Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/HDL9m5GHtFrhUe60oU5x21Ps0XY.roa
File: HDL9m5GHtFrhUe60oU5x21Ps0XY.roa (raw, json)
Hash identifier: 538Oq8Rr0cfGUho9wSKU2YXk7TgJgc4A/4//0NCq2wE=
Subject key identifier: 1C:32:FD:9B:91:87:B4:5A:E1:51:EE:B4:A1:4E:71:DB:53:EC:D1:76
Certificate issuer: /CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Certificate serial: 01856D53DB55314581EB498DFC7FFCDADB61
Authority key identifier: 01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/HDL9m5GHtFrhUe60oU5x21Ps0XY.roa
Signing time: Sun 01 Jan 2023 12:34:50 +0000
ROA not before: Sun 01 Jan 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201355
IP address blocks: 91.220.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:db:55:31:45:81:eb:49:8d:fc:7f:fc:da:db:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=010a7d4c64aed4bc98c6b5b064ff0a9b82eada82
Validity
Not Before: Jan 1 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c32fd9b9187b45ae151eeb4a14e71db53ecd176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b5:d7:30:fa:04:fc:78:ca:68:85:de:87:a1:
8e:9f:de:d8:79:b7:68:97:f2:84:a8:bb:11:89:ca:
b0:37:cf:91:45:7e:37:7d:57:29:94:7f:f4:ef:7b:
63:75:08:b3:6e:a2:fd:cc:8e:7d:cd:a7:89:22:a9:
e6:49:85:3a:87:72:36:69:25:ba:53:a8:57:46:84:
f1:1c:b9:a0:07:c7:15:a9:2e:ed:d6:af:8b:79:08:
6f:a4:59:a9:34:59:3b:69:b2:12:2c:ad:53:51:7f:
63:93:89:3a:ef:33:24:97:7a:9f:8d:24:c1:fb:1a:
48:96:38:ac:24:20:3f:f4:f0:86:f8:42:e3:cf:16:
a7:bf:75:be:f1:55:d9:d0:46:19:54:61:18:63:a0:
5a:7a:ca:7f:f6:e8:37:53:cb:37:7a:a6:32:eb:41:
44:32:83:bd:4f:4c:d6:f3:ab:26:42:e3:2e:26:72:
78:91:83:a9:be:b4:75:17:dc:28:6d:f8:11:a1:b7:
03:ff:7c:bb:43:fe:c8:fe:9a:35:20:a1:33:23:1e:
5c:ef:3d:9e:c9:48:84:ec:88:10:42:9b:ca:3f:09:
51:4e:6f:20:85:12:0a:89:24:d4:6e:dc:49:a0:39:
49:6f:2a:64:99:58:0d:bd:1f:a9:75:6e:95:6a:6f:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:32:FD:9B:91:87:B4:5A:E1:51:EE:B4:A1:4E:71:DB:53:EC:D1:76
X509v3 Authority Key Identifier:
keyid:01:0A:7D:4C:64:AE:D4:BC:98:C6:B5:B0:64:FF:0A:9B:82:EA:DA:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/HDL9m5GHtFrhUe60oU5x21Ps0XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d3363e-4832-4d57-9da5-dbf76ed3939f/1/AQp9TGSu1LyYxrWwZP8Km4Lq2oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.251.0/24
Signature Algorithm: sha256WithRSAEncryption
46:c8:5c:87:f1:e4:0e:75:03:4a:3c:f3:c6:d2:2c:7f:ab:0e:
54:31:8c:f0:35:f5:4c:be:37:69:f1:bb:ac:8e:89:c9:7c:62:
ff:01:f7:d9:8f:5e:1b:fd:96:4e:94:a8:96:2c:02:89:4a:19:
88:d5:7a:e5:b0:5a:e8:62:0a:b2:6f:44:7e:16:a0:1d:db:a8:
d9:ee:bc:01:89:81:d3:cc:5b:58:d5:48:29:b2:3f:5b:7c:e5:
ba:a0:bd:11:18:ed:c1:bc:4e:28:f4:e2:dd:ae:02:df:e7:19:
7a:a6:d6:31:29:25:08:7e:30:40:c6:c0:d7:59:00:5a:16:ef:
bd:bf:38:bb:ad:38:b8:90:05:31:2e:fb:4f:5f:b6:1f:98:e2:
83:a3:53:1b:f2:b4:c9:26:ac:5b:e3:2a:40:dc:70:45:06:70:
45:db:f0:27:2a:0e:39:56:98:95:4c:e1:9c:63:43:60:a1:d9:
67:a0:e2:14:79:2f:b2:f1:32:16:35:e7:ef:6b:27:56:80:56:
a7:22:67:9c:87:1a:f2:76:61:f2:96:94:07:b6:c6:f4:3b:ba:
39:9e:61:9c:2c:98:f8:c3:d5:9e:5b:1b:fb:9a:88:2f:4c:48:
83:00:43:6d:75:cf:78:b2:43:19:73:79:31:73:d4:6e:17:12:
71:ba:60:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9tVMUWB60mN/H/82tthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGE3ZDRjNjRhZWQ0YmM5OGM2YjViMDY0ZmYwYTliODJl
YWRhODIwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMyZmQ5YjkxODdiNDVhZTE1MWVlYjRhMTRlNzFkYjUzZWNkMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7XXMPoE/HjKaIXeh6GOn97Yebdo
l/KEqLsRicqwN8+RRX43fVcplH/073tjdQizbqL9zI59zaeJIqnmSYU6h3I2aSW6
U6hXRoTxHLmgB8cVqS7t1q+LeQhvpFmpNFk7abISLK1TUX9jk4k67zMkl3qfjSTB
+xpIljisJCA/9PCG+ELjzxanv3W+8VXZ0EYZVGEYY6Baesp/9ug3U8s3eqYy60FE
MoO9T0zW86smQuMuJnJ4kYOpvrR1F9wobfgRobcD/3y7Q/7I/po1IKEzIx5c7z2e
yUiE7IgQQpvKPwlRTm8ghRIKiSTUbtxJoDlJbypkmVgNvR+pdW6Vam8ydQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwy/ZuRh7Ra4VHutKFOcdtT7NF2MB8GA1UdIwQY
MBaAFAEKfUxkrtS8mMa1sGT/CpuC6tqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUt
ZGJmNzZlZDM5MzlmLzEvSERMOW01R0h0RnJoVWU2MG9VNXgyMVBzMFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMzM2M2UtNDgzMi00ZDU3LTlkYTUtZGJmNzZlZDM5Mzlm
LzEvQVFwOVRHU3UxTHlZeHJXd1pQOEttNExxMm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9z7MA0G
CSqGSIb3DQEBCwUAA4IBAQBGyFyH8eQOdQNKPPPG0ix/qw5UMYzwNfVMvjdp8bus
jonJfGL/AffZj14b/ZZOlKiWLAKJShmI1XrlsFroYgqyb0R+FqAd26jZ7rwBiYHT
zFtY1Ugpsj9bfOW6oL0RGO3BvE4o9OLdrgLf5xl6ptYxKSUIfjBAxsDXWQBaFu+9
vzi7rTi4kAUxLvtPX7YfmOKDo1Mb8rTJJqxb4ypA3HBFBnBF2/AnKg45VpiVTOGc
Y0NgodlnoOIUeS+y8TIWNefvaydWgFanImechxrydmHylpQHtsb0O7o5nmGcLJj4
w9WeWxv7mogvTEiDAENtdc94skMZc3kxc9RuFxJxumCI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:15 2024 by rpki-client on console-ams.rpki-client.org