Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/kHeH-DJGuoTFSBO6kZOe8hjEA3E.roa
File: kHeH-DJGuoTFSBO6kZOe8hjEA3E.roa (raw, json)
Hash identifier: V9vPPnxDaKutaRiCycG+mhGqnwX/hIUqIXxSuoRkcTE=
Subject key identifier: 90:77:87:F8:32:46:BA:84:C5:48:13:BA:91:93:9E:F2:18:C4:03:71
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 018B9044488E25B5F22DD2EB9E7E9DC642D7
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/kHeH-DJGuoTFSBO6kZOe8hjEA3E.roa
Signing time: Thu 02 Nov 2023 13:41:15 +0000
ROA not before: Thu 02 Nov 2023 13:41:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 81.20.40.0/24 maxlen: 24
81.20.41.0/24 maxlen: 24
2a00:1fd0:ae00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:44:48:8e:25:b5:f2:2d:d2:eb:9e:7e:9d:c6:42:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Nov 2 13:41:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907787f83246ba84c54813ba91939ef218c40371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0a:f3:30:25:47:6b:7f:06:73:79:d8:58:8a:
b3:b2:db:66:d0:7b:40:19:bc:6f:1a:59:73:bc:63:
c6:f8:f8:ec:25:bc:98:a6:d6:b6:37:11:42:ea:42:
7d:00:c7:b1:21:e3:27:bd:8c:c9:72:44:73:e4:17:
f8:5f:55:7f:d0:5f:14:92:57:58:1e:9d:dd:a3:cd:
3b:3a:39:f8:e0:65:25:eb:4e:ff:a8:92:e5:8b:09:
08:ef:49:bd:c0:ef:c5:9a:e4:92:a1:51:4c:e0:85:
69:bc:9a:17:f5:de:53:bd:7d:8c:e0:af:57:c1:9e:
e9:01:b9:70:19:87:e5:1c:46:ec:a5:75:09:86:3e:
51:6c:01:65:91:91:0d:a1:f4:bf:71:e0:2f:25:be:
e0:9a:5f:11:52:e6:9f:04:59:01:86:95:2c:ba:3f:
2a:01:d0:2c:35:c6:13:2b:9b:6d:de:2f:ee:bb:19:
98:67:59:1f:9d:87:7d:0d:a9:1a:1b:24:32:24:9c:
c2:62:a9:60:e7:04:a2:fe:30:23:e6:5b:80:93:43:
ba:95:ca:f0:fe:91:1f:7e:d3:41:b5:29:d8:7a:f7:
8b:7d:70:0e:65:ba:6b:4e:33:26:a3:e9:7e:25:61:
8e:24:5b:da:8c:68:af:f3:a5:d4:05:67:93:5b:a0:
60:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:77:87:F8:32:46:BA:84:C5:48:13:BA:91:93:9E:F2:18:C4:03:71
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/kHeH-DJGuoTFSBO6kZOe8hjEA3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.40.0/23
IPv6:
2a00:1fd0:ae00::/40
Signature Algorithm: sha256WithRSAEncryption
13:e0:b3:30:16:f3:88:84:f2:b6:ec:42:40:d6:60:05:c4:f5:
bf:51:57:7b:0d:0f:f9:79:46:95:98:3f:35:72:a0:86:58:6d:
11:82:65:6b:22:ee:88:2a:b4:ce:b3:a2:9d:4d:94:0f:08:28:
30:98:78:32:7f:50:08:57:d9:98:4b:a2:94:2c:bb:38:d1:7c:
02:78:09:34:18:8b:53:df:d0:b4:da:f9:d7:3a:4d:0d:2b:55:
1a:64:45:a4:a4:b2:15:d2:2a:da:0c:5e:35:bc:88:93:58:80:
07:81:09:f6:ad:ae:27:73:83:9a:76:37:86:f8:de:f3:83:90:
35:a9:c6:b6:e8:5e:56:6d:d6:01:82:5f:d6:db:04:63:c9:4b:
0d:ed:b0:b2:51:be:e1:f0:5b:6d:b2:86:3f:26:81:2c:0e:dc:
7b:5f:0e:6b:b6:48:65:43:72:13:33:78:14:3c:f3:ba:04:c6:
87:25:51:9d:75:6a:cf:85:f4:f0:31:18:31:18:3c:48:ea:6e:
19:80:44:9a:21:0a:92:16:2d:74:76:c7:cd:a1:44:6a:0e:3e:
98:7d:81:b9:0a:35:41:fe:ee:9e:7a:93:7e:15:be:8d:72:01:
e7:cf:02:60:42:46:1d:c2:27:19:30:b4:71:d1:85:eb:7e:14:
41:43:35:b3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuQREiOJbXyLdLrnn6dxkLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjMxMTAyMTM0MTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc3ODdmODMyNDZiYTg0YzU0ODEzYmE5MTkzOWVmMjE4YzQwMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwrzMCVHa38Gc3nYWIqzsttm0HtA
GbxvGllzvGPG+PjsJbyYpta2NxFC6kJ9AMexIeMnvYzJckRz5Bf4X1V/0F8UkldY
Hp3do807Ojn44GUl607/qJLliwkI70m9wO/FmuSSoVFM4IVpvJoX9d5TvX2M4K9X
wZ7pAblwGYflHEbspXUJhj5RbAFlkZENofS/ceAvJb7gml8RUuafBFkBhpUsuj8q
AdAsNcYTK5tt3i/uuxmYZ1kfnYd9DakaGyQyJJzCYqlg5wSi/jAj5luAk0O6lcrw
/pEfftNBtSnYeveLfXAOZbprTjMmo+l+JWGOJFvajGiv86XUBWeTW6BgUQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJB3h/gyRrqExUgTupGTnvIYxANxMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEva0hlSC1ESkd1b1RGU0JPNmtaT2U4aGpFQTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBURQoMA4E
AgACMAgDBgAqAB/QrjANBgkqhkiG9w0BAQsFAAOCAQEAE+CzMBbziITytuxCQNZg
BcT1v1FXew0P+XlGlZg/NXKghlhtEYJlayLuiCq0zrOinU2UDwgoMJh4Mn9QCFfZ
mEuilCy7ONF8AngJNBiLU9/QtNr51zpNDStVGmRFpKSyFdIq2gxeNbyIk1iAB4EJ
9q2uJ3ODmnY3hvje84OQNanGtuheVm3WAYJf1tsEY8lLDe2wslG+4fBbbbKGPyaB
LA7ce18Oa7ZIZUNyEzN4FDzzugTGhyVRnXVqz4X08DEYMRg8SOpuGYBEmiEKkhYt
dHbHzaFEag4+mH2BuQo1Qf7unnqTfhW+jXIB588CYEJGHcInGTC0cdGF634UQUM1
sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org