Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/HlQlU0Lmw1Yz6_DSbGPF8weA8nc.roa
File: HlQlU0Lmw1Yz6_DSbGPF8weA8nc.roa (raw, json)
Hash identifier: l1GAOO98UI0x/SU6mpS8vaVXuwEAqvVif+nPfVEJze8=
Subject key identifier: 1E:54:25:53:42:E6:C3:56:33:EB:F0:D2:6C:63:C5:F3:07:80:F2:77
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 01856C780694E2F1CA5FBA34C0B4E3AABC29
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/HlQlU0Lmw1Yz6_DSbGPF8weA8nc.roa
Signing time: Sun 01 Jan 2023 08:34:43 +0000
ROA not before: Sun 01 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198863
IP address blocks: 91.240.2.0/23 maxlen: 23
91.240.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:06:94:e2:f1:ca:5f:ba:34:c0:b4:e3:aa:bc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Jan 1 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e54255342e6c35633ebf0d26c63c5f30780f277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4b:ad:eb:31:3d:13:b3:6c:df:e9:62:c3:37:
03:bf:57:f6:38:8b:5e:51:65:7e:12:c6:88:aa:26:
17:17:84:fe:f5:e6:60:f9:ce:4a:46:ab:f9:e4:64:
45:f9:92:44:3c:12:7c:c2:7f:79:aa:a3:dd:d9:ce:
fb:b3:23:3c:9b:90:37:e3:32:10:8f:83:23:e4:5c:
b3:4d:26:a8:5a:d0:b7:b5:77:ec:68:38:09:e0:90:
cc:d3:98:a3:53:89:a5:64:90:d5:c4:1c:76:19:bb:
1f:1d:85:5f:72:ba:1c:ca:26:e3:8c:31:30:ef:3d:
ca:fd:58:e0:93:8c:62:eb:b1:5c:10:0d:c1:35:e1:
2e:da:51:f3:2a:42:06:ba:6c:20:99:d8:f5:ae:4d:
22:56:6b:2a:8e:19:de:66:6c:6f:a2:ff:53:39:06:
b0:5c:25:95:84:bd:d8:83:03:99:ce:ab:29:c6:f1:
51:61:1f:29:3e:b4:f8:12:70:a2:9b:6d:1f:af:1a:
55:f2:db:00:bb:93:6c:91:ab:c1:3d:5a:4c:b8:78:
71:27:e0:c9:0e:16:65:f8:32:be:d9:be:18:41:3b:
1d:64:cd:1e:b7:7a:25:79:e4:cb:74:89:e3:4d:44:
c8:ac:10:52:23:92:cd:1f:24:73:5d:71:26:bc:9b:
ee:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:54:25:53:42:E6:C3:56:33:EB:F0:D2:6C:63:C5:F3:07:80:F2:77
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/HlQlU0Lmw1Yz6_DSbGPF8weA8nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:b8:84:5d:ea:da:0d:9c:a6:48:3a:f8:ec:89:c1:04:86:25:
40:b0:05:7f:71:ad:6e:63:f8:27:15:0d:ee:76:72:42:41:0d:
00:38:1d:e0:54:a7:91:1b:e9:59:5f:5d:23:a7:7e:7c:36:a2:
b3:ab:97:f1:e3:61:f3:cf:30:b6:49:29:a5:63:67:0c:6a:94:
68:be:66:9d:67:ce:45:5c:a4:4d:2f:8e:8b:40:ce:1d:9d:e7:
2c:e2:20:ca:af:74:e1:25:d7:b4:c0:b9:db:e6:39:cb:17:c9:
0a:16:7f:e7:9f:03:2a:5d:b7:f7:76:7f:1b:a8:32:a7:d2:65:
df:1e:dc:aa:c2:ce:da:5c:94:bd:26:16:2b:49:a1:7e:7a:d6:
17:61:b0:5c:d0:75:04:fb:ab:7b:6a:5c:02:53:6a:01:05:09:
d7:11:50:11:d5:52:49:b0:23:ed:08:93:f3:c0:5d:5a:24:13:
c3:dc:87:a8:4d:04:48:d3:f0:b5:22:93:31:1a:70:8f:88:ea:
1c:32:f4:ea:29:3a:31:aa:a5:67:2c:0b:2f:c3:41:d7:71:8b:
35:e0:53:df:f5:4b:5f:19:24:2e:e0:bf:66:76:05:4f:f6:c9:
6f:b0:ba:db:c6:7d:b8:0e:3e:d7:5f:ce:d4:b5:97:e4:9c:d0:
10:3e:6c:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseAaU4vHKX7o0wLTjqrwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjMwMTAxMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU0MjU1MzQyZTZjMzU2MzNlYmYwZDI2YzYzYzVmMzA3ODBmMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0ut6zE9E7Ns3+liwzcDv1f2OIte
UWV+EsaIqiYXF4T+9eZg+c5KRqv55GRF+ZJEPBJ8wn95qqPd2c77syM8m5A34zIQ
j4Mj5FyzTSaoWtC3tXfsaDgJ4JDM05ijU4mlZJDVxBx2GbsfHYVfcrocyibjjDEw
7z3K/Vjgk4xi67FcEA3BNeEu2lHzKkIGumwgmdj1rk0iVmsqjhneZmxvov9TOQaw
XCWVhL3YgwOZzqspxvFRYR8pPrT4EnCim20frxpV8tsAu5NskavBPVpMuHhxJ+DJ
DhZl+DK+2b4YQTsdZM0et3oleeTLdInjTUTIrBBSI5LNHyRzXXEmvJvuYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5UJVNC5sNWM+vw0mxjxfMHgPJ3MB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvSGxRbFUwTG13MVl6Nl9EU2JHUEY4d2VBOG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/ACMA0G
CSqGSIb3DQEBCwUAA4IBAQALuIRd6toNnKZIOvjsicEEhiVAsAV/ca1uY/gnFQ3u
dnJCQQ0AOB3gVKeRG+lZX10jp358NqKzq5fx42HzzzC2SSmlY2cMapRovmadZ85F
XKRNL46LQM4dnecs4iDKr3ThJde0wLnb5jnLF8kKFn/nnwMqXbf3dn8bqDKn0mXf
Htyqws7aXJS9JhYrSaF+etYXYbBc0HUE+6t7alwCU2oBBQnXEVAR1VJJsCPtCJPz
wF1aJBPD3IeoTQRI0/C1IpMxGnCPiOocMvTqKToxqqVnLAsvw0HXcYs14FPf9Utf
GSQu4L9mdgVP9slvsLrbxn24Dj7XX87UtZfknNAQPmzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:59 2024 by rpki-client on console-fra.rpki-client.org