Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hkoDI0C_jsW9IpTNN3kduoR9jKo.roa
File: hkoDI0C_jsW9IpTNN3kduoR9jKo.roa (raw, json)
Hash identifier: Hv9CgWH8hjH6KjanzFW0lxZy8s4jdFS5fe+wi4Iv8Ig=
Subject key identifier: 86:4A:03:23:40:BF:8E:C5:BD:22:94:CD:37:79:1D:BA:84:7D:8C:AA
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018BF7EB19CA27344D91CBB3ADEF1F4A54F2
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hkoDI0C_jsW9IpTNN3kduoR9jKo.roa
Signing time: Wed 22 Nov 2023 16:44:21 +0000
ROA not before: Wed 22 Nov 2023 16:44:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 91.243.176.0/24 maxlen: 24
89.46.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:eb:19:ca:27:34:4d:91:cb:b3:ad:ef:1f:4a:54:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Nov 22 16:44:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=864a032340bf8ec5bd2294cd37791dba847d8caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8c:0e:00:3a:81:b5:af:2a:33:73:04:55:c7:
5a:ca:ed:7a:00:f6:15:91:f9:69:a0:53:4b:dc:c4:
5e:c1:ec:77:77:db:52:54:65:df:b4:6d:d7:16:91:
74:55:06:a4:c9:ea:d3:89:4c:a7:81:08:a0:4e:73:
66:a6:42:92:75:42:d0:c0:8b:86:5f:59:6b:01:c8:
9a:98:5c:19:c6:4b:3b:c2:d9:c9:f9:ab:b2:0d:b5:
cb:f6:8a:fb:ec:6b:b9:b9:32:02:16:cf:f1:71:96:
81:9e:d2:1f:0b:c8:f6:76:e6:0a:b6:84:2b:f4:51:
d1:e3:03:cf:8c:98:79:bd:43:ac:fb:a0:9f:4f:46:
32:48:fa:a5:c7:7c:e7:aa:05:40:ae:4f:3b:9d:97:
0c:5e:3f:e5:78:43:b6:81:eb:2c:f4:df:f1:7d:02:
aa:7b:bf:e8:70:4a:7f:73:75:51:cb:82:d0:f7:d9:
bc:5b:f9:20:5f:57:e7:78:60:49:7b:57:f1:1a:e1:
49:76:53:15:d1:b0:96:91:cc:a9:a1:c1:0d:af:77:
74:5e:6e:59:e8:e5:0a:b3:86:79:c8:48:ee:34:de:
d0:e6:ce:1f:38:10:5b:59:b6:f0:8f:28:73:ec:de:
51:c2:08:72:23:c0:7a:8f:cc:c9:2a:c5:3f:6a:eb:
24:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4A:03:23:40:BF:8E:C5:BD:22:94:CD:37:79:1D:BA:84:7D:8C:AA
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hkoDI0C_jsW9IpTNN3kduoR9jKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.8.0/24
91.243.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:49:5c:47:1f:4e:fe:53:60:d7:a0:65:bc:e6:6e:5d:b8:da:
ef:1c:e5:5c:a8:5f:90:c7:5d:98:20:99:f5:eb:e9:8c:6e:36:
73:33:2c:61:61:a4:28:e5:c3:ba:06:c0:c5:2a:16:3f:0d:f4:
0d:bc:93:53:a1:ca:af:b3:25:18:42:a3:69:16:ee:31:b5:e5:
a0:74:b2:97:01:0c:2a:bd:69:3f:63:09:82:c3:57:26:a7:0e:
47:9f:38:6f:a3:ea:ad:58:fb:0b:41:22:6c:62:20:03:8e:89:
94:36:02:b6:8a:a3:94:de:a4:b4:4b:56:fd:35:f2:c1:69:6a:
2c:42:b8:97:af:87:6a:1c:af:11:de:50:ed:8c:3d:c8:ee:a8:
20:d0:63:fb:7c:f8:eb:99:1c:b3:3c:3c:79:b7:a0:1e:17:6c:
8c:9c:cf:df:a1:17:b9:09:0a:fc:8f:9f:0f:d2:a3:b5:cf:54:
63:2c:d8:ca:8a:00:d9:45:66:d0:92:5f:2a:d8:79:0b:e9:aa:
a5:64:27:9d:7e:0b:5c:2d:50:2c:de:ed:3f:8c:b3:47:76:67:
64:80:90:f3:60:63:d1:c6:a7:60:71:c3:01:09:a9:87:cf:bb:
56:70:51:93:6c:d7:7b:37:20:34:ae:5c:c6:63:84:b0:72:ca:
d6:69:02:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv36xnKJzRNkcuzre8fSlTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMTIyMTY0NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRhMDMyMzQwYmY4ZWM1YmQyMjk0Y2QzNzc5MWRiYTg0N2Q4Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYwOADqBta8qM3MEVcdayu16APYV
kflpoFNL3MRewex3d9tSVGXftG3XFpF0VQakyerTiUyngQigTnNmpkKSdULQwIuG
X1lrAciamFwZxks7wtnJ+auyDbXL9or77Gu5uTICFs/xcZaBntIfC8j2duYKtoQr
9FHR4wPPjJh5vUOs+6CfT0YySPqlx3znqgVArk87nZcMXj/leEO2gess9N/xfQKq
e7/ocEp/c3VRy4LQ99m8W/kgX1fneGBJe1fxGuFJdlMV0bCWkcypocENr3d0Xm5Z
6OUKs4Z5yEjuNN7Q5s4fOBBbWbbwjyhz7N5RwghyI8B6j8zJKsU/auskVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZKAyNAv47FvSKUzTd5HbqEfYyqMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvaGtvREkwQ19qc1c5SXBUTk4za2R1b1I5aktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS4IAwQA
W/OwMA0GCSqGSIb3DQEBCwUAA4IBAQAbSVxHH07+U2DXoGW85m5duNrvHOVcqF+Q
x12YIJn16+mMbjZzMyxhYaQo5cO6BsDFKhY/DfQNvJNTocqvsyUYQqNpFu4xteWg
dLKXAQwqvWk/YwmCw1cmpw5Hnzhvo+qtWPsLQSJsYiADjomUNgK2iqOU3qS0S1b9
NfLBaWosQriXr4dqHK8R3lDtjD3I7qgg0GP7fPjrmRyzPDx5t6AeF2yMnM/foRe5
CQr8j58P0qO1z1RjLNjKigDZRWbQkl8q2HkL6aqlZCedfgtcLVAs3u0/jLNHdmdk
gJDzYGPRxqdgccMBCamHz7tWcFGTbNd7NyA0rlzGY4SwcsrWaQLp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org