Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiYP74TYStyO2gRGpotkZuNYaTY.roa
File: hiYP74TYStyO2gRGpotkZuNYaTY.roa (raw, json)
Hash identifier: DTXPfsUTcS07tzBGBlucbq0inAYctIilY6yRl1H5xHg=
Subject key identifier: 86:26:0F:EF:84:D8:4A:DC:8E:DA:04:46:A6:8B:64:66:E3:58:69:36
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018570152D7535F5DC48945949E560765502
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiYP74TYStyO2gRGpotkZuNYaTY.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43758
IP address blocks: 91.225.28.0/22 maxlen: 22
91.198.146.0/24 maxlen: 24
91.213.206.0/24 maxlen: 24
91.224.38.0/23 maxlen: 23
185.180.208.0/22 maxlen: 24
2001:67c:2e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Aug 2023 23:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2d:75:35:f5:dc:48:94:59:49:e5:60:76:55:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86260fef84d84adc8eda0446a68b6466e3586936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fe:ec:1f:e5:4a:dd:fb:62:58:d6:e0:5c:71:
c4:eb:95:1d:61:33:4f:31:e2:02:5c:a1:d7:ec:41:
1e:bf:de:2e:ec:61:56:e9:77:49:81:6f:49:d5:64:
27:a2:e9:3c:d9:ee:32:31:b3:61:dd:12:ec:a8:7f:
15:5e:df:ff:3e:7c:01:2c:fa:ea:23:0c:ff:cc:69:
67:44:7c:23:c4:36:da:fd:e1:77:42:f5:6d:f0:26:
67:34:02:c7:88:ca:a2:a0:fe:4f:de:da:90:38:3f:
29:8e:3f:8a:9e:f0:d8:e8:82:5f:86:66:6a:bc:3e:
9f:c6:e0:1a:f7:69:40:b3:91:9a:57:66:e3:80:5a:
98:1e:f1:a7:48:b8:a2:2a:4a:e8:2f:1e:59:e1:76:
bf:92:b1:76:e4:83:e5:b2:7b:87:4e:ba:91:93:00:
fa:9f:e1:29:bf:f3:bd:a4:3b:e0:6d:92:a9:c7:ea:
09:f0:73:78:27:5c:ea:14:aa:1e:4b:0c:27:6e:85:
2f:6f:eb:79:7f:55:d9:59:8a:df:d7:d2:07:22:d8:
a8:7d:7a:50:dd:c5:1e:c5:b3:2d:85:c4:3a:73:a1:
55:e7:92:d0:81:27:27:dd:b1:55:82:c1:01:a7:2d:
54:69:85:77:2c:65:35:5b:be:85:9a:32:70:f2:33:
d6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:26:0F:EF:84:D8:4A:DC:8E:DA:04:46:A6:8B:64:66:E3:58:69:36
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiYP74TYStyO2gRGpotkZuNYaTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.146.0/24
91.213.206.0/24
91.224.38.0/23
91.225.28.0/22
185.180.208.0/22
IPv6:
2001:67c:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
98:5a:09:3f:73:dc:19:cb:e1:55:b2:ed:59:f3:18:bb:75:b9:
5f:3c:70:83:1e:ce:90:5c:e3:9e:b1:4e:5a:b2:ca:df:e6:a9:
1d:dc:1f:0c:ee:67:9a:ea:a8:97:9b:8d:f9:a2:cd:ef:02:1d:
9d:68:33:93:bd:92:b8:0c:67:c5:4d:74:ba:69:0a:05:fc:92:
d2:d2:2c:7e:52:c8:a2:5e:4b:46:93:81:72:e3:1e:35:77:fb:
1b:e4:c5:5e:99:c4:85:33:58:19:3f:92:ea:26:e7:c8:ba:3e:
44:55:cc:7b:95:6b:3a:d1:0c:cf:d2:4c:51:1e:ae:03:09:67:
0a:f4:6a:d7:55:18:45:b9:87:0e:03:89:5a:a1:c3:83:dd:ca:
3c:14:ca:64:7e:9e:25:a9:05:1d:ba:4e:ae:89:02:98:75:2e:
d4:31:9e:7f:a9:a4:69:03:bf:58:23:a7:79:bd:d1:a8:12:91:
d1:ed:b8:d4:3e:bc:42:c9:cd:c6:75:6e:a7:10:ef:c6:aa:52:
4c:50:7e:07:78:b5:b4:6e:59:76:2f:0f:c2:ba:97:ca:2b:eb:
e2:9b:da:a4:1c:3d:76:0d:72:88:82:69:d6:ea:c9:e8:1e:b2:
9f:d7:9d:46:a0:ca:04:cb:6f:85:78:a7:e3:c3:bc:5e:bd:dd:
8c:53:b2:88
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVwFS11NfXcSJRZSeVgdlUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI2MGZlZjg0ZDg0YWRjOGVkYTA0NDZhNjhiNjQ2NmUzNTg2OTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv7sH+VK3ftiWNbgXHHE65UdYTNP
MeICXKHX7EEev94u7GFW6XdJgW9J1WQnouk82e4yMbNh3RLsqH8VXt//PnwBLPrq
Iwz/zGlnRHwjxDba/eF3QvVt8CZnNALHiMqioP5P3tqQOD8pjj+KnvDY6IJfhmZq
vD6fxuAa92lAs5GaV2bjgFqYHvGnSLiiKkroLx5Z4Xa/krF25IPlsnuHTrqRkwD6
n+Epv/O9pDvgbZKpx+oJ8HN4J1zqFKoeSwwnboUvb+t5f1XZWYrf19IHItiofXpQ
3cUexbMthcQ6c6FV55LQgScn3bFVgsEBpy1UaYV3LGU1W76FmjJw8jPWuwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIYmD++E2ErcjtoERqaLZGbjWGk2MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvaGlZUDc0VFlTdHlPMmdSR3BvdGtadU5ZYVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW8aSAwQA
W9XOAwQBW+AmAwQCW+EcAwQCubTQMA8EAgACMAkDBwAgAQZ8AuAwDQYJKoZIhvcN
AQELBQADggEBAJhaCT9z3BnL4VWy7VnzGLt1uV88cIMezpBc456xTlqyyt/mqR3c
HwzuZ5rqqJebjfmize8CHZ1oM5O9krgMZ8VNdLppCgX8ktLSLH5SyKJeS0aTgXLj
HjV3+xvkxV6ZxIUzWBk/kuom58i6PkRVzHuVazrRDM/STFEergMJZwr0atdVGEW5
hw4DiVqhw4PdyjwUymR+niWpBR26Tq6JAph1LtQxnn+ppGkDv1gjp3m90agSkdHt
uNQ+vELJzcZ1bqcQ78aqUkxQfgd4tbRuWXYvD8K6l8or6+Kb2qQcPXYNcoiCadbq
yegesp/XnUagygTLb4V4p+PDvF693YxTsog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org