Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/HOUzLTuYn5CRW7fCNrgLiFLQpLQ.roa
File: HOUzLTuYn5CRW7fCNrgLiFLQpLQ.roa (raw, json)
Hash identifier: H8TJPGKQunM8LV92K0kPZ7ofccaizAOZaaP/HY/fO+c=
Subject key identifier: 1C:E5:33:2D:3B:98:9F:90:91:5B:B7:C2:36:B8:0B:88:52:D0:A4:B4
Certificate issuer: /CN=e8534643ec4826b439417fdb3cb2c493e61f949e
Certificate serial: 01856F66E29C399644E58067A6A123CA7EF3
Authority key identifier: E8:53:46:43:EC:48:26:B4:39:41:7F:DB:3C:B2:C4:93:E6:1F:94:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/HOUzLTuYn5CRW7fCNrgLiFLQpLQ.roa
Signing time: Sun 01 Jan 2023 22:14:51 +0000
ROA not before: Sun 01 Jan 2023 22:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44622
IP address blocks: 91.225.252.0/24 maxlen: 24
91.225.253.0/24 maxlen: 24
91.225.255.0/24 maxlen: 24
91.225.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e2:9c:39:96:44:e5:80:67:a6:a1:23:ca:7e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8534643ec4826b439417fdb3cb2c493e61f949e
Validity
Not Before: Jan 1 22:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ce5332d3b989f90915bb7c236b80b8852d0a4b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:86:f7:83:cd:3e:7a:50:db:9a:49:f5:49:a2:
57:6a:92:5e:20:73:a4:aa:cc:71:b3:59:80:95:c3:
43:71:a8:e9:f4:45:c6:f4:6c:52:cf:f4:c5:2a:53:
62:57:f7:a1:a7:14:50:7c:18:4d:43:b1:8c:1e:a4:
8e:60:f1:0f:43:7e:e0:3c:be:36:93:56:f0:aa:32:
95:fe:c5:67:e0:fe:f1:4d:b6:98:b7:19:61:10:fd:
2d:0a:7e:7f:7e:df:7c:b7:d2:41:56:9e:75:fd:7a:
4c:44:8d:f6:5a:61:86:8f:4b:5b:7e:c1:16:0e:cd:
be:7f:34:75:ae:b3:7c:23:e5:65:19:3a:67:d2:18:
ee:91:92:73:88:1e:5f:7d:ef:5d:d5:a7:eb:35:d2:
31:6a:86:33:7a:2d:f9:3a:c3:4d:88:f2:5f:34:a1:
9f:52:c5:73:0d:b4:49:b6:69:4b:05:fd:ce:8e:e2:
81:80:c5:e5:88:ea:93:ce:80:5e:03:fa:e3:3e:aa:
5a:03:e8:80:3a:69:02:ec:0d:3a:a8:89:f2:32:e9:
38:de:85:3f:18:c7:2e:13:0a:13:f8:05:7f:ac:c8:
1b:5a:59:af:de:19:b7:fb:b6:cc:73:db:c6:54:c7:
e2:f5:2f:af:89:90:ef:4b:a6:53:00:35:41:05:43:
4e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E5:33:2D:3B:98:9F:90:91:5B:B7:C2:36:B8:0B:88:52:D0:A4:B4
X509v3 Authority Key Identifier:
keyid:E8:53:46:43:EC:48:26:B4:39:41:7F:DB:3C:B2:C4:93:E6:1F:94:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/HOUzLTuYn5CRW7fCNrgLiFLQpLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:0e:1f:e9:7b:0b:a1:4f:d1:93:b9:b3:6f:e6:b3:d1:94:43:
a6:57:14:89:1e:d6:50:f4:e6:07:34:80:9c:85:6a:dd:b2:ba:
