Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/278ff7-94a7-4fc2-aed8-8d1da9f38a0b/1/HImY0t0JUOiJHooa6n9qEwpxU9w.roa
File: HImY0t0JUOiJHooa6n9qEwpxU9w.roa (raw, json)
Hash identifier: 8J9vgeEUNDrjmCrcJIPHJXBAatkv/zfy5oOn6rHTeLw=
Subject key identifier: 1C:89:98:D2:DD:09:50:E8:89:1E:8A:1A:EA:7F:6A:13:0A:71:53:DC
Certificate issuer: /CN=555988478690ad8d81149aa5c4cae75af5385f1b
Certificate serial: 0189013537A62560E603CE66F8125DD9C2E5
Authority key identifier: 55:59:88:47:86:90:AD:8D:81:14:9A:A5:C4:CA:E7:5A:F5:38:5F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VVmIR4aQrY2BFJqlxMrnWvU4Xxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/278ff7-94a7-4fc2-aed8-8d1da9f38a0b/1/HImY0t0JUOiJHooa6n9qEwpxU9w.roa
Signing time: Wed 28 Jun 2023 08:53:32 +0000
ROA not before: Wed 28 Jun 2023 08:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197997
IP address blocks: 194.0.32.0/24 maxlen: 24
2001:678:3c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:35:37:a6:25:60:e6:03:ce:66:f8:12:5d:d9:c2:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=555988478690ad8d81149aa5c4cae75af5385f1b
Validity
Not Before: Jun 28 08:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c8998d2dd0950e8891e8a1aea7f6a130a7153dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5c:e2:75:63:73:23:4d:19:ac:17:99:3e:03:
40:0e:d0:14:53:73:76:d7:7b:54:84:f7:f3:7d:76:
69:be:64:42:41:4b:32:fa:9e:b0:5a:fe:fa:5b:8c:
86:25:f8:95:04:c1:5f:fd:09:c7:9b:16:6c:22:c0:
ea:b0:1b:97:0f:48:aa:a4:19:47:00:b7:56:28:6a:
d3:05:d5:b0:dc:9c:9d:18:c5:45:35:55:45:e3:f7:
6d:04:6b:13:89:bd:53:ff:54:65:8e:44:0f:b0:34:
d0:ac:9c:a1:66:c8:83:0b:3c:a1:1a:6b:34:07:38:
8f:75:a9:11:90:81:be:5d:5a:b1:1c:4d:a9:fe:cc:
b2:64:2d:8c:e0:10:16:b3:77:18:ca:24:06:b9:cc:
be:b0:1e:e4:fc:48:d0:7a:09:28:8e:e0:44:28:af:
b2:b4:6b:0b:8b:73:dc:15:1c:88:d7:eb:f3:09:f9:
e9:ff:c6:d2:13:f7:d1:10:ba:0f:0f:be:8e:17:28:
5f:20:7a:ef:68:77:29:39:03:98:b5:8b:07:74:2d:
a0:3b:88:e4:85:1e:6f:d3:d5:92:9b:3d:8a:5f:1a:
fe:c2:77:ef:fe:c1:9b:aa:4f:55:3b:9e:af:40:d4:
71:34:68:39:ca:44:77:e8:96:aa:71:a0:19:c2:01:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:98:D2:DD:09:50:E8:89:1E:8A:1A:EA:7F:6A:13:0A:71:53:DC
X509v3 Authority Key Identifier:
keyid:55:59:88:47:86:90:AD:8D:81:14:9A:A5:C4:CA:E7:5A:F5:38:5F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VVmIR4aQrY2BFJqlxMrnWvU4Xxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/278ff7-94a7-4fc2-aed8-8d1da9f38a0b/1/HImY0t0JUOiJHooa6n9qEwpxU9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/278ff7-94a7-4fc2-aed8-8d1da9f38a0b/1/VVmIR4aQrY2BFJqlxMrnWvU4Xxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.32.0/24
