Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/HCuVi95wytbVECO0Kw_syp7XPks.roa
File: HCuVi95wytbVECO0Kw_syp7XPks.roa (raw, json)
Hash identifier: zLr7N49HxaLK7bquzEkC/31x0gbypPNkg49tCuf3XpM=
Subject key identifier: 1C:2B:95:8B:DE:70:CA:D6:D5:10:23:B4:2B:0F:EC:CA:9E:D7:3E:4B
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 018708BB527FE4FF295635FE062050322903
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/HCuVi95wytbVECO0Kw_syp7XPks.roa
Signing time: Wed 22 Mar 2023 09:51:46 +0000
ROA not before: Wed 22 Mar 2023 09:51:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39790
IP address blocks: 81.91.80.0/20 maxlen: 21
185.14.224.0/22 maxlen: 23
2001:1568::/32 maxlen: 33
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:bb:52:7f:e4:ff:29:56:35:fe:06:20:50:32:29:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Mar 22 09:51:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c2b958bde70cad6d51023b42b0fecca9ed73e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c5:3b:36:75:2a:0e:c5:e2:21:b8:97:ee:3e:
1b:a4:9c:4d:57:60:1c:76:fd:e3:b5:5f:b2:ee:e1:
40:0b:12:5f:df:d7:c0:41:97:d5:11:0f:18:04:b7:
40:75:42:b6:12:81:14:68:eb:20:a2:f5:93:d8:53:
45:ad:3d:4e:14:b5:94:94:94:ac:26:1b:34:ac:18:
bb:3e:f4:42:1d:33:0d:a4:7a:ca:84:b9:60:aa:9c:
b9:58:3c:83:ba:6d:c2:3c:dd:ea:e2:ed:11:70:9c:
98:b8:3a:ac:17:dc:be:f6:7a:07:8e:75:c9:ee:b4:
b4:66:a0:fb:82:32:f1:39:27:2e:d5:01:6f:8f:de:
5b:39:1c:57:62:3d:ab:06:82:c7:ab:8e:fa:0d:a8:
e8:95:6e:6a:1c:b0:89:ca:a3:db:ec:0b:85:04:51:
cc:21:56:c7:cf:a5:1f:df:fb:f5:b1:f0:7e:b9:d1:
25:d3:de:5e:c6:d9:30:bc:68:cd:20:26:15:d8:0d:
bd:ad:2e:45:32:36:12:e1:c9:da:fc:6f:de:b2:c7:
fc:cf:76:e2:a3:f2:d4:33:5c:41:45:ff:d2:0f:8c:
5e:90:86:be:31:73:aa:ca:4e:9e:7a:01:b2:ea:a3:
1f:14:b8:1d:42:6a:fb:ce:6a:9c:93:a0:76:e7:97:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2B:95:8B:DE:70:CA:D6:D5:10:23:B4:2B:0F:EC:CA:9E:D7:3E:4B
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/HCuVi95wytbVECO0Kw_syp7XPks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.80.0/20
185.14.224.0/22
IPv6:
2001:1568::/32
Signature Algorithm: sha256WithRSAEncryption
82:f4:e9:97:5e:4c:10:66:2d:84:3b:58:9d:98:0d:fa:17:a8:
02:15:24:b3:a1:bf:6a:94:b4:2f:42:1d:11:e7:47:64:64:d8:
d7:05:82:5f:ed:ea:33:30:f4:37:64:95:17:77:c7:db:62:4f:
70:c9:77:41:dc:73:d8:09:dd:e5:df:d7:6a:96:d3:58:ca:58:
89:ff:86:90:34:96:48:e1:dc:60:41:e5:5b:2a:75:1a:75:74:
4a:67:55:63:03:1b:11:be:b9:da:41:78:48:bd:b2:96:d9:6e:
3b:48:a2:74:42:9f:2b:de:55:f2:eb:9d:99:e8:09:11:e2:30:
08:72:e9:aa:c0:d7:36:8c:34:8d:81:0b:e4:cb:94:b3:3e:54:
a3:3d:cb:81:b9:40:df:bf:fc:36:63:71:8e:db:fd:bd:d0:aa:
13:1d:17:94:f1:9e:39:89:dc:91:fb:13:65:89:f3:59:23:5e:
a7:7f:41:c1:b6:e9:1c:12:36:78:06:53:7f:01:39:9b:7f:46:
fa:1e:cb:74:d1:bb:7c:24:ce:24:0b:e8:8d:a9:78:ce:99:ab:
23:99:62:1c:91:fc:a6:1e:a6:a9:25:ca:c7:f3:41:c3:2b:17:
a2:e2:2d:ab:ea:cc:c2:42:eb:08:9a:4a:79:38:2e:08:0e:2f:
19:d4:eb:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcIu1J/5P8pVjX+BiBQMikDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjMwMzIyMDk1MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJiOTU4YmRlNzBjYWQ2ZDUxMDIzYjQyYjBmZWNjYTllZDczZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMU7NnUqDsXiIbiX7j4bpJxNV2Ac
dv3jtV+y7uFACxJf39fAQZfVEQ8YBLdAdUK2EoEUaOsgovWT2FNFrT1OFLWUlJSs
Jhs0rBi7PvRCHTMNpHrKhLlgqpy5WDyDum3CPN3q4u0RcJyYuDqsF9y+9noHjnXJ
7rS0ZqD7gjLxOScu1QFvj95bORxXYj2rBoLHq476DajolW5qHLCJyqPb7AuFBFHM
IVbHz6Uf3/v1sfB+udEl095extkwvGjNICYV2A29rS5FMjYS4cna/G/essf8z3bi
o/LUM1xBRf/SD4xekIa+MXOqyk6eegGy6qMfFLgdQmr7zmqck6B255euMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBwrlYvecMrW1RAjtCsP7Mqe1z5LMB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvSEN1Vmk5NXd5dGJWRUNPMEt3X3N5cDdYUGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVtQAwQC
uQ7gMA0EAgACMAcDBQAgARVoMA0GCSqGSIb3DQEBCwUAA4IBAQCC9OmXXkwQZi2E
O1idmA36F6gCFSSzob9qlLQvQh0R50dkZNjXBYJf7eozMPQ3ZJUXd8fbYk9wyXdB
3HPYCd3l39dqltNYyliJ/4aQNJZI4dxgQeVbKnUadXRKZ1VjAxsRvrnaQXhIvbKW
2W47SKJ0Qp8r3lXy652Z6AkR4jAIcumqwNc2jDSNgQvky5SzPlSjPcuBuUDfv/w2
Y3GO2/290KoTHReU8Z45idyR+xNlifNZI16nf0HBtukcEjZ4BlN/ATmbf0b6Hst0
0bt8JM4kC+iNqXjOmasjmWIckfymHqapJcrH80HDKxei4i2r6szCQusImkp5OC4I
Di8Z1OsR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org