cd:f4:03:e0:df:dc:f2:fc:28:95:7f:88:e7:14:74:10:98:2b:
86:88:c4:be:11:d4:cc:db:3a:0c:fe:88:f4:74:a0:68:3d:89:
da:88:48:24:bc:9a:fd:8f:48:40:01:2c:a8:d4:f2:e7:4d:65:
4c:9e:01:c1:9a:72:df:02:8d:c8:bb:11:a7:91:4c:dd:bb:f2:
f3:a3:46:62:96:16:93:eb:e7:20:78:b8:13:ae:8c:f7:b9:1e:
8f:b8:a4:7a:72:68:d7:32:34:64:aa:26:76:fc:3b:d7:60:39:
f7:e5:e0:3f:a7:c3:40:60:e2:95:6c:00:79:8d:f6:2f:a5:cb:
6f:7f:92:85:bd:b5:01:cc:33:db:5a:80:fd:85:c7:22:18:fc:
37:af:d2:5a:14:58:22:e2:f3:0e:e0:4e:e4:fa:ad:c5:aa:d0:
d9:c0:d5:da:f6:35:3d:aa:06:85:ea:e7:5c:3e:8d:7a:24:e0:
df:35:6f:e3:55:b6:28:77:a8:8f:f3:6b:91:f4:b7:fe:28:f3:
63:7b:c3:81:43:7a:9b:3f:e8:de:77:a9:b6:8d:85:77:fe:78:
e8:34:04:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZuKcOZZE5YBnpqEjyn7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NTM0NjQzZWM0ODI2YjQzOTQxN2ZkYjNjYjJjNDkzZTYx
Zjk0OWUwHhcNMjMwMTAxMjIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2U1MzMyZDNiOTg5ZjkwOTE1YmI3YzIzNmI4MGI4ODUyZDBhNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIb3g80+elDbmkn1SaJXapJeIHOk
qsxxs1mAlcNDcajp9EXG9GxSz/TFKlNiV/ehpxRQfBhNQ7GMHqSOYPEPQ37gPL42
k1bwqjKV/sVn4P7xTbaYtxlhEP0tCn5/ft98t9JBVp51/XpMRI32WmGGj0tbfsEW
Ds2+fzR1rrN8I+VlGTpn0hjukZJziB5ffe9d1afrNdIxaoYzei35OsNNiPJfNKGf
UsVzDbRJtmlLBf3OjuKBgMXliOqTzoBeA/rjPqpaA+iAOmkC7A06qInyMuk43oU/
GMcuEwoT+AV/rMgbWlmv3hm3+7bMc9vGVMfi9S+viZDvS6ZTADVBBUNOVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzlMy07mJ+QkVu3wja4C4hS0KS0MB8GA1UdIwQY
MBaAFOhTRkPsSCa0OUF/2zyyxJPmH5SeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZOR1EteElKclE1UVhfYlBMTEVrLVlmbEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84M2NhZTYtNWJjYi00OGM0LThlYmQt
MjlkZTQ4ZWUwMGI5LzEvSE9VekxUdVluNUNSVzdmQ05yZ0xpRkxRcExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84M2NhZTYtNWJjYi00OGM0LThlYmQtMjlkZTQ4ZWUwMGI5
LzEvNkZOR1EteElKclE1UVhfYlBMTEVrLVlmbEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+H8MA0G
CSqGSIb3DQEBCwUAA4IBAQAbDh/pewuhT9GTubNv5rPRlEOmVxSJHtZQ9OYHNICc
hWrdsrrN9APg39zy/CiVf4jnFHQQmCuGiMS+EdTM2zoM/oj0dKBoPYnaiEgkvJr9
j0hAASyo1PLnTWVMngHBmnLfAo3IuxGnkUzdu/Lzo0ZilhaT6+cgeLgTroz3uR6P
uKR6cmjXMjRkqiZ2/DvXYDn35eA/p8NAYOKVbAB5jfYvpctvf5KFvbUBzDPbWoD9
hcciGPw3r9JaFFgi4vMO4E7k+q3FqtDZwNXa9jU9qgaF6udcPo16JODfNW/jVbYo
d6iP82uR9Lf+KPNje8OBQ3qbP+jed6m2jYV3/njoNASq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:06 2024 by rpki-client on console-fra.rpki-client.org