Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/hQnYWexDBlVHARMik5TfqaDgDfs.roa
File: hQnYWexDBlVHARMik5TfqaDgDfs.roa (raw, json)
Hash identifier: fwIIoZKLPPqms2bp0sxCfpsYehZRpcJNe04W0xOSQM8=
Subject key identifier: 85:09:D8:59:EC:43:06:55:47:01:13:22:93:94:DF:A9:A0:E0:0D:FB
Certificate issuer: /CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Certificate serial: 0185719587DCB13A081986ABE6D3616F8AB1
Authority key identifier: 99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/hQnYWexDBlVHARMik5TfqaDgDfs.roa
Signing time: Mon 02 Jan 2023 08:25:03 +0000
ROA not before: Mon 02 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21413
IP address blocks: 31.42.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:87:dc:b1:3a:08:19:86:ab:e6:d3:61:6f:8a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Validity
Not Before: Jan 2 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8509d859ec430655470113229394dfa9a0e00dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a0:a3:50:af:06:30:fe:eb:2b:45:19:fd:75:
6e:ef:c5:f4:53:24:88:21:cb:64:3c:fd:7c:e0:37:
dc:e4:6f:fc:2d:08:fb:a8:31:c1:a3:a6:b1:ce:1c:
9d:e2:96:cb:3e:7b:d0:ac:cd:99:85:4d:39:bc:2e:
6d:d7:6e:7a:d6:0c:18:ff:2c:af:15:f5:f0:59:16:
86:48:99:22:81:38:33:9f:78:3c:60:65:76:90:d4:
8c:ac:7c:45:db:90:d8:8d:07:e5:d3:95:94:63:83:
ba:64:ec:46:87:c1:9e:eb:70:8b:f0:40:33:35:2b:
4d:da:20:d6:26:90:17:f7:11:da:53:d9:ca:e8:a8:
3a:4f:99:65:c8:00:50:1b:22:57:17:97:e0:7f:d0:
bf:7b:07:32:ce:81:81:12:26:d4:23:b1:e9:36:f7:
01:37:09:1e:d3:39:cc:6c:d9:88:90:7f:a8:43:e1:
d7:4d:b8:2e:67:60:b3:27:4e:ee:d6:2a:b9:24:6e:
61:2a:8e:ed:a0:38:30:b6:ca:62:66:83:29:f3:a2:
25:05:43:3c:04:01:57:ce:ee:1d:61:2d:3b:ea:13:
da:93:a6:9a:1c:e9:d6:9d:97:c3:68:25:af:b9:75:
76:70:4f:8a:e3:04:e5:03:1f:06:4a:14:24:68:fd:
cc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:09:D8:59:EC:43:06:55:47:01:13:22:93:94:DF:A9:A0:E0:0D:FB
X509v3 Authority Key Identifier:
keyid:99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/hQnYWexDBlVHARMik5TfqaDgDfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/mYS56xIiNxEcH4yldwfscwcpHug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.180.0/24
Signature Algorithm: sha256WithRSAEncryption
54:66:53:e4:c4:d6:ad:9a:9b:0b:ac:90:f6:b6:76:9f:91:42:
a0:ed:88:23:b2:34:cf:13:f7:ed:91:fa:33:c0:58:f0:f4:d7:
b8:a6:89:29:8a:02:ca:c6:99:c7:79:19:22:ff:9a:b3:29:a4:
36:99:2a:59:6f:0f:f9:a9:bf:bb:29:58:34:20:6c:e1:a8:f2:
39:e1:10:54:13:3c:6e:fe:a7:29:8a:6d:85:be:02:9a:26:ff:
bd:4e:6c:08:b7:7b:e6:e8:60:37:9d:ef:9c:bb:d8:9c:09:09:
e6:35:8e:ca:43:67:5e:79:09:c3:e8:90:33:90:59:81:f9:69:
4b:3b:d1:8b:e1:59:08:89:ff:ec:1f:c2:97:5c:90:29:69:a4:
bb:ad:f3:f3:2a:42:f4:43:db:4b:55:13:1c:88:64:2a:da:df:
85:25:57:8a:13:6d:11:a6:95:1d:7c:24:0c:09:4a:3b:93:0f:
51:6f:b7:17:7d:d4:62:fb:8b:09:36:6d:88:21:89:fb:6d:f5:
9e:eb:88:3b:78:f3:e9:4f:bf:9f:0d:ec:47:1c:68:76:c2:35:
b0:90:49:2e:2a:9b:33:8f:fc:c3:b4:10:82:28:5f:79:c7:49:
36:d0:34:f2:17:98:3b:81:bc:fe:6f:99:d2:2a:6e:cf:71:7a:
37:11:56:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlYfcsToIGYar5tNhb4qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ODRiOWViMTIyMjM3MTExYzFmOGNhNTc3MDdlYzczMDcy
OTFlZTgwHhcNMjMwMTAyMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA5ZDg1OWVjNDMwNjU1NDcwMTEzMjI5Mzk0ZGZhOWEwZTAwZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqCjUK8GMP7rK0UZ/XVu78X0UySI
IctkPP184Dfc5G/8LQj7qDHBo6axzhyd4pbLPnvQrM2ZhU05vC5t12561gwY/yyv
FfXwWRaGSJkigTgzn3g8YGV2kNSMrHxF25DYjQfl05WUY4O6ZOxGh8Ge63CL8EAz
NStN2iDWJpAX9xHaU9nK6Kg6T5llyABQGyJXF5fgf9C/ewcyzoGBEibUI7HpNvcB
Nwke0znMbNmIkH+oQ+HXTbguZ2CzJ07u1iq5JG5hKo7toDgwtspiZoMp86IlBUM8
BAFXzu4dYS076hPak6aaHOnWnZfDaCWvuXV2cE+K4wTlAx8GShQkaP3MgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUJ2FnsQwZVRwETIpOU36mg4A37MB8GA1UdIwQY
MBaAFJmEuesSIjcRHB+MpXcH7HMHKR7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTct
ZDVhYmY1MDMxZDIxLzEvaFFuWVdleERCbFZIQVJNaWs1VGZxYURnRGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTctZDVhYmY1MDMxZDIx
LzEvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyq0MA0G
CSqGSIb3DQEBCwUAA4IBAQBUZlPkxNatmpsLrJD2tnafkUKg7YgjsjTPE/ftkfoz
wFjw9Ne4pokpigLKxpnHeRki/5qzKaQ2mSpZbw/5qb+7KVg0IGzhqPI54RBUEzxu
/qcpim2FvgKaJv+9TmwIt3vm6GA3ne+cu9icCQnmNY7KQ2deeQnD6JAzkFmB+WlL
O9GL4VkIif/sH8KXXJApaaS7rfPzKkL0Q9tLVRMciGQq2t+FJVeKE20RppUdfCQM
CUo7kw9Rb7cXfdRi+4sJNm2IIYn7bfWe64g7ePPpT7+fDexHHGh2wjWwkEkuKpsz
j/zDtBCCKF95x0k20DTyF5g7gbz+b5nSKm7PcXo3EVYl
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:48 2024 by rpki-client on console-fra.rpki-client.org