Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hUdAL9jkQ3wZn8FBZmPIHyaxxwI.roa
File: hUdAL9jkQ3wZn8FBZmPIHyaxxwI.roa (raw, json)
Hash identifier: RvjQ7V71y3R5HHyBDmjWFvKiVrGwsVToY64788pp3Uo=
Subject key identifier: 85:47:40:2F:D8:E4:43:7C:19:9F:C1:41:66:63:C8:1F:26:B1:C7:02
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01882CEA04F38B382C4027B919F696FA934B
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hUdAL9jkQ3wZn8FBZmPIHyaxxwI.roa
Signing time: Thu 18 May 2023 03:31:54 +0000
ROA not before: Thu 18 May 2023 03:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.100.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Jun 2023 04:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2c:ea:04:f3:8b:38:2c:40:27:b9:19:f6:96:fa:93:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: May 18 03:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8547402fd8e4437c199fc1416663c81f26b1c702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c2:6c:77:fe:dd:40:a2:7d:57:78:92:9a:a6:
c9:cc:90:76:23:17:bc:02:7b:74:d1:1d:ae:17:e8:
df:97:07:2f:a2:6b:bb:bd:f8:59:bf:6d:cb:00:e4:
c9:43:04:f8:ff:c3:33:45:c9:e1:b6:b1:0d:53:0c:
9a:12:73:65:9e:dd:75:0b:c9:2f:3e:3c:2e:2e:a1:
ac:bf:88:b5:9b:84:ab:e1:3f:7b:78:59:28:e3:d8:
65:72:b8:03:88:50:f5:00:5b:8b:25:7a:a9:91:fe:
af:38:71:cb:18:ba:7d:4c:c6:56:48:23:3b:f2:11:
1e:84:a4:64:18:d1:a1:1f:9a:50:d0:02:18:3f:83:
17:c6:ea:62:50:29:87:2a:3b:b4:e2:c4:df:cf:2a:
40:36:51:d8:f9:47:15:f1:88:d3:31:06:23:17:12:
ab:56:f3:34:0e:ff:b6:e7:ed:96:91:6f:a1:34:7c:
70:52:26:69:3c:74:34:ba:a7:84:6d:50:68:36:78:
95:cd:ad:37:c6:96:72:87:f1:53:83:45:20:b9:36:
f3:c8:23:06:3f:44:41:7a:2e:36:6e:af:b1:49:a3:
3b:f4:f0:14:b3:00:2f:d2:44:41:d7:bd:3c:27:da:
03:5f:48:b0:82:0e:91:e3:33:fc:3a:7d:9d:cb:3e:
0a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:47:40:2F:D8:E4:43:7C:19:9F:C1:41:66:63:C8:1F:26:B1:C7:02
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/hUdAL9jkQ3wZn8FBZmPIHyaxxwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.100.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
12:fc:9c:01:9c:82:1f:02:66:66:23:df:33:51:bc:50:81:1f:
4c:37:82:5d:a6:73:74:d5:f6:84:3a:41:77:47:23:fb:d7:53:
0d:18:55:73:5f:7f:f4:fc:87:78:5e:d8:93:64:1f:b1:16:30:
0b:57:f6:a8:cc:be:52:fd:6e:92:f2:64:dc:6a:59:89:ae:b8:
d5:76:13:7c:c0:1b:85:f4:d3:99:2c:c1:88:0e:86:a2:c7:e7:
83:cf:78:d9:70:84:0c:26:cd:35:ac:f4:e9:82:1e:e2:60:4c:
20:bb:3b:af:78:a1:80:d8:46:60:3d:3b:f6:8b:de:4a:3e:75:
9f:be:5f:2d:2d:2f:6f:7b:c5:05:7b:a6:09:b8:35:a9:40:60:
5b:c6:33:53:57:06:da:c7:42:ef:7f:04:77:2d:7e:e3:86:5c:
c4:33:27:96:60:a9:02:63:d1:44:88:83:46:16:b1:c0:3c:84:
b7:4f:b7:81:db:37:4c:8d:1c:10:19:0d:6e:5d:29:9b:72:0e:
13:13:3a:91:a5:69:31:ca:03:0a:62:d2:20:1f:0a:85:7d:fd:
d1:54:a2:62:8c:32:dc:cd:a8:52:ef:5e:ba:6e:a7:d0:53:38:
0e:35:76:62:37:47:75:8c:38:c9:8d:f3:5e:e7:2a:10:cb:2c:
e1:86:65:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgs6gTzizgsQCe5GfaW+pNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNTE4MDMzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ3NDAyZmQ4ZTQ0MzdjMTk5ZmMxNDE2NjYzYzgxZjI2YjFjNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksJsd/7dQKJ9V3iSmqbJzJB2Ixe8
Ant00R2uF+jflwcvomu7vfhZv23LAOTJQwT4/8MzRcnhtrENUwyaEnNlnt11C8kv
PjwuLqGsv4i1m4Sr4T97eFko49hlcrgDiFD1AFuLJXqpkf6vOHHLGLp9TMZWSCM7
8hEehKRkGNGhH5pQ0AIYP4MXxupiUCmHKju04sTfzypANlHY+UcV8YjTMQYjFxKr
VvM0Dv+25+2WkW+hNHxwUiZpPHQ0uqeEbVBoNniVza03xpZyh/FTg0UguTbzyCMG
P0RBei42bq+xSaM79PAUswAv0kRB1708J9oDX0iwgg6R4zP8On2dyz4KuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIVHQC/Y5EN8GZ/BQWZjyB8msccCMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvaFVkQUw5amtRM3dabjhGQlptUElIeWF4eHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HhAwQA
vL9kAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQAS/JwBnIIfAmZmI98zUbxQgR9M
N4JdpnN01faEOkF3RyP711MNGFVzX3/0/Id4XtiTZB+xFjALV/aozL5S/W6S8mTc
almJrrjVdhN8wBuF9NOZLMGIDoaix+eDz3jZcIQMJs01rPTpgh7iYEwguzuveKGA
2EZgPTv2i95KPnWfvl8tLS9ve8UFe6YJuDWpQGBbxjNTVwbax0LvfwR3LX7jhlzE
MyeWYKkCY9FEiINGFrHAPIS3T7eB2zdMjRwQGQ1uXSmbcg4TEzqRpWkxygMKYtIg
HwqFff3RVKJijDLczahS7166bqfQUzgONXZiN0d1jDjJjfNe5yoQyyzhhmV/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org