Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HR_aT9S0fNUXp3fJAhkk-2NLTuM.roa
File: HR_aT9S0fNUXp3fJAhkk-2NLTuM.roa (raw, json)
Hash identifier: iedgj2IUd4TmfAsqsoKFer2JHsRnFqpw1DJQa4dTfDY=
Subject key identifier: 1D:1F:DA:4F:D4:B4:7C:D5:17:A7:77:C9:02:19:24:FB:63:4B:4E:E3
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B70A64C83E7417E485942DA7CE8E5
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HR_aT9S0fNUXp3fJAhkk-2NLTuM.roa
Signing time: Sun 01 Jan 2023 21:44:53 +0000
ROA not before: Sun 01 Jan 2023 21:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.122.0/24 maxlen: 24
91.194.218.0/24 maxlen: 24
2001:7f8:cd::/48 maxlen: 48
2001:7f8:61::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:70:a6:4c:83:e7:41:7e:48:59:42:da:7c:e8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d1fda4fd4b47cd517a777c9021924fb634b4ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:20:d7:47:f2:d9:a2:07:90:ba:0d:4b:1b:6b:
a2:f7:58:51:79:94:a3:33:06:d6:45:52:2e:a4:8e:
c5:ed:64:f7:74:9c:66:b7:ec:ff:be:df:99:21:5a:
24:2f:80:bb:fe:1b:ba:23:22:a8:36:2a:09:78:e2:
ab:15:ec:c2:b2:8c:06:98:9c:d9:a9:7e:a9:a6:89:
65:bf:a1:a4:ce:53:77:2a:da:fb:95:34:c5:93:f2:
ee:b2:dc:a3:e2:5d:34:d7:27:dc:1f:1d:6d:cb:aa:
65:46:45:2f:2b:9d:6c:b0:d6:46:83:ca:21:d6:97:
a0:79:bd:c9:aa:0a:5e:9a:fe:4c:be:0d:89:e4:86:
24:fc:1f:c5:7f:35:4f:8e:21:55:6c:eb:7d:c1:f9:
c2:8a:8b:e2:af:d6:41:bf:07:0d:86:b8:e4:5a:2b:
e4:6b:fd:f3:23:6d:13:f3:6d:f1:9e:8f:0a:88:7f:
f3:5a:99:2c:3d:6b:de:56:09:ae:4f:13:a3:0d:3f:
39:64:bf:99:8d:84:8a:24:33:c8:30:ba:40:7e:d6:
9e:0b:51:ae:22:9a:35:0d:f2:65:5d:f6:08:5a:70:
74:d7:5a:61:e7:b6:11:0e:46:5b:42:f1:79:79:c1:
86:33:10:23:c3:a0:85:f2:3a:ed:20:ce:ae:84:20:
4a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1F:DA:4F:D4:B4:7C:D5:17:A7:77:C9:02:19:24:FB:63:4B:4E:E3
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HR_aT9S0fNUXp3fJAhkk-2NLTuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.218.0/24
185.1.122.0/24
IPv6:
2001:7f8:61::/48
2001:7f8:cd::/48
Signature Algorithm: sha256WithRSAEncryption
29:bd:76:75:11:59:10:09:25:31:f9:ff:35:b8:5d:3b:d6:78:
30:c6:c8:ea:18:33:3a:20:2d:fe:53:80:8b:47:2f:9b:7c:80:
b8:7a:74:0c:3e:23:4d:58:ed:6e:cc:ab:52:aa:94:00:de:1f:
01:da:f0:e3:37:71:ec:70:c9:70:ef:50:de:59:ee:57:8d:cd:
96:8f:ff:6a:f4:fe:b2:a7:23:98:ef:92:00:7b:7c:2b:50:52:
a5:5f:92:27:c3:34:43:44:3e:e6:92:36:c6:dd:75:e9:62:31:
30:c8:8e:b0:df:f6:7d:f4:c2:67:af:aa:31:20:62:60:b4:f7:
ac:ff:51:25:6d:b4:b1:8b:e2:ee:f7:4b:cf:8d:3d:88:2e:29:
84:d7:54:11:21:77:7c:e8:9a:29:91:fd:fb:26:11:50:5b:4e:
a2:9b:3f:a6:dd:5c:84:4b:c9:57:3a:5f:31:db:82:d8:97:b4:
35:4e:0f:b8:f3:ad:99:92:76:3a:37:7f:f0:e2:29:ae:8d:df:
8f:6d:59:24:14:2f:f2:92:ad:08:a6:29:b9:56:70:b5:81:36:
fc:d2:19:c5:f0:94:f6:1c:f7:d1:d8:b8:1b:27:04:1c:fb:c7:
fd:58:11:88:dc:f7:61:14:90:37:bf:c2:27:13:b4:ef:6e:f4:
73:de:78:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvS3CmTIPnQX5IWULafOjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDFmZGE0ZmQ0YjQ3Y2Q1MTdhNzc3YzkwMjE5MjRmYjYzNGI0ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSDXR/LZogeQug1LG2ui91hReZSj
MwbWRVIupI7F7WT3dJxmt+z/vt+ZIVokL4C7/hu6IyKoNioJeOKrFezCsowGmJzZ
qX6ppollv6GkzlN3Ktr7lTTFk/Lustyj4l001yfcHx1ty6plRkUvK51ssNZGg8oh
1pegeb3Jqgpemv5Mvg2J5IYk/B/FfzVPjiFVbOt9wfnCiovir9ZBvwcNhrjkWivk
a/3zI20T823xno8KiH/zWpksPWveVgmuTxOjDT85ZL+ZjYSKJDPIMLpAftaeC1Gu
Ipo1DfJlXfYIWnB011ph57YRDkZbQvF5ecGGMxAjw6CF8jrtIM6uhCBKdQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB0f2k/UtHzVF6d3yQIZJPtjS07jMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvSFJfYVQ5UzBmTlVYcDNmSkFoa2stMk5MVHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW8LaAwQA
uQF6MBgEAgACMBIDBwAgAQf4AGEDBwAgAQf4AM0wDQYJKoZIhvcNAQELBQADggEB
ACm9dnURWRAJJTH5/zW4XTvWeDDGyOoYMzogLf5TgItHL5t8gLh6dAw+I01Y7W7M
q1KqlADeHwHa8OM3cexwyXDvUN5Z7leNzZaP/2r0/rKnI5jvkgB7fCtQUqVfkifD
NENEPuaSNsbddeliMTDIjrDf9n30wmevqjEgYmC096z/USVttLGL4u73S8+NPYgu
KYTXVBEhd3zomimR/fsmEVBbTqKbP6bdXIRLyVc6XzHbgtiXtDVOD7jzrZmSdjo3
f/DiKa6N349tWSQUL/KSrQimKblWcLWBNvzSGcXwlPYc99HYuBsnBBz7x/1YEYjc
92EUkDe/wicTtO9u9HPeeE0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:02 2024 by rpki-client on console-ams.rpki-client.org