Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa
File: HFq21pvGJsVvXiZx8qPewKeK9eI.roa (raw, json)
Hash identifier: Ia7PWVswfd3roRduWA8Mztcd+2f60lPv9Du4DJESPAw=
Subject key identifier: 1C:5A:B6:D6:9B:C6:26:C5:6F:5E:26:71:F2:A3:DE:C0:A7:8A:F5:E2
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01893EB051FDF67CF788592E5430067D0650
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa
Signing time: Mon 10 Jul 2023 07:24:49 +0000
ROA not before: Mon 10 Jul 2023 07:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 91.243.44.0/22 maxlen: 22
5.188.10.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
5.8.66.0/23 maxlen: 23
91.243.52.0/22 maxlen: 22
91.243.56.0/22 maxlen: 22
46.161.28.0/22 maxlen: 22
46.161.41.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:b0:51:fd:f6:7c:f7:88:59:2e:54:30:06:7d:06:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jul 10 07:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c5ab6d69bc626c56f5e2671f2a3dec0a78af5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3b:5e:53:85:e8:26:f9:77:5e:93:b4:b2:97:
e9:10:22:60:e7:ea:e6:86:ff:0a:0b:39:1d:ad:5c:
51:ba:e5:8f:4b:0d:93:d0:e0:8e:55:3c:2b:7c:c1:
24:a4:ac:de:82:b1:ea:5d:35:86:a4:ca:7c:d3:97:
3f:0a:1f:0b:45:31:7e:53:6d:28:7b:b1:71:54:32:
cb:e2:80:d8:07:71:df:24:58:c7:f9:db:cb:85:df:
3d:c4:07:e1:85:1a:a8:9b:c2:c7:4e:eb:68:b3:d7:
0a:11:a2:52:7b:66:df:0c:40:f3:e3:19:1c:ae:cc:
6b:53:99:c5:a9:41:82:cd:b5:27:71:05:22:e1:c2:
c5:f6:b0:47:d3:0b:75:3d:6b:a3:6f:1f:7d:4e:e3:
5c:eb:1d:a0:93:58:12:61:3b:8d:2b:d6:ec:b0:7e:
7a:bc:ce:4f:ea:e9:50:9f:11:f7:60:4f:42:ea:8c:
02:86:b0:3e:ad:7f:1f:40:72:1a:7d:35:6d:69:f5:
a6:7b:f7:46:d5:c5:26:e7:7c:eb:d9:ff:e3:51:da:
a2:31:04:14:e3:27:1f:4c:85:5e:2b:4a:99:f4:01:
08:65:19:5f:7e:ba:29:d1:9c:06:02:43:94:76:89:
c1:50:77:93:26:71:5b:f7:ec:05:4a:4e:7d:7b:7d:
c8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5A:B6:D6:9B:C6:26:C5:6F:5E:26:71:F2:A3:DE:C0:A7:8A:F5:E2
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.10.0/23
46.161.26.0/24
46.161.28.0/22
46.161.41.0/24
91.243.32.0/22
91.243.44.0/22
91.243.52.0-91.243.59.255
Signature Algorithm: sha256WithRSAEncryption
29:4c:3b:01:c0:fe:c7:81:c8:3d:c6:0c:d9:f7:78:ba:16:5f:
99:f8:8a:8d:45:f0:2f:39:d9:9a:b6:9c:ce:ec:ac:3a:6a:ce:
b7:4e:df:eb:a5:89:22:1d:8d:40:a2:87:94:5d:df:be:a9:78:
02:5d:0f:a9:f6:dd:9e:f0:3d:d5:85:04:b1:4d:35:69:ed:0f:
47:78:7e:8f:c7:b4:9b:54:8e:73:80:32:e7:fa:87:0f:b2:e4:
1e:00:50:12:49:71:f6:ad:cb:84:4c:df:97:4c:ea:6a:d3:35:
74:2b:6c:97:32:06:36:04:68:32:68:b1:34:10:80:31:33:47:
88:18:bb:2b:d6:f7:71:52:72:a5:79:49:c3:e3:5d:b5:3b:65:
73:66:d7:36:50:6b:f1:3a:b8:0f:ec:17:8c:c0:8b:9c:18:84:
d9:14:d1:6f:d6:05:3a:ef:8f:80:9a:b7:b4:0f:af:ca:6d:65:
a9:67:74:3a:3b:04:9a:04:d4:d4:04:ee:df:59:b5:bb:2d:9f:
bf:35:fb:34:63:53:51:f4:7c:40:71:9c:07:58:38:6c:73:2a:
cb:e8:55:d4:8a:62:87:66:dd:31:f8:ed:ee:d6:73:31:e1:71:
45:2a:af:6f:99:9a:c2:f6:45:5d:f5:16:4c:13:aa:d2:a1:03:
c3:bc:73:8d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYk+sFH99nz3iFkuVDAGfQZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNzEwMDcyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVhYjZkNjliYzYyNmM1NmY1ZTI2NzFmMmEzZGVjMGE3OGFmNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTteU4XoJvl3XpO0spfpECJg5+rm
hv8KCzkdrVxRuuWPSw2T0OCOVTwrfMEkpKzegrHqXTWGpMp805c/Ch8LRTF+U20o
e7FxVDLL4oDYB3HfJFjH+dvLhd89xAfhhRqom8LHTutos9cKEaJSe2bfDEDz4xkc
rsxrU5nFqUGCzbUncQUi4cLF9rBH0wt1PWujbx99TuNc6x2gk1gSYTuNK9bssH56
vM5P6ulQnxH3YE9C6owChrA+rX8fQHIafTVtafWme/dG1cUm53zr2f/jUdqiMQQU
4ycfTIVeK0qZ9AEIZRlffrop0ZwGAkOUdonBUHeTJnFb9+wFSk59e33IIQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBxattabxibFb14mcfKj3sCnivXiMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSEZxMjFwdkdKc1Z2WGlaeDhxUGV3S2VLOWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBBQhCAwQB
BbwKAwQALqEaAwQCLqEcAwQALqEpAwQCW/MgAwQCW/MsMAwDBAJb8zQDBAJb8zgw
DQYJKoZIhvcNAQELBQADggEBAClMOwHA/seByD3GDNn3eLoWX5n4io1F8C852Zq2
nM7srDpqzrdO3+uliSIdjUCih5Rd376peAJdD6n23Z7wPdWFBLFNNWntD0d4fo/H
tJtUjnOAMuf6hw+y5B4AUBJJcfaty4RM35dM6mrTNXQrbJcyBjYEaDJosTQQgDEz
R4gYuyvW93FScqV5ScPjXbU7ZXNm1zZQa/E6uA/sF4zAi5wYhNkU0W/WBTrvj4Ca
t7QPr8ptZalndDo7BJoE1NQE7t9Ztbstn781+zRjU1H0fEBxnAdYOGxzKsvoVdSK
Yodm3TH47e7WczHhcUUqr2+ZmsL2RV31FkwTqtKhA8O8c40=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org