Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9bb40d-ad28-4e51-84b8-5ae53a06eaa7/1/Hujyi7HYOKUD5aPvC6FJvPESHa8.roa
File: Hujyi7HYOKUD5aPvC6FJvPESHa8.roa (raw, json)
Hash identifier: 4FF1plDr7XRyaKAY2WohIttvERMdKVZkmLq+IHxP3pM=
Subject key identifier: 1E:E8:F2:8B:B1:D8:38:A5:03:E5:A3:EF:0B:A1:49:BC:F1:12:1D:AF
Certificate issuer: /CN=f156db2d2874f9e5985c9f18f05fe56e83f09516
Certificate serial: 01857079706453632106A760726B44298911
Authority key identifier: F1:56:DB:2D:28:74:F9:E5:98:5C:9F:18:F0:5F:E5:6E:83:F0:95:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8VbbLSh0-eWYXJ8Y8F_lboPwlRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9bb40d-ad28-4e51-84b8-5ae53a06eaa7/1/Hujyi7HYOKUD5aPvC6FJvPESHa8.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 91.206.11.0/24 maxlen: 24
2a10:a1c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:70:64:53:63:21:06:a7:60:72:6b:44:29:89:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f156db2d2874f9e5985c9f18f05fe56e83f09516
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ee8f28bb1d838a503e5a3ef0ba149bcf1121daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cb:60:0c:d8:98:c9:9c:04:78:03:b0:a2:bc:
4b:62:0b:a8:a0:c9:b4:6b:ed:0b:4c:28:a1:47:37:
54:5c:05:08:e5:ec:06:e1:15:63:45:57:0c:33:ee:
d5:7f:f6:be:51:5c:4a:ca:72:af:bd:2d:6e:53:b4:
44:01:d0:b7:d1:82:87:d3:14:6f:a1:9f:a3:5b:86:
4b:01:ca:d0:d1:6a:10:f8:89:d8:0d:76:09:f9:f7:
e0:11:5e:b5:00:27:52:bb:0f:24:41:85:f5:d1:76:
35:84:1f:8b:e8:5e:de:1e:2a:44:1e:07:be:d1:fc:
ae:5c:df:15:e9:ac:fb:ef:7a:11:0a:db:ee:2f:fc:
1d:70:34:05:5b:4c:9f:70:2b:db:5f:c3:62:a0:11:
fc:10:19:54:59:34:62:f9:54:97:a3:b8:df:4e:82:
db:07:3c:e4:1f:7e:ca:b4:f7:62:1c:70:42:ab:0a:
7c:79:a2:57:94:0e:ec:dc:1c:02:6b:81:f2:ce:9a:
42:17:ba:df:08:eb:d7:93:70:62:13:9c:7d:4f:a7:
ac:bb:0e:05:04:08:ce:51:89:f3:e5:29:3d:5a:40:
e8:5b:3d:4b:0d:3d:07:9f:2b:d5:d9:ac:c0:dd:31:
be:68:be:0f:52:c2:c8:ae:b8:72:6a:54:03:f4:eb:
3f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E8:F2:8B:B1:D8:38:A5:03:E5:A3:EF:0B:A1:49:BC:F1:12:1D:AF
X509v3 Authority Key Identifier:
keyid:F1:56:DB:2D:28:74:F9:E5:98:5C:9F:18:F0:5F:E5:6E:83:F0:95:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VbbLSh0-eWYXJ8Y8F_lboPwlRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9bb40d-ad28-4e51-84b8-5ae53a06eaa7/1/Hujyi7HYOKUD5aPvC6FJvPESHa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9bb40d-ad28-4e51-84b8-5ae53a06eaa7/1/8VbbLSh0-eWYXJ8Y8F_lboPwlRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.11.0/24
IPv6:
