Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/hHQGwySmGJzypzh0-cDDlO6jHzs.roa
File: hHQGwySmGJzypzh0-cDDlO6jHzs.roa (raw, json)
Hash identifier: UnJldsOn3vkE4BTEoYE+MzwRDThTgKj8fksk2iJffBw=
Subject key identifier: 84:74:06:C3:24:A6:18:9C:F2:A7:38:74:F9:C0:C3:94:EE:A3:1F:3B
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B774B0A9CEDB3E7614C7B4577A2EF
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/hHQGwySmGJzypzh0-cDDlO6jHzs.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34210
IP address blocks: 217.170.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:77:4b:0a:9c:ed:b3:e7:61:4c:7b:45:77:a2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=847406c324a6189cf2a73874f9c0c394eea31f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:3c:45:80:50:aa:a9:3e:84:31:83:0e:cc:
8f:f6:a8:0c:14:64:9b:14:16:1e:e2:2b:66:59:21:
96:c9:4c:1f:b9:c7:e7:e9:c0:5b:b1:9b:2f:b3:c8:
44:2d:84:ad:84:93:02:58:4c:b8:96:73:62:ae:c4:
d2:d1:de:76:2d:df:c2:73:a8:12:70:e0:f1:93:bb:
f2:e4:bf:f1:18:bd:89:4b:d8:ec:1b:a1:3d:73:2d:
96:55:f1:23:f4:39:38:40:f7:74:c9:9e:98:cb:ca:
ca:94:28:68:ab:71:4d:43:3f:8b:75:e3:7e:bc:7f:
45:19:c9:77:d8:9a:1c:fd:08:81:0f:e0:41:55:04:
ad:2e:68:0a:8a:90:7c:9d:78:d8:bd:07:af:87:10:
b6:c4:a9:5d:4d:86:0e:89:da:74:30:26:76:6d:03:
71:c0:5f:3a:8c:13:1e:86:7d:d1:76:65:20:e9:c3:
19:c6:45:34:dc:cd:f0:ff:1a:fd:f8:f3:81:79:df:
98:54:9a:13:88:91:38:10:6d:63:95:c0:7b:b3:ae:
37:c2:0c:62:eb:db:89:f1:f8:2b:1d:bb:02:a6:dd:
68:67:cd:ec:85:e6:75:92:d7:e1:87:41:88:69:3b:
ee:61:3a:54:6c:47:c6:52:74:64:a7:8b:3a:94:3a:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:74:06:C3:24:A6:18:9C:F2:A7:38:74:F9:C0:C3:94:EE:A3:1F:3B
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/hHQGwySmGJzypzh0-cDDlO6jHzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.8.0/24
Signature Algorithm: sha256WithRSAEncryption
12:8f:53:5b:3e:cb:4e:56:cd:2c:03:7f:fc:6b:f5:0a:0f:b1:
4f:e0:1e:2c:fe:88:3f:d0:a4:45:cd:c7:a0:d0:e3:d7:b7:9b:
d6:58:fb:3a:d6:ad:f9:1e:98:9c:c0:93:82:07:10:0a:e1:73:
7f:d4:59:9d:5d:b9:f4:a4:bd:60:a0:34:38:c0:73:47:10:4d:
6a:31:61:b4:15:da:83:04:f6:4a:36:88:50:df:b8:54:08:c5:
da:92:00:9c:5e:20:d9:9f:34:53:46:22:56:bd:8f:0c:83:c2:
9d:e4:e9:a1:17:ab:b8:55:53:ff:8a:7f:b3:2a:98:0f:3b:c0:
ec:17:6a:08:ab:6f:16:05:bf:18:72:0a:73:43:f6:33:ee:66:
72:4e:d2:97:e0:89:bb:0f:d1:c2:11:2e:2a:be:84:d4:52:4f:
0c:31:5c:c3:55:3e:5b:1c:40:5a:f1:63:85:b6:ce:94:95:8e:
9d:b2:29:ef:16:f7:76:8b:1c:24:ce:fb:d8:37:ea:85:c9:98:
eb:e8:8f:c8:3e:ab:0e:6f:65:3f:28:94:94:81:27:a8:74:9e:
33:81:ce:6c:ee:7a:0f:48:ad:fa:54:e0:1a:60:92:96:ae:51:
48:96:9b:ed:99:2b:c1:e6:ed:f2:51:9f:7e:92:5b:4e:9f:15:
fa:69:1b:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3dLCpzts+dhTHtFd6LvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDc0MDZjMzI0YTYxODljZjJhNzM4NzRmOWMwYzM5NGVlYTMxZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIc8RYBQqqk+hDGDDsyP9qgMFGSb
FBYe4itmWSGWyUwfucfn6cBbsZsvs8hELYSthJMCWEy4lnNirsTS0d52Ld/Cc6gS
cODxk7vy5L/xGL2JS9jsG6E9cy2WVfEj9Dk4QPd0yZ6Yy8rKlChoq3FNQz+LdeN+
vH9FGcl32Joc/QiBD+BBVQStLmgKipB8nXjYvQevhxC2xKldTYYOidp0MCZ2bQNx
wF86jBMehn3RdmUg6cMZxkU03M3w/xr9+POBed+YVJoTiJE4EG1jlcB7s643wgxi
69uJ8fgrHbsCpt1oZ83sheZ1ktfhh0GIaTvuYTpUbEfGUnRkp4s6lDorkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIR0BsMkphic8qc4dPnAw5Tuox87MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvaEhRR3d5U21HSnp5cHpoMC1jRERsTzZqSHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2aoIMA0G
CSqGSIb3DQEBCwUAA4IBAQASj1NbPstOVs0sA3/8a/UKD7FP4B4s/og/0KRFzceg
0OPXt5vWWPs61q35HpicwJOCBxAK4XN/1FmdXbn0pL1goDQ4wHNHEE1qMWG0FdqD
BPZKNohQ37hUCMXakgCcXiDZnzRTRiJWvY8Mg8Kd5OmhF6u4VVP/in+zKpgPO8Ds
F2oIq28WBb8YcgpzQ/Yz7mZyTtKX4Im7D9HCES4qvoTUUk8MMVzDVT5bHEBa8WOF
ts6UlY6dsinvFvd2ixwkzvvYN+qFyZjr6I/IPqsOb2U/KJSUgSeodJ4zgc5s7noP
SK36VOAaYJKWrlFIlpvtmSvB5u3yUZ9+kltOnxX6aRvn
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:02 2024 by rpki-client on console-ams.rpki-client.org