Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/0HkLDef7VWBXaG38suB3-t17ePU.roa
File: 0HkLDef7VWBXaG38suB3-t17ePU.roa (raw, json)
Hash identifier: MGjrtn3Z5MqKGlAt3+AlACeIVjSkfrTEw17oxXBShJs=
Subject key identifier: D0:79:0B:0D:E7:FB:55:60:57:68:6D:FC:B2:E0:77:FA:DD:7B:78:F5
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CF74061CE6C8516A574ACA1A728921BA8
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/0HkLDef7VWBXaG38suB3-t17ePU.roa
Signing time: Thu 11 Jan 2024 06:40:40 +0000
ROA not before: Thu 11 Jan 2024 06:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400859
IP address blocks: 81.21.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 07:55:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:40:61:ce:6c:85:16:a5:74:ac:a1:a7:28:92:1b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 11 06:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0790b0de7fb556057686dfcb2e077fadd7b78f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f2:3a:33:6a:d0:8e:38:15:2f:7c:94:51:04:
d4:9f:aa:8c:85:7a:db:73:95:b4:0e:96:0d:0c:83:
e1:25:24:25:d9:76:8e:03:ad:77:33:74:01:4c:a9:
7b:d3:62:6e:38:78:07:cd:23:b3:7d:cf:09:34:7f:
9f:5d:72:62:06:7a:27:8a:ae:cf:99:0f:20:c0:a5:
15:45:09:33:6e:f2:5f:4f:a6:93:a0:0d:17:f2:3e:
7f:2d:32:91:dd:07:9f:24:6d:d3:9e:6c:38:76:3d:
88:e9:a8:be:d8:69:6a:9d:37:99:42:c2:44:04:31:
08:8d:0c:52:e7:54:d1:e3:46:17:ea:14:3e:40:dd:
d7:13:97:4b:24:c9:9f:4e:c7:10:9d:a3:56:d8:28:
37:a9:c8:9e:e7:c0:08:b5:ba:e1:6e:0f:f6:3b:ea:
a6:76:fb:fd:d5:b6:4e:71:32:e6:3b:f1:08:55:36:
a3:d5:3f:79:36:29:f6:2a:bb:41:6a:1a:e6:9e:ed:
56:ed:54:2b:b9:8c:97:ca:04:f1:88:c5:24:b3:99:
e5:12:bc:20:3e:77:da:9c:13:c6:c3:da:d6:e4:9f:
c3:fe:92:e9:34:f8:63:0c:4b:43:6b:b2:3f:f7:90:
21:35:3d:8e:fe:aa:87:69:8c:a6:63:5b:ce:07:ae:
09:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:79:0B:0D:E7:FB:55:60:57:68:6D:FC:B2:E0:77:FA:DD:7B:78:F5
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/0HkLDef7VWBXaG38suB3-t17ePU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.3.0/24
Signature Algorithm: sha256WithRSAEncryption
11:29:58:4e:4b:f5:54:83:71:34:b4:97:62:29:c0:d2:3c:01:
86:82:7c:e2:df:75:7c:00:0e:2c:5c:6b:c4:6b:6a:a7:fe:09:
3e:69:ff:c6:ca:9d:27:2f:34:f0:0b:35:2f:c2:1d:f7:28:2d:
fc:ee:e6:d9:ee:bc:82:10:3d:94:fe:bf:d6:87:15:ba:ac:b6:
ef:1c:b0:32:24:8f:fd:83:1b:f5:1e:90:ab:a5:d1:cd:eb:18:
23:07:00:ac:6b:71:30:69:83:c5:ea:d5:c5:81:6a:4c:c5:6c:
34:cd:1a:7a:6a:37:d4:66:c4:6f:62:ae:97:28:0f:3a:cd:a3:
33:dd:f6:e5:a9:76:9d:bd:17:2d:93:08:f7:03:4c:65:2c:39:
be:77:38:c0:71:e2:e2:7d:4e:ab:90:57:df:8a:94:8b:15:ba:
03:82:2c:4c:69:3c:c5:98:74:bd:a4:77:a3:7e:21:1d:c4:4d:
24:67:ed:f4:f3:4e:43:1d:c9:a8:ab:d5:5b:96:e6:de:4c:5c:
8c:87:19:6b:48:4f:b2:98:c8:cc:3c:bc:b0:b3:63:7d:61:4e:
b0:5f:9b:07:c4:22:c8:a3:8f:d5:43:00:f7:5d:35:41:53:0c:
e9:19:f0:2f:35:c4:70:bb:e4:2e:e6:e5:2b:cb:bb:6f:b7:65:
71:59:31:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz3QGHObIUWpXSsoacokhuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTExMDY0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc5MGIwZGU3ZmI1NTYwNTc2ODZkZmNiMmUwNzdmYWRkN2I3OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vI6M2rQjjgVL3yUUQTUn6qMhXrb
c5W0DpYNDIPhJSQl2XaOA613M3QBTKl702JuOHgHzSOzfc8JNH+fXXJiBnoniq7P
mQ8gwKUVRQkzbvJfT6aToA0X8j5/LTKR3QefJG3Tnmw4dj2I6ai+2GlqnTeZQsJE
BDEIjQxS51TR40YX6hQ+QN3XE5dLJMmfTscQnaNW2Cg3qcie58AItbrhbg/2O+qm
dvv91bZOcTLmO/EIVTaj1T95Nin2KrtBahrmnu1W7VQruYyXygTxiMUks5nlErwg
PnfanBPGw9rW5J/D/pLpNPhjDEtDa7I/95AhNT2O/qqHaYymY1vOB64JvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNB5Cw3n+1VgV2ht/LLgd/rde3j1MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMEhrTERlZjdWV0JYYUczOHN1QjMtdDE3ZVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURUDMA0G
CSqGSIb3DQEBCwUAA4IBAQARKVhOS/VUg3E0tJdiKcDSPAGGgnzi33V8AA4sXGvE
a2qn/gk+af/Gyp0nLzTwCzUvwh33KC387ubZ7ryCED2U/r/WhxW6rLbvHLAyJI/9
gxv1HpCrpdHN6xgjBwCsa3EwaYPF6tXFgWpMxWw0zRp6ajfUZsRvYq6XKA86zaMz
3fblqXadvRctkwj3A0xlLDm+dzjAceLifU6rkFffipSLFboDgixMaTzFmHS9pHej
fiEdxE0kZ+30805DHcmoq9VblubeTFyMhxlrSE+ymMjMPLyws2N9YU6wX5sHxCLI
o4/VQwD3XTVBUwzpGfAvNcRwu+Qu5uUry7tvt2VxWTGm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org