yp2XiwXQn5
wqkhpVD478KPZoJTBx7dl43DuxIA8P0x7Pv3MOjx4S561Wn6JM9N9HOmmwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFIco0iLQ/nHjLWXRXLfDyTQHcPTvMB8GA1UdIwQY
MBaAFCjcgeo4ndaqxO+8NNUtd466en/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS055QjZqaWQxcXJFNzd3MDFTMTNqcnA2ZjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9iNjljNmEtYjc4OC00YTFmLTljNWQt
YzA3ZmZmNzQ2OTM4LzEvaHlqU0l0RC1jZU10WmRGY3Q4UEpOQWR3OU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9iNjljNmEtYjc4OC00YTFmLTljNWQtYzA3ZmZmNzQ2OTM4
LzEvS055QjZqaWQxcXJFNzd3MDFTMTNqcnA2ZjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQCLY8oMAwD
BAXCNaADBAHCNaQwDwQCAAIwCQMHACABBnwoKDANBgkqhkiG9w0BAQsFAAOCAQEA
CMmmW9msIh9yVSmUajnsCcf+W/CaKjZYmYcjrneDLSs8ZzxzQ7fE259Cb/HEoBhW
a/Yq7aLgeSlfqQ6WezeIGF+ycEQMCx4oP5g/HwLJBlk91y1BjAyC0A8/Wd9A7bwX
60LcrpaJUkWblmZTpfJrAcMec0FqTWzTWa9m0XwvjJgHEmBk2c/5xqW89ytRIf/o
N5JirjWnjPk1EvmUGl8KnwjIea2i9UVcOa4PFYLUaLCikoOoMRagyc845RIB0CXg
wRLDDBbubzYQmgbrDQFUYQDJO1POY1+k874mooWDFD0f3jkQg2P665POlOpHHfMQ
5EQ3RtX/74kBUqHAeXN71g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:20 2024 by rpki-client on console-fra.rpki-client.org