Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/HMRKA3I1zaMyp7ijBrO6CT6BHTo.roa
File: HMRKA3I1zaMyp7ijBrO6CT6BHTo.roa (raw, json)
Hash identifier: bWcGkCkC64cJ0KDorOq0dNF4HNTPIS0AFQ/71cFfBac=
Subject key identifier: 1C:C4:4A:03:72:35:CD:A3:32:A7:B8:A3:06:B3:BA:09:3E:81:1D:3A
Certificate issuer: /CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Certificate serial: 0185720C74202FFE807B2F00BCA759AE76EA
Authority key identifier: 09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/HMRKA3I1zaMyp7ijBrO6CT6BHTo.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58102
IP address blocks: 91.238.208.0/23 maxlen: 24
2001:67c:106c::/48 maxlen: 48
2001:67c:1048::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:74:20:2f:fe:80:7b:2f:00:bc:a7:59:ae:76:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cc44a037235cda332a7b8a306b3ba093e811d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:ba:91:33:f8:78:57:ba:c7:d7:b6:fe:89:
cd:96:e4:fb:10:b3:21:04:8c:d9:e9:40:92:b7:4d:
e8:2e:55:33:93:b8:81:4a:e3:eb:63:12:26:64:de:
d5:73:6e:1c:a8:ef:44:84:52:c2:53:76:9d:7b:b5:
9f:a0:7d:d1:3d:ae:64:52:45:c1:64:dd:40:40:7b:
89:ad:e8:50:ad:8d:89:36:5e:8d:ec:49:dd:8d:1e:
19:2c:57:54:ce:be:7b:b9:dd:43:bf:4f:e4:c7:f9:
1a:1d:3b:8a:05:ec:44:a6:1e:10:1b:01:48:02:9b:
95:a7:36:f1:81:4a:ba:bd:b3:1b:74:a6:d9:a3:61:
bf:89:fe:80:3d:da:f1:9e:50:41:bf:a0:5a:78:91:
4e:08:49:77:c8:44:92:e9:22:c9:90:38:df:02:f9:
13:fe:28:67:c1:99:2c:b7:26:cf:cb:69:cd:74:1d:
b1:ba:f0:87:90:6b:d8:62:5c:26:da:7f:0f:f9:98:
7b:10:a9:8b:49:a5:5e:87:d7:76:59:f9:16:79:f3:
b3:a4:2a:00:4b:5c:79:c3:d3:97:7f:88:27:7a:40:
8c:e5:b6:f4:bc:a9:19:9b:5a:a2:ce:25:1b:b2:94:
96:e1:71:c6:03:b0:b1:c5:77:8c:09:29:c9:f0:96:
ee:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C4:4A:03:72:35:CD:A3:32:A7:B8:A3:06:B3:BA:09:3E:81:1D:3A
X509v3 Authority Key Identifier:
keyid:09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/HMRKA3I1zaMyp7ijBrO6CT6BHTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/CVeyPIN5W8NcMLwTZaMP3zN1rIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.208.0/23
IPv6:
2001:67c:1048::/48
2001:67c:106c::/48
Signature Algorithm: sha256WithRSAEncryption
4f:cf:b4:51:52:5d:02:59:2a:52:d4:eb:8c:44:df:26:54:f1:
71:7a:9b:f9:6e:61:e3:a5:0f:46:6b:34:4e:58:f9:1a:80:d9:
f8:60:fe:fe:80:29:6d:14:98:13:e4:d8:84:32:6f:f2:98:70:
85:af:da:b0:83:43:0e:32:66:42:ac:9d:10:ae:73:f2:04:36:
49:58:31:83:06:e5:1c:8b:de:1d:d2:84:c4:d7:d6:92:fd:d8:
b6:70:2a:0c:d6:99:91:8c:f1:31:d5:bf:1c:06:b1:ac:da:6d:
90:d0:c2:48:4f:1c:6f:25:c2:08:26:61:74:fc:b8:a4:7a:3b:
0c:25:eb:1b:1a:64:74:0f:10:f8:61:ed:79:9f:8a:fb:61:2c:
35:70:64:dc:a3:fb:c9:4e:e9:30:cb:ae:45:c9:80:e8:56:c0:
18:c5:2f:fd:4c:35:ea:3b:c7:bd:22:73:0d:77:52:85:8c:6f:
dc:11:74:2f:c1:f1:94:1e:f4:cc:88:4e:81:98:36:c8:75:03:
3f:b6:02:ba:b5:0a:24:a4:81:f0:30:7f:ae:48:00:cb:84:f3:
2b:ea:a3:40:5e:3e:27:4b:f2:e0:f9:94:d2:76:4c:e9:1f:de:
04:2a:38:21:a7:a5:57:b2:27:24:6e:9d:1a:4a:43:cb:b2:d3:
15:8d:16:21
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyDHQgL/6Aey8AvKdZrnbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTdiMjNjODM3OTViYzM1YzMwYmMxMzY1YTMwZmRmMzM3
NWFjODkwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M0NGEwMzcyMzVjZGEzMzJhN2I4YTMwNmIzYmEwOTNlODExZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGS6kTP4eFe6x9e2/onNluT7ELMh
BIzZ6UCSt03oLlUzk7iBSuPrYxImZN7Vc24cqO9EhFLCU3ade7WfoH3RPa5kUkXB
ZN1AQHuJrehQrY2JNl6N7EndjR4ZLFdUzr57ud1Dv0/kx/kaHTuKBexEph4QGwFI
ApuVpzbxgUq6vbMbdKbZo2G/if6APdrxnlBBv6BaeJFOCEl3yESS6SLJkDjfAvkT
/ihnwZkstybPy2nNdB2xuvCHkGvYYlwm2n8P+Zh7EKmLSaVeh9d2WfkWefOzpCoA
S1x5w9OXf4gnekCM5bb0vKkZm1qiziUbspSW4XHGA7CxxXeMCSnJ8JbuCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBzESgNyNc2jMqe4owazugk+gR06MB8GA1UdIwQY
MBaAFAlXsjyDeVvDXDC8E2WjD98zdayJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMt
MWU5MmM3YmRjNTgyLzEvSE1SS0EzSTF6YU15cDdpakJyTzZDVDZCSFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMtMWU5MmM3YmRjNTgy
LzEvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBW+7QMBgE
AgACMBIDBwAgAQZ8EEgDBwAgAQZ8EGwwDQYJKoZIhvcNAQELBQADggEBAE/PtFFS
XQJZKlLU64xE3yZU8XF6m/luYeOlD0ZrNE5Y+RqA2fhg/v6AKW0UmBPk2IQyb/KY
cIWv2rCDQw4yZkKsnRCuc/IENklYMYMG5RyL3h3ShMTX1pL92LZwKgzWmZGM8THV
vxwGsazabZDQwkhPHG8lwggmYXT8uKR6Owwl6xsaZHQPEPhh7XmfivthLDVwZNyj
+8lO6TDLrkXJgOhWwBjFL/1MNeo7x70icw13UoWMb9wRdC/B8ZQe9MyIToGYNsh1
Az+2Arq1CiSkgfAwf65IAMuE8yvqo0BePidL8uD5lNJ2TOkf3gQqOCGnpVeyJyRu
nRpKQ8uy0xWNFiE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:04 2024 by rpki-client on console-ams.rpki-client.org