Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HUu88so7sBifc4PxbIEVgvvj4L8.roa
File: HUu88so7sBifc4PxbIEVgvvj4L8.roa (raw, json)
Hash identifier: auFuCHYrXHcHtZ7FZaLQG9Z2EB/pbDhZJahyW40odME=
Subject key identifier: 1D:4B:BC:F2:CA:3B:B0:18:9F:73:83:F1:6C:81:15:82:FB:E3:E0:BF
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018968167F2CA140840F5E1471F15AF71119
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HUu88so7sBifc4PxbIEVgvvj4L8.roa
Signing time: Tue 18 Jul 2023 08:20:52 +0000
ROA not before: Tue 18 Jul 2023 08:20:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 22
45.65.112.0/24 maxlen: 24
45.65.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:16:7f:2c:a1:40:84:0f:5e:14:71:f1:5a:f7:11:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 18 08:20:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d4bbcf2ca3bb0189f7383f16c811582fbe3e0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:90:59:8b:9f:57:d4:76:a0:0e:74:41:16:19:
ef:e2:18:34:eb:2a:b0:0f:ce:32:4d:f7:81:a0:68:
37:b8:b4:fa:8a:c3:55:94:e1:34:fa:54:7d:4d:2d:
2e:89:f7:80:3a:bf:7c:1c:1a:be:e9:82:7b:ac:33:
8c:c3:b6:34:f0:42:d3:a1:47:0b:1d:2a:41:46:b9:
8c:20:c3:64:d2:0e:7c:71:7d:9d:66:b5:de:fe:58:
ae:a6:ee:80:03:e0:a9:cd:da:ba:f8:73:44:c1:29:
8f:8c:df:83:14:97:6d:f4:61:0e:72:54:33:e2:6e:
94:38:57:67:21:06:28:6f:a5:9f:c8:66:b6:62:c7:
df:c9:e2:f7:b2:78:15:84:da:45:17:9b:af:f4:be:
0d:63:7b:c1:d8:e0:5a:7b:0d:4d:66:2e:94:dd:8c:
ae:d4:3e:3d:52:a6:10:ec:41:71:97:9d:dc:33:76:
97:97:be:71:b2:9a:60:50:01:32:ac:58:bb:22:90:
be:46:4d:a0:44:57:3a:39:f9:e2:01:2c:02:25:a8:
aa:5f:2f:ae:08:24:1c:54:47:10:03:38:ed:19:15:
ff:3a:ad:8c:41:3a:d7:7f:83:82:4c:2d:64:49:42:
e0:bd:ef:50:c0:cf:dd:a9:ea:db:08:15:86:bd:73:
3e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4B:BC:F2:CA:3B:B0:18:9F:73:83:F1:6C:81:15:82:FB:E3:E0:BF
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HUu88so7sBifc4PxbIEVgvvj4L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.112.0/23
188.209.128.0/22
Signature Algorithm: sha256WithRSAEncryption
77:a3:d7:26:b2:34:63:24:77:fa:a0:d6:e2:c5:fb:e8:a4:69:
2b:4c:37:96:1a:62:9b:b9:b7:47:7a:b4:a7:93:99:0c:f4:f4:
1f:ac:c5:c7:9b:b5:ca:e6:4d:7a:eb:3b:d3:5d:c7:f0:e7:d6:
8b:8d:01:6e:0c:28:ea:50:90:b4:9f:1e:af:a3:b7:a5:84:fc:
a3:e9:36:ab:32:63:80:51:e7:f4:3e:81:28:2f:4f:6d:d1:99:
e7:84:c6:00:e2:53:1c:5a:94:9b:b8:1e:98:13:52:57:3d:65:
a0:0d:21:4f:ac:b7:ee:06:6d:d2:3d:16:64:09:91:e3:3d:f8:
f1:e4:23:d0:02:2d:ae:c6:7d:31:5d:e2:9d:7d:c4:55:d4:1e:
60:73:ef:0b:32:f1:49:4a:36:7d:cb:f6:f4:53:c2:3a:8a:15:
e7:f4:74:54:74:95:5d:d7:9b:b5:2f:33:93:85:ed:08:33:30:
10:ee:b7:39:fd:c3:ac:5d:2b:7e:9a:58:52:6b:4f:28:47:2b:
41:ba:44:71:96:ed:00:04:8e:e7:50:6a:15:e4:70:f0:84:c1:
7e:4c:dc:72:45:70:e9:92:d4:28:81:ef:80:6a:c3:5b:80:8b:
ed:c6:f4:8a:ef:a5:d7:9f:d3:fa:e1:8b:ae:4b:14:a6:b1:a3:
86:81:e2:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYloFn8soUCED14UcfFa9xEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNzE4MDgyMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDRiYmNmMmNhM2JiMDE4OWY3MzgzZjE2YzgxMTU4MmZiZTNlMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJBZi59X1HagDnRBFhnv4hg06yqw
D84yTfeBoGg3uLT6isNVlOE0+lR9TS0uifeAOr98HBq+6YJ7rDOMw7Y08ELToUcL
HSpBRrmMIMNk0g58cX2dZrXe/liupu6AA+Cpzdq6+HNEwSmPjN+DFJdt9GEOclQz
4m6UOFdnIQYob6WfyGa2YsffyeL3sngVhNpFF5uv9L4NY3vB2OBaew1NZi6U3Yyu
1D49UqYQ7EFxl53cM3aXl75xsppgUAEyrFi7IpC+Rk2gRFc6OfniASwCJaiqXy+u
CCQcVEcQAzjtGRX/Oq2MQTrXf4OCTC1kSULgve9QwM/dqerbCBWGvXM+zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1LvPLKO7AYn3OD8WyBFYL74+C/MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSFV1ODhzbzdzQmlmYzRQeGJJRVZndnZqNEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUFwAwQC
vNGAMA0GCSqGSIb3DQEBCwUAA4IBAQB3o9cmsjRjJHf6oNbixfvopGkrTDeWGmKb
ubdHerSnk5kM9PQfrMXHm7XK5k166zvTXcfw59aLjQFuDCjqUJC0nx6vo7elhPyj
6TarMmOAUef0PoEoL09t0ZnnhMYA4lMcWpSbuB6YE1JXPWWgDSFPrLfuBm3SPRZk
CZHjPfjx5CPQAi2uxn0xXeKdfcRV1B5gc+8LMvFJSjZ9y/b0U8I6ihXn9HRUdJVd
15u1LzOThe0IMzAQ7rc5/cOsXSt+mlhSa08oRytBukRxlu0ABI7nUGoV5HDwhMF+
TNxyRXDpktQoge+AasNbgIvtxvSK76XXn9P64YuuSxSmsaOGgeKO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org