2a10:a1c0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:95:14:9e:b3:02:7e:4f:71:4a:00:70:ff:02:f4:27:bc:24:
cf:1b:4d:9f:a7:ab:95:6f:2c:e3:83:03:b8:69:25:4d:91:ad:
e6:ff:5d:8e:b5:1b:7f:d7:72:b7:8f:41:24:86:26:05:dd:91:
47:0e:9f:9d:6d:9b:28:95:de:d3:f8:e6:c9:49:65:65:28:d8:
a9:9e:73:d1:ed:93:44:b3:36:df:e1:fc:b8:a5:e4:43:6f:28:
bf:2d:02:97:13:b2:e9:fd:0e:4d:40:66:98:b4:6f:b3:de:86:
48:fc:cd:a9:64:e2:df:39:95:3f:e4:9c:99:3c:98:a8:04:af:
58:c0:2a:e8:15:98:22:e3:b7:d6:47:2f:d1:8f:24:fd:ed:83:
7b:8b:4c:f5:14:57:31:26:0e:58:02:12:c1:53:c6:f9:39:3a:
a7:e5:88:15:aa:e4:77:f8:f5:16:11:a5:4f:08:65:fc:33:cf:
94:ff:69:3f:3f:96:9c:86:07:6b:ae:44:04:dc:69:4f:ce:3d:
b1:10:29:d2:a8:ac:ec:e3:37:85:68:78:23:91:3f:64:d8:b4:
93:1a:a5:68:94:d5:92:ec:27:8e:ac:fa:f7:ab:00:69:f1:7e:
82:98:f3:03:93:c3:f0:8b:e0:84:a9:7e:aa:b8:0d:75:51:3a:
23:c5:52:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweXBkU2MhBqdgcmtEKYkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNTZkYjJkMjg3NGY5ZTU5ODVjOWYxOGYwNWZlNTZlODNm
MDk1MTYwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWU4ZjI4YmIxZDgzOGE1MDNlNWEzZWYwYmExNDliY2YxMTIxZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ctgDNiYyZwEeAOworxLYguooMm0
a+0LTCihRzdUXAUI5ewG4RVjRVcMM+7Vf/a+UVxKynKvvS1uU7REAdC30YKH0xRv
oZ+jW4ZLAcrQ0WoQ+InYDXYJ+ffgEV61ACdSuw8kQYX10XY1hB+L6F7eHipEHge+
0fyuXN8V6az773oRCtvuL/wdcDQFW0yfcCvbX8NioBH8EBlUWTRi+VSXo7jfToLb
BzzkH37KtPdiHHBCqwp8eaJXlA7s3BwCa4HyzppCF7rfCOvXk3BiE5x9T6esuw4F
BAjOUYnz5Sk9WkDoWz1LDT0HnyvV2azA3TG+aL4PUsLIrrhyalQD9Os/CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB7o8oux2DilA+Wj7wuhSbzxEh2vMB8GA1UdIwQY
MBaAFPFW2y0odPnlmFyfGPBf5W6D8JUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZiYkxTaDAtZVdZWEo4WThGX2xib1B3bFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85YmI0MGQtYWQyOC00ZTUxLTg0Yjgt
NWFlNTNhMDZlYWE3LzEvSHVqeWk3SFlPS1VENWFQdkM2Rkp2UEVTSGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85YmI0MGQtYWQyOC00ZTUxLTg0YjgtNWFlNTNhMDZlYWE3
LzEvOFZiYkxTaDAtZVdZWEo4WThGX2xib1B3bFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW84LMA0E
AgACMAcDBQAqEKHAMA0GCSqGSIb3DQEBCwUAA4IBAQAulRSeswJ+T3FKAHD/AvQn
vCTPG02fp6uVbyzjgwO4aSVNka3m/12OtRt/13K3j0EkhiYF3ZFHDp+dbZsold7T
+ObJSWVlKNipnnPR7ZNEszbf4fy4peRDbyi/LQKXE7Lp/Q5NQGaYtG+z3oZI/M2p
ZOLfOZU/5JyZPJioBK9YwCroFZgi47fWRy/RjyT97YN7i0z1FFcxJg5YAhLBU8b5
OTqn5YgVquR3+PUWEaVPCGX8M8+U/2k/P5achgdrrkQE3GlPzj2xECnSqKzs4zeF
aHgjkT9k2LSTGqVolNWS7CeOrPr3qwBp8X6CmPMDk8Pwi+CEqX6quA11UTojxVKI
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:04 2024 by rpki-client on console-fra.rpki-client.org