Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hXia1ClZtLvr-BeaEpQvB1TtT7E.roa
File: hXia1ClZtLvr-BeaEpQvB1TtT7E.roa (raw, json)
Hash identifier: TOlq3Hxx2IA6hCHY8EoJaphmJMqO+zQ/U5qA+0dnhmI=
Subject key identifier: 85:78:9A:D4:29:59:B4:BB:EB:F8:17:9A:12:94:2F:07:54:ED:4F:B1
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018C0175B993E93FAD7369ED290150925C16
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hXia1ClZtLvr-BeaEpQvB1TtT7E.roa
Signing time: Fri 24 Nov 2023 13:12:21 +0000
ROA not before: Fri 24 Nov 2023 13:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 193.203.49.0/24 maxlen: 24
193.203.48.0/24 maxlen: 24
91.207.61.0/24 maxlen: 24
91.217.90.0/24 maxlen: 24
2a13:f580:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:75:b9:93:e9:3f:ad:73:69:ed:29:01:50:92:5c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Nov 24 13:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85789ad42959b4bbebf8179a12942f0754ed4fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:13:84:2c:05:d4:68:34:9a:0d:13:2d:a0:
f8:67:ef:86:f6:59:b6:2c:42:42:1a:57:72:8e:20:
e4:16:c7:2c:5c:fc:53:27:57:62:ea:da:7b:5a:79:
72:a6:85:7c:17:74:07:25:fd:33:ed:b4:51:ea:70:
90:5f:39:75:d7:c7:bd:d0:bd:20:6f:fd:6e:63:c6:
8d:74:b9:e9:fe:93:58:a3:95:fe:cc:1b:62:08:83:
6c:a1:93:b0:85:ef:a0:f2:88:9e:1e:b4:cd:5c:9a:
40:42:77:94:dd:51:ca:dd:fd:d0:fa:cc:8a:11:bb:
1b:0e:73:4c:4c:30:2e:dd:fb:41:39:82:8b:17:62:
cc:2c:0f:77:95:33:af:08:bc:a7:74:49:13:eb:b4:
9e:7e:47:0b:48:06:61:66:20:55:9b:b2:70:7f:92:
81:ba:b5:96:72:48:1f:1a:92:f9:cb:eb:00:78:7e:
ba:15:00:f0:08:88:03:30:6f:4b:fc:6e:f4:a4:d9:
bd:af:66:89:29:1f:5b:97:eb:85:f6:66:aa:03:99:
c8:9a:3f:21:df:e0:e0:de:f2:b8:84:2d:cd:4e:1d:
32:be:04:b7:45:4e:ba:a5:8a:15:68:42:6b:84:dd:
cf:23:9a:cf:69:3a:a8:c7:92:8a:9f:83:83:23:ff:
9f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:78:9A:D4:29:59:B4:BB:EB:F8:17:9A:12:94:2F:07:54:ED:4F:B1
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hXia1ClZtLvr-BeaEpQvB1TtT7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.61.0/24
91.217.90.0/24
193.203.48.0/23
IPv6:
2a13:f580:3::/48
Signature Algorithm: sha256WithRSAEncryption
6a:da:2b:f6:f7:b4:77:18:56:44:80:94:53:cf:71:8d:38:d5:
ea:c5:80:36:00:b3:bf:31:2f:ff:3a:f5:d2:9a:d8:e8:e4:f3:
7a:a7:03:71:2d:31:0d:50:93:11:2d:dc:3b:5f:d6:a8:a2:76:
06:fd:4d:60:93:4c:cb:1c:5c:42:6d:4f:3a:5b:a7:d2:f5:d7:
bd:10:47:9f:5a:d4:13:0f:d2:bc:5b:01:ec:b8:69:18:87:0e:
b8:4d:df:44:f6:b4:da:2e:7c:42:6a:c1:eb:3b:73:35:6a:4f:
56:99:d2:4a:0d:17:a3:78:bc:73:2a:cd:3c:95:1d:01:51:66:
40:0f:14:00:3d:61:14:b4:e0:db:d9:e1:6f:bc:0c:45:80:59:
1a:ed:9d:7b:25:ee:be:60:85:0a:cb:b3:ae:49:3c:5c:0f:30:
08:f7:33:ae:d5:0b:ed:d4:51:d4:7e:d0:38:f5:96:2b:0c:65:
1d:86:0e:17:57:94:8e:ba:07:29:82:17:c6:c9:93:e5:7e:56:
bd:ab:97:bd:e9:30:38:da:38:91:aa:66:5a:f1:2d:76:bb:73:
69:49:84:b7:c9:d9:84:29:4e:32:de:d9:fe:94:34:85:72:6f:
07:47:1b:18:43:38:a6:e0:c0:e7:4f:42:1c:42:bf:eb:a3:61:
26:01:09:ae
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYwBdbmT6T+tc2ntKQFQklwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMxMTI0MTMxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc4OWFkNDI5NTliNGJiZWJmODE3OWExMjk0MmYwNzU0ZWQ0ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkckThCwF1Gg0mg0TLaD4Z++G9lm2
LEJCGldyjiDkFscsXPxTJ1di6tp7WnlypoV8F3QHJf0z7bRR6nCQXzl118e90L0g
b/1uY8aNdLnp/pNYo5X+zBtiCINsoZOwhe+g8oieHrTNXJpAQneU3VHK3f3Q+syK
EbsbDnNMTDAu3ftBOYKLF2LMLA93lTOvCLyndEkT67SefkcLSAZhZiBVm7Jwf5KB
urWWckgfGpL5y+sAeH66FQDwCIgDMG9L/G70pNm9r2aJKR9bl+uF9maqA5nImj8h
3+Dg3vK4hC3NTh0yvgS3RU66pYoVaEJrhN3PI5rPaTqox5KKn4ODI/+fUwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIV4mtQpWbS76/gXmhKULwdU7U+xMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvaFhpYTFDbFp0THZyLUJlYUVwUXZCMVR0VDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW889AwQA
W9laAwQBwcswMA8EAgACMAkDBwAqE/WAAAMwDQYJKoZIhvcNAQELBQADggEBAGra
K/b3tHcYVkSAlFPPcY041erFgDYAs78xL/869dKa2Ojk83qnA3EtMQ1QkxEt3Dtf
1qiidgb9TWCTTMscXEJtTzpbp9L1170QR59a1BMP0rxbAey4aRiHDrhN30T2tNou
fEJqwes7czVqT1aZ0koNF6N4vHMqzTyVHQFRZkAPFAA9YRS04NvZ4W+8DEWAWRrt
nXsl7r5ghQrLs65JPFwPMAj3M67VC+3UUdR+0Dj1lisMZR2GDhdXlI66BymCF8bJ
k+V+Vr2rl73pMDjaOJGqZlrxLXa7c2lJhLfJ2YQpTjLe2f6UNIVybwdHGxhDOKbg
wOdPQhxCv+ujYSYBCa4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:09 2024 by rpki-client on console-fra.rpki-client.org