IPv6:
2001:678:3c::/48
Signature Algorithm: sha256WithRSAEncryption
42:bd:e5:14:26:4c:ad:77:5a:0f:4f:b8:70:03:0a:52:20:68:
73:b5:e9:c6:9a:36:63:3d:11:53:b3:e9:ca:bc:f4:ff:9b:cf:
f6:35:80:7e:7e:6d:58:78:55:78:97:a7:37:e0:28:ee:a9:3d:
73:7e:fb:00:ad:53:87:25:1a:41:28:46:ab:03:f5:b4:3a:02:
a0:a6:e6:53:b6:ba:55:3f:10:d8:86:6a:7b:c5:86:76:56:73:
37:f9:ac:a6:bc:d9:a6:3b:58:ac:24:48:b4:81:8f:33:ab:69:
4e:74:d3:a7:46:f4:0b:38:64:be:85:d5:53:f6:41:e9:55:17:
a8:fc:aa:2f:38:36:d5:69:f4:66:7d:59:82:78:5f:46:c5:20:
c2:10:5d:e6:cf:4a:c4:57:e4:17:fb:75:18:64:d4:13:f4:12:
1b:29:24:fd:45:02:a9:77:14:ec:b4:d8:31:ef:7e:d6:ab:06:
44:ef:c6:2b:aa:2e:84:4e:18:23:a9:ee:4e:bb:8e:06:e2:38:
50:12:3c:ec:e5:85:11:08:1e:f6:08:3e:eb:48:2d:43:ce:94:
35:e1:70:e5:1c:e6:3f:b3:c6:7f:df:cf:85:6c:00:9e:10:7f:
68:83:f9:eb:0a:6d:06:fd:86:9b:5b:0b:d4:03:92:6c:a2:2d:
cc:03:30:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYkBNTemJWDmA85m+BJd2cLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NTk4ODQ3ODY5MGFkOGQ4MTE0OWFhNWM0Y2FlNzVhZjUz
ODVmMWIwHhcNMjMwNjI4MDg1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5OThkMmRkMDk1MGU4ODkxZThhMWFlYTdmNmExMzBhNzE1M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVzidWNzI00ZrBeZPgNADtAUU3N2
13tUhPfzfXZpvmRCQUsy+p6wWv76W4yGJfiVBMFf/QnHmxZsIsDqsBuXD0iqpBlH
ALdWKGrTBdWw3JydGMVFNVVF4/dtBGsTib1T/1RljkQPsDTQrJyhZsiDCzyhGms0
BziPdakRkIG+XVqxHE2p/syyZC2M4BAWs3cYyiQGucy+sB7k/EjQegkojuBEKK+y
tGsLi3PcFRyI1+vzCfnp/8bSE/fRELoPD76OFyhfIHrvaHcpOQOYtYsHdC2gO4jk
hR5v09WSmz2KXxr+wnfv/sGbqk9VO56vQNRxNGg5ykR36JaqcaAZwgGbQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByJmNLdCVDoiR6KGup/ahMKcVPcMB8GA1UdIwQY
MBaAFFVZiEeGkK2NgRSapcTK51r1OF8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlZtSVI0YVFyWTJCRkpxbHhNcm5XdlU0WHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8yNzhmZjctOTRhNy00ZmMyLWFlZDgt
OGQxZGE5ZjM4YTBiLzEvSEltWTB0MEpVT2lKSG9vYTZuOXFFd3B4VTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8yNzhmZjctOTRhNy00ZmMyLWFlZDgtOGQxZGE5ZjM4YTBi
LzEvVlZtSVI0YVFyWTJCRkpxbHhNcm5XdlU0WHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAgMA8E
AgACMAkDBwAgAQZ4ADwwDQYJKoZIhvcNAQELBQADggEBAEK95RQmTK13Wg9PuHAD
ClIgaHO16caaNmM9EVOz6cq89P+bz/Y1gH5+bVh4VXiXpzfgKO6pPXN++wCtU4cl
GkEoRqsD9bQ6AqCm5lO2ulU/ENiGanvFhnZWczf5rKa82aY7WKwkSLSBjzOraU50
06dG9As4ZL6F1VP2QelVF6j8qi84NtVp9GZ9WYJ4X0bFIMIQXebPSsRX5Bf7dRhk
1BP0EhspJP1FAql3FOy02DHvftarBkTvxiuqLoROGCOp7k67jgbiOFASPOzlhREI
HvYIPutILUPOlDXhcOUc5j+zxn/fz4VsAJ4Qf2iD+esKbQb9hptbC9QDkmyiLcwD
MC4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:57 2024 by rpki-client on console-ams.rpki-client.org