Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/Hk-G1KQQF0nmH_mPXkTKpJULljI.roa
File: Hk-G1KQQF0nmH_mPXkTKpJULljI.roa (raw, json)
Hash identifier: 0Bmec2IM84A075CGmPPf7Jz2h2Ig0uqyF7rAcyguAc4=
Subject key identifier: 1E:4F:86:D4:A4:10:17:49:E6:1F:F9:8F:5E:44:CA:A4:95:0B:96:32
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 01856F3928B13343661181BF5E3FA342ACFD
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/Hk-G1KQQF0nmH_mPXkTKpJULljI.roa
Signing time: Sun 01 Jan 2023 21:24:54 +0000
ROA not before: Sun 01 Jan 2023 21:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9116
IP address blocks: 82.102.161.0/24 maxlen: 24
81.5.16.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:28:b1:33:43:66:11:81:bf:5e:3f:a3:42:ac:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 21:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e4f86d4a4101749e61ff98f5e44caa4950b9632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:18:cb:9b:0e:75:f9:a8:fc:a3:28:ab:eb:5d:
b0:27:63:b9:56:4b:26:00:de:e7:db:eb:a6:75:a6:
95:b1:38:66:ad:d7:c8:17:ef:0e:8d:a3:1a:88:be:
3b:9a:0b:58:d6:a7:96:24:8a:fb:81:2d:f5:a5:fa:
1d:96:1f:cc:13:92:fe:ef:d6:db:9e:24:c7:b6:17:
4a:fc:31:9f:be:03:f7:89:75:2c:4e:d2:b0:9d:d0:
e1:6a:ce:12:eb:94:d8:82:38:67:50:7c:b2:75:53:
14:1e:7f:ab:2e:b1:17:d2:c3:cf:2a:ac:94:b5:a0:
ed:0f:b8:73:8a:ec:f2:98:e6:79:f0:e9:ea:86:8f:
b3:30:79:a4:44:17:7c:1e:39:62:36:7d:12:bf:0d:
13:fa:42:cf:05:33:84:e6:7e:e0:ff:03:9e:2c:e5:
e9:4f:21:c2:ea:8c:3c:37:ea:81:87:66:9a:cc:d2:
00:be:f9:17:39:f9:f8:42:35:ec:11:57:21:89:c9:
02:20:68:af:b3:af:91:fc:63:37:be:b4:84:b0:5c:
ad:d7:c8:89:41:05:a0:a2:cf:9f:4f:18:78:c6:21:
83:12:10:04:ad:e7:59:d4:2a:34:f1:37:e1:0b:fd:
de:c6:cb:36:80:c9:99:d1:df:18:47:fa:2e:4d:b9:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4F:86:D4:A4:10:17:49:E6:1F:F9:8F:5E:44:CA:A4:95:0B:96:32
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/Hk-G1KQQF0nmH_mPXkTKpJULljI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.16.0/21
82.102.161.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:8e:0f:a7:e5:45:99:5a:84:ab:ad:02:82:cd:6a:f4:7a:1f:
ba:cc:a7:d8:29:85:e2:b4:4a:05:cc:0e:e7:c3:4c:e8:21:20:
70:33:12:bb:2f:57:11:76:1c:5e:72:5e:06:85:5c:6e:f6:cd:
6a:83:42:0b:12:24:ae:bc:32:93:47:64:6e:c6:73:23:55:ea:
17:fe:13:74:f3:27:65:60:ac:9f:62:89:ad:8a:d2:e2:85:d9:
36:88:04:0d:2d:24:8f:52:a5:e0:b0:27:91:ac:96:0e:3d:9c:
89:1a:0f:1c:de:e7:3b:b9:76:06:4b:d4:3e:14:c2:e4:63:6f:
d1:5c:b8:76:96:c8:24:5f:57:ee:64:34:30:81:24:0b:c8:74:
18:9b:48:89:8a:ca:03:50:a4:a4:72:a7:6e:ad:db:02:69:59:
42:52:c1:2a:64:97:38:dc:fd:1a:e4:fe:ea:54:3c:2f:53:d0:
ea:ca:85:5a:8f:b0:fd:28:b7:77:a8:ef:cb:da:94:4e:ad:6a:
93:30:77:4b:5e:0b:1b:17:78:87:24:ed:5f:b0:a1:3c:0e:23:
f3:32:c3:fc:68:6d:8f:de:31:76:2d:e2:cb:0e:9c:c7:31:d9:
7a:5e:dd:dc:9f:96:ba:51:ee:64:3a:16:30:39:4e:d7:85:be:
9c:4e:be:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvOSixM0NmEYG/Xj+jQqz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjMwMTAxMjEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRmODZkNGE0MTAxNzQ5ZTYxZmY5OGY1ZTQ0Y2FhNDk1MGI5NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BjLmw51+aj8oyir612wJ2O5Vksm
AN7n2+umdaaVsThmrdfIF+8OjaMaiL47mgtY1qeWJIr7gS31pfodlh/ME5L+79bb
niTHthdK/DGfvgP3iXUsTtKwndDhas4S65TYgjhnUHyydVMUHn+rLrEX0sPPKqyU
taDtD7hziuzymOZ58Onqho+zMHmkRBd8HjliNn0Svw0T+kLPBTOE5n7g/wOeLOXp
TyHC6ow8N+qBh2aazNIAvvkXOfn4QjXsEVchickCIGivs6+R/GM3vrSEsFyt18iJ
QQWgos+fTxh4xiGDEhAEredZ1Co08TfhC/3exss2gMmZ0d8YR/ouTbnALwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB5PhtSkEBdJ5h/5j15EyqSVC5YyMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL0hrLUcxS1FRRjBubUhfbVBYa1RLcEpVTGxqSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANRBRAD
BABSZqEwDQYJKoZIhvcNAQELBQADggEBAJ2OD6flRZlahKutAoLNavR6H7rMp9gp
heK0SgXMDufDTOghIHAzErsvVxF2HF5yXgaFXG72zWqDQgsSJK68MpNHZG7GcyNV
6hf+E3TzJ2VgrJ9iia2K0uKF2TaIBA0tJI9SpeCwJ5Gslg49nIkaDxze5zu5dgZL
1D4UwuRjb9FcuHaWyCRfV+5kNDCBJAvIdBibSImKygNQpKRyp26t2wJpWUJSwSpk
lzjc/Rrk/upUPC9T0OrKhVqPsP0ot3eo78valE6tapMwd0teCxsXeIck7V+woTwO
I/Myw/xobY/eMXYt4ssOnMcx2Xpe3dyflrpR7mQ6FjA5TteFvpxOvs0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:44 2024 by rpki-client on console-ams.rpki-client.org