Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Ha2tEpNxByP0MuXFSE2ylLoanZI.roa
File: Ha2tEpNxByP0MuXFSE2ylLoanZI.roa (raw, json)
Hash identifier: j13XOvAM5o9yLGgdNojaIRL4+8839IzKaDkR0pmD5hc=
Subject key identifier: 1D:AD:AD:12:93:71:07:23:F4:32:E5:C5:48:4D:B2:94:BA:1A:9D:92
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 01856D1CD1845733DFE82250F03489A4435D
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Ha2tEpNxByP0MuXFSE2ylLoanZI.roa
Signing time: Sun 01 Jan 2023 11:34:43 +0000
ROA not before: Sun 01 Jan 2023 11:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.234.0/24 maxlen: 24
81.31.234.0/23 maxlen: 24
81.31.235.0/24 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:1c:d1:84:57:33:df:e8:22:50:f0:34:89:a4:43:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jan 1 11:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dadad1293710723f432e5c5484db294ba1a9d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:22:31:a9:4d:93:5b:bf:01:29:bd:24:93:
8c:4f:25:de:ee:7c:04:05:57:91:6e:bc:7c:49:82:
17:83:63:15:1a:07:c8:c8:7e:e0:b5:5e:4b:c4:c9:
b2:1a:ce:15:1c:6b:9e:95:ec:7c:be:6d:cd:80:b0:
05:8e:46:cb:4a:3b:0e:56:e3:c1:d8:16:6f:27:73:
df:f9:f2:10:f6:de:d1:27:03:d0:d6:c9:ec:2a:3f:
df:c1:ca:fa:d7:e7:ee:b3:9f:fc:80:6a:cd:f5:c1:
9a:74:b2:98:c5:e9:07:92:54:69:1d:ac:72:7f:9a:
50:0f:2f:05:9a:b4:74:4b:86:9d:6c:1b:88:cb:30:
d8:1c:c8:08:20:11:2d:8f:00:b5:e5:0c:83:90:08:
03:85:32:f8:44:50:2a:6a:dd:b7:83:f2:4b:94:95:
bb:a1:49:57:4e:27:e1:9c:61:f0:c1:19:07:86:29:
98:89:f5:8e:46:0a:e1:b0:52:e8:2c:ab:5a:ea:be:
e0:a9:23:0f:41:29:83:21:73:c5:d0:e3:b2:fd:8c:
0d:af:5e:96:37:28:a2:6a:ec:49:5a:81:5e:6c:4a:
f9:c4:11:3b:48:e2:6d:08:22:10:93:6a:45:7f:e9:
b2:8d:88:d3:6f:3a:dc:00:ee:a7:11:71:fa:c2:92:
d5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AD:AD:12:93:71:07:23:F4:32:E5:C5:48:4D:B2:94:BA:1A:9D:92
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Ha2tEpNxByP0MuXFSE2ylLoanZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0-81.31.241.255
81.31.248.0/22
Signature Algorithm: sha256WithRSAEncryption
61:8d:0d:f2:73:59:d8:53:64:74:09:6e:59:45:ab:38:66:c3:
bf:0f:ad:43:af:34:5a:c7:d7:31:17:2a:40:f1:dd:45:58:a5:
8a:40:37:cc:d3:27:7e:37:18:bf:e2:96:e8:67:4e:22:25:3c:
e6:9d:cf:16:cf:cf:c4:c7:95:29:4f:68:4d:12:81:31:a6:d7:
5b:30:61:bc:07:c7:93:ff:f0:e5:4b:82:b7:ae:dc:81:2d:62:
75:29:97:f6:d2:2c:ac:ff:5f:cf:cc:5c:07:ea:70:8e:2f:b7:
8e:31:02:4d:fa:be:27:bb:98:80:6a:ff:23:8a:27:01:03:1a:
93:13:8a:1d:5e:c7:08:db:c8:05:7c:65:5e:d3:5f:e6:4b:f2:
ca:65:33:cd:52:2b:7e:50:84:87:ab:39:dc:e2:81:6c:30:24:
66:b5:02:7b:0f:2e:2f:a0:55:0d:38:ab:49:25:60:c5:19:71:
c0:30:78:d8:ba:2b:f2:f2:a4:58:57:5d:e5:3c:52:37:80:ef:
d8:f0:36:7b:5f:ea:c4:c9:f4:c7:f8:9e:89:e3:7e:9c:a4:7e:
11:47:a0:21:02:0f:4f:88:11:ea:13:71:3c:86:ab:8d:d8:7c:
36:71:88:af:95:05:a6:9b:7f:ad:4e:9e:71:97:33:95:9d:cf:
ad:30:67:09
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtHNGEVzPf6CJQ8DSJpENdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwMTAxMTEzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFkYWQxMjkzNzEwNzIzZjQzMmU1YzU0ODRkYjI5NGJhMWE5ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmkiMalNk1u/ASm9JJOMTyXe7nwE
BVeRbrx8SYIXg2MVGgfIyH7gtV5LxMmyGs4VHGuelex8vm3NgLAFjkbLSjsOVuPB
2BZvJ3Pf+fIQ9t7RJwPQ1snsKj/fwcr61+fus5/8gGrN9cGadLKYxekHklRpHaxy
f5pQDy8FmrR0S4adbBuIyzDYHMgIIBEtjwC15QyDkAgDhTL4RFAqat23g/JLlJW7
oUlXTifhnGHwwRkHhimYifWORgrhsFLoLKta6r7gqSMPQSmDIXPF0OOy/YwNr16W
NyiiauxJWoFebEr5xBE7SOJtCCIQk2pFf+myjYjTbzrcAO6nEXH6wpLVvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFB2trRKTcQcj9DLlxUhNspS6Gp2SMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvSGEydEVwTnhCeVAwTXVYRlNFMnlsTG9hblpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAVRH+AD
BABRH+YwDAMEAFEf6QMEAVEf8AMEAlEf+DANBgkqhkiG9w0BAQsFAAOCAQEAYY0N
8nNZ2FNkdAluWUWrOGbDvw+tQ680WsfXMRcqQPHdRVilikA3zNMnfjcYv+KW6GdO
IiU85p3PFs/PxMeVKU9oTRKBMabXWzBhvAfHk//w5UuCt67cgS1idSmX9tIsrP9f
z8xcB+pwji+3jjECTfq+J7uYgGr/I4onAQMakxOKHV7HCNvIBXxlXtNf5kvyymUz
zVIrflCEh6s53OKBbDAkZrUCew8uL6BVDTirSSVgxRlxwDB42Lor8vKkWFdd5TxS
N4Dv2PA2e1/qxMn0x/ieieN+nKR+EUegIQIPT4gR6hNxPIarjdh8NnGIr5UFppt/
rU6ecZczlZ3PrTBnCQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:01 2024 by rpki-client on console-ams.rpki-client.org