Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfAOTw05dTJgzKRLU_oElbnXzos.roa
File: hfAOTw05dTJgzKRLU_oElbnXzos.roa (raw, json)
Hash identifier: NuK+Lmo5WapaPOqR2+1Dk84DTz0yB1Nw/6nBAyUqzgc=
Subject key identifier: 85:F0:0E:4F:0D:39:75:32:60:CC:A4:4B:53:FA:04:95:B9:D7:CE:8B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81EC03C4EB6A0C6CD82E3A1A8BF94C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfAOTw05dTJgzKRLU_oElbnXzos.roa
Signing time: Sun 01 Jan 2023 13:25:09 +0000
ROA not before: Sun 01 Jan 2023 13:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44796
IP address blocks: 91.92.232.0/24 maxlen: 24
2a00:1728:1d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ec:03:c4:eb:6a:0c:6c:d8:2e:3a:1a:8b:f9:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85f00e4f0d39753260cca44b53fa0495b9d7ce8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2d:01:cb:9b:b4:70:3e:28:16:1d:48:88:f2:
1e:b1:4a:83:37:d2:78:dd:af:06:aa:11:b1:8f:3c:
46:3d:34:e0:7f:8c:8d:78:c4:0e:57:6a:ce:4c:c1:
a7:31:e1:5b:00:81:54:19:84:39:ae:44:3e:f4:65:
d8:fb:2c:6a:6d:af:93:39:cc:26:75:37:db:6f:54:
3c:76:ef:93:96:1d:24:e0:7c:62:74:4b:fd:46:a2:
95:e5:ce:45:20:e4:45:a2:b7:4a:72:c9:4f:c5:1c:
31:f8:1c:53:23:ce:05:fb:cb:4b:c7:f3:fd:d3:13:
0e:27:96:ff:c0:d8:02:29:79:c3:7f:27:13:ed:51:
22:c5:f4:74:a8:eb:1c:26:e1:79:1f:91:72:9c:b6:
1d:cc:ba:2e:ec:0f:a5:18:31:79:d2:29:d2:25:da:
f3:8f:1b:fb:34:85:46:f7:76:bd:a7:26:0c:c1:dc:
ad:57:77:c8:af:69:2b:ee:bd:65:a1:a2:94:d7:88:
48:ec:4b:d2:9f:69:7d:0a:07:a2:71:10:70:ac:88:
3b:df:e0:76:cd:17:54:4f:87:8a:db:96:ba:7c:fc:
6f:89:99:f4:b5:16:30:89:3a:d7:a4:f5:4d:6f:65:
d0:ae:ca:ec:0e:13:c1:2c:9a:9d:e6:ed:56:66:b6:
d8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F0:0E:4F:0D:39:75:32:60:CC:A4:4B:53:FA:04:95:B9:D7:CE:8B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfAOTw05dTJgzKRLU_oElbnXzos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.232.0/24
IPv6:
2a00:1728:1d::/48
Signature Algorithm: sha256WithRSAEncryption
70:a9:13:fe:e0:fc:30:c0:83:87:23:55:5e:ea:d6:e7:17:29:
5c:4d:98:65:18:8b:22:aa:42:63:4f:1f:7d:08:6b:60:3b:03:
d5:c2:12:09:e7:3d:12:ce:9e:9b:a4:5c:c2:34:3c:1c:0c:07:
1f:0f:89:db:07:7f:cb:5d:f4:90:5f:be:5f:cd:ca:78:66:00:
a1:c9:99:94:7a:39:e3:8f:7e:61:53:56:2f:6e:64:dd:2e:61:
ae:27:2f:0d:23:2b:33:fb:c2:aa:57:8f:72:bf:a3:3d:34:bc:
ef:d9:39:f5:09:c5:8a:fe:17:44:19:57:4f:c2:17:1e:a3:91:
29:36:8d:e5:d5:3f:c7:8d:dd:90:a6:bd:5f:a8:7a:d9:fe:e2:
41:9c:00:48:1a:44:af:14:f0:c0:a9:6c:a7:7e:f8:c4:2c:b2:
db:79:90:b9:01:a4:47:86:e8:c8:79:bb:1b:e4:07:ac:f3:1d:
d4:1d:b2:a4:7f:27:1f:31:37:1a:47:cd:c5:c2:36:c5:83:44:
44:c5:a0:28:5b:4e:54:ab:65:fa:6c:40:25:19:c8:f6:8b:a4:
ca:bd:8f:38:0d:88:f4:dd:bc:9b:ba:de:c8:58:82:28:0d:a0:
75:e5:77:63:ef:da:a4:34:66:95:b6:45:43:93:a4:ac:84:57:
c6:6e:78:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtgewDxOtqDGzYLjoai/lMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYwMGU0ZjBkMzk3NTMyNjBjY2E0NGI1M2ZhMDQ5NWI5ZDdjZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli0By5u0cD4oFh1IiPIesUqDN9J4
3a8GqhGxjzxGPTTgf4yNeMQOV2rOTMGnMeFbAIFUGYQ5rkQ+9GXY+yxqba+TOcwm
dTfbb1Q8du+Tlh0k4HxidEv9RqKV5c5FIORFordKcslPxRwx+BxTI84F+8tLx/P9
0xMOJ5b/wNgCKXnDfycT7VEixfR0qOscJuF5H5FynLYdzLou7A+lGDF50inSJdrz
jxv7NIVG93a9pyYMwdytV3fIr2kr7r1loaKU14hI7EvSn2l9CgeicRBwrIg73+B2
zRdUT4eK25a6fPxviZn0tRYwiTrXpPVNb2XQrsrsDhPBLJqd5u1WZrbYDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIXwDk8NOXUyYMykS1P6BJW5186LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaGZBT1R3MDVkVEpnektSTFVfb0VsYm5Yem9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW1zoMA8E
AgACMAkDBwAqABcoAB0wDQYJKoZIhvcNAQELBQADggEBAHCpE/7g/DDAg4cjVV7q
1ucXKVxNmGUYiyKqQmNPH30Ia2A7A9XCEgnnPRLOnpukXMI0PBwMBx8PidsHf8td
9JBfvl/NynhmAKHJmZR6OeOPfmFTVi9uZN0uYa4nLw0jKzP7wqpXj3K/oz00vO/Z
OfUJxYr+F0QZV0/CFx6jkSk2jeXVP8eN3ZCmvV+oetn+4kGcAEgaRK8U8MCpbKd+
+MQsstt5kLkBpEeG6Mh5uxvkB6zzHdQdsqR/Jx8xNxpHzcXCNsWDRETFoChbTlSr
ZfpsQCUZyPaLpMq9jzgNiPTdvJu63shYgigNoHXld2Pv2qQ0ZpW2RUOTpKyEV8Zu
eFg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:48 2024 by rpki-client on console-fra.rpki-client.org