Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/96bea2-8e6d-44e8-a809-96b451f6000c/1/hhcIdII-xaYWi0knIa1CUKUyDY0.roa
File: hhcIdII-xaYWi0knIa1CUKUyDY0.roa (raw, json)
Hash identifier: 3X61qeTi64VQNIDqcnt3EqMAmS4bbuAsNVHv44Mxo7Y=
Subject key identifier: 86:17:08:74:82:3E:C5:A6:16:8B:49:27:21:AD:42:50:A5:32:0D:8D
Certificate issuer: /CN=b30d2047ff607eef85293760e9c11a6f5941d1b6
Certificate serial: 01856C1361FD3ED9EB0433C67A82161EADF7
Authority key identifier: B3:0D:20:47:FF:60:7E:EF:85:29:37:60:E9:C1:1A:6F:59:41:D1:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw0gR_9gfu-FKTdg6cEab1lB0bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/96bea2-8e6d-44e8-a809-96b451f6000c/1/hhcIdII-xaYWi0knIa1CUKUyDY0.roa
Signing time: Sun 01 Jan 2023 06:44:47 +0000
ROA not before: Sun 01 Jan 2023 06:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25444
IP address blocks: 195.20.126.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:61:fd:3e:d9:eb:04:33:c6:7a:82:16:1e:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30d2047ff607eef85293760e9c11a6f5941d1b6
Validity
Not Before: Jan 1 06:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86170874823ec5a6168b492721ad4250a5320d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:75:47:9b:96:b4:ca:0d:8d:a9:d9:68:00:
d0:06:cc:e7:d3:11:0c:5b:79:82:0d:ed:ae:8a:4a:
ce:22:f7:0c:3f:e9:ea:22:e4:d8:5a:54:ba:28:8b:
6f:b1:2b:04:7a:9a:29:1e:84:a1:bf:d2:06:c2:fb:
c8:94:e0:9e:b6:2c:17:e5:7f:43:69:8d:0b:ea:fb:
7c:ae:39:88:c6:94:b7:8a:32:98:dd:5d:cd:26:11:
c5:7b:09:07:1c:39:c3:90:a8:98:69:e7:24:d7:66:
d1:52:d0:ff:ee:df:19:52:3e:9a:1d:b2:23:b1:59:
a0:e4:62:b9:64:41:f0:b7:10:55:c7:53:b5:11:45:
a0:75:91:5a:9b:b2:89:27:91:ab:18:3c:8b:93:0b:
fd:7e:fc:a7:01:68:5e:be:7f:ef:d4:91:e9:e5:e4:
e0:ba:1d:8f:ab:e4:98:7c:4b:94:0f:2c:3d:7c:c0:
10:a9:c6:ce:4c:92:07:01:8f:50:59:18:39:3d:1a:
8f:bc:ec:ba:4a:b6:8d:56:b5:33:c5:c7:90:12:f6:
0c:53:4b:2b:df:68:6d:40:fe:12:5f:8a:d8:2a:f2:
60:db:79:28:69:3d:63:21:69:6f:ce:38:10:a5:dc:
f0:40:e4:8f:e9:c3:84:6c:5f:00:3c:af:43:92:88:
da:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:17:08:74:82:3E:C5:A6:16:8B:49:27:21:AD:42:50:A5:32:0D:8D
X509v3 Authority Key Identifier:
keyid:B3:0D:20:47:FF:60:7E:EF:85:29:37:60:E9:C1:1A:6F:59:41:D1:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw0gR_9gfu-FKTdg6cEab1lB0bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/96bea2-8e6d-44e8-a809-96b451f6000c/1/hhcIdII-xaYWi0knIa1CUKUyDY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/96bea2-8e6d-44e8-a809-96b451f6000c/1/sw0gR_9gfu-FKTdg6cEab1lB0bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.126.0/23
Signature Algorithm: sha256WithRSAEncryption
78:00:e6:19:8a:f1:95:e6:8a:1e:09:39:f4:64:9d:0b:1a:74:
0b:b0:b4:4a:fe:4e:e5:b3:a1:a0:3d:d1:db:28:76:36:0f:5e:
15:f9:35:03:f7:77:e9:43:ff:f2:c7:3e:9e:33:f9:4a:29:da:
88:9e:3c:1b:af:02:79:99:d2:10:a2:81:e1:10:7c:62:d3:c4:
97:52:10:3a:52:a9:00:2b:96:c3:ab:d7:b5:b7:87:d9:de:ad:
79:7b:db:e9:d9:9e:aa:71:14:b9:56:5b:ee:58:c0:f5:1e:54:
97:b7:5b:45:60:d5:aa:f4:74:b4:f3:7e:f0:db:50:46:bd:73:
b6:3e:39:2d:36:cd:6a:ee:ab:cf:20:ab:2f:c6:04:a6:b8:8c:
25:b3:ee:f2:81:0f:35:30:f5:69:ff:dd:84:e9:40:89:0d:86:
2b:c3:6d:5a:58:51:4e:ba:44:18:d9:cb:74:bf:2e:99:d8:9b:
66:76:da:ee:75:a0:ff:33:44:b0:3d:03:59:51:f9:12:0f:6e:
68:95:45:37:d9:c8:ad:e2:91:b9:f3:6d:3f:c5:50:85:bc:a4:
3b:1d:2d:05:f8:05:85:9b:80:eb:52:a1:70:02:e3:a7:38:4d:
3f:76:31:31:1f:0c:b1:93:50:ed:58:44:02:76:3b:3e:bc:2c:
35:13:e5:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE2H9PtnrBDPGeoIWHq33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGQyMDQ3ZmY2MDdlZWY4NTI5Mzc2MGU5YzExYTZmNTk0
MWQxYjYwHhcNMjMwMTAxMDY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE3MDg3NDgyM2VjNWE2MTY4YjQ5MjcyMWFkNDI1MGE1MzIwZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMF1R5uWtMoNjanZaADQBszn0xEM
W3mCDe2uikrOIvcMP+nqIuTYWlS6KItvsSsEepopHoShv9IGwvvIlOCetiwX5X9D
aY0L6vt8rjmIxpS3ijKY3V3NJhHFewkHHDnDkKiYaeck12bRUtD/7t8ZUj6aHbIj
sVmg5GK5ZEHwtxBVx1O1EUWgdZFam7KJJ5GrGDyLkwv9fvynAWhevn/v1JHp5eTg
uh2Pq+SYfEuUDyw9fMAQqcbOTJIHAY9QWRg5PRqPvOy6SraNVrUzxceQEvYMU0sr
32htQP4SX4rYKvJg23koaT1jIWlvzjgQpdzwQOSP6cOEbF8APK9Dkoja3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYXCHSCPsWmFotJJyGtQlClMg2NMB8GA1UdIwQY
MBaAFLMNIEf/YH7vhSk3YOnBGm9ZQdG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3cwZ1JfOWdmdS1GS1RkZzZjRWFiMWxCMGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NmJlYTItOGU2ZC00NGU4LWE4MDkt
OTZiNDUxZjYwMDBjLzEvaGhjSWRJSS14YVlXaTBrbklhMUNVS1V5RFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NmJlYTItOGU2ZC00NGU4LWE4MDktOTZiNDUxZjYwMDBj
LzEvc3cwZ1JfOWdmdS1GS1RkZzZjRWFiMWxCMGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxR+MA0G
CSqGSIb3DQEBCwUAA4IBAQB4AOYZivGV5ooeCTn0ZJ0LGnQLsLRK/k7ls6GgPdHb
KHY2D14V+TUD93fpQ//yxz6eM/lKKdqInjwbrwJ5mdIQooHhEHxi08SXUhA6UqkA
K5bDq9e1t4fZ3q15e9vp2Z6qcRS5VlvuWMD1HlSXt1tFYNWq9HS0837w21BGvXO2
PjktNs1q7qvPIKsvxgSmuIwls+7ygQ81MPVp/92E6UCJDYYrw21aWFFOukQY2ct0
vy6Z2JtmdtrudaD/M0SwPQNZUfkSD25olUU32cit4pG5820/xVCFvKQ7HS0F+AWF
m4DrUqFwAuOnOE0/djExHwyxk1DtWEQCdjs+vCw1E+Xe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:36 2024 by rpki-client on console-ams.rpki-client.org