Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/HkywzldTRAcA-V_s7hLkchz1VG8.roa
File: HkywzldTRAcA-V_s7hLkchz1VG8.roa (raw, json)
Hash identifier: 7paOxTKM/FJTnZpk8HMPMbX7BLw9oP/c8vgvQRODZ2I=
Subject key identifier: 1E:4C:B0:CE:57:53:44:07:00:F9:5F:EC:EE:12:E4:72:1C:F5:54:6F
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0189B639F3003F8875FC2D78AB316F4F3F01
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/HkywzldTRAcA-V_s7hLkchz1VG8.roa
Signing time: Wed 02 Aug 2023 12:29:58 +0000
ROA not before: Wed 02 Aug 2023 12:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 80.71.237.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:39:f3:00:3f:88:75:fc:2d:78:ab:31:6f:4f:3f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 2 12:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e4cb0ce5753440700f95fecee12e4721cf5546f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e2:b4:a3:62:6e:50:db:c0:2a:9f:56:41:b7:
9d:17:cb:e5:f3:7d:0a:57:15:ac:9b:cc:3a:e5:44:
76:cf:60:ae:73:d8:77:0c:97:60:23:38:21:1b:32:
5e:1b:07:cf:57:2e:11:5e:21:11:01:52:9a:89:93:
7f:18:72:9b:ec:c6:2f:4e:d0:cd:d4:65:c0:17:51:
12:a1:4c:bd:88:6b:63:8b:e0:72:1e:48:51:ed:4b:
09:32:6e:a4:01:08:46:f9:bb:39:c9:77:dd:9e:d6:
d4:e1:67:f0:d0:10:bc:ba:6c:15:6a:de:70:3e:09:
09:09:ec:6e:c3:8c:7d:41:f5:aa:92:3a:88:1a:75:
ef:a6:0b:10:9d:cc:2b:dc:1f:92:2f:a2:cb:8e:93:
5a:5a:77:29:16:da:86:f2:e9:f9:41:81:da:10:db:
cf:1c:b1:51:cb:b3:0f:b7:b0:c6:74:20:12:7c:cb:
6e:14:cc:0f:17:d1:3c:c2:eb:c3:32:8b:e3:70:d7:
15:58:85:92:24:c2:45:5a:29:ab:11:3d:bb:35:97:
f6:bd:92:6f:85:b2:90:a2:a4:78:90:77:8d:f0:b3:
6f:4c:41:9e:1f:93:5c:4f:27:30:6b:ed:4c:31:10:
aa:1f:0e:cb:38:a8:4b:8a:84:6a:f8:ac:2a:a1:9b:
76:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4C:B0:CE:57:53:44:07:00:F9:5F:EC:EE:12:E4:72:1C:F5:54:6F
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/HkywzldTRAcA-V_s7hLkchz1VG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.237.0/24
81.29.149.0/24
Signature Algorithm: sha256WithRSAEncryption
11:91:25:16:fe:22:3a:86:21:24:eb:c1:c6:97:4c:4e:bb:ad:
a0:17:20:09:ac:e7:a9:3e:af:9f:ba:9a:e3:53:6d:e8:69:be:
5c:03:18:dd:0f:c4:3a:5b:75:8c:54:f4:66:dd:5e:ac:4e:27:
3d:57:09:7f:f8:69:0b:f2:b5:29:39:25:17:ce:4e:2e:a1:ff:
d3:17:bd:3e:b8:30:6a:a4:1d:9e:80:80:89:c3:a7:c5:c3:dc:
61:db:b0:81:ca:d2:aa:01:65:78:b1:f0:76:c4:de:d5:5f:08:
e9:bb:da:3c:79:77:63:68:cf:dd:e4:77:62:35:70:cb:75:01:
14:81:a0:0c:23:9c:5f:ce:a8:a5:d5:3d:f1:47:b2:35:a1:d0:
59:ba:a3:a6:0e:ae:98:37:ca:0a:63:10:5a:cc:25:bd:be:c3:
03:9a:3a:1b:35:0c:4f:56:33:04:e4:85:9b:53:c0:f7:9c:33:
7e:41:ca:1d:e9:8c:4e:86:f4:e3:4c:e7:d2:96:96:cc:07:83:
77:63:25:5b:a9:e0:04:2e:e9:b6:2e:2d:5a:a0:58:24:7c:b7:
28:d6:d6:93:65:e3:4e:57:a8:98:95:f7:1a:c5:e2:0f:a6:4f:
3d:39:b2:b7:4f:d0:f3:af:f3:b9:cb:de:bd:60:b3:e2:f0:16:
78:e5:40:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm2OfMAP4h1/C14qzFvTz8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODAyMTIyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRjYjBjZTU3NTM0NDA3MDBmOTVmZWNlZTEyZTQ3MjFjZjU1NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOK0o2JuUNvAKp9WQbedF8vl830K
VxWsm8w65UR2z2Cuc9h3DJdgIzghGzJeGwfPVy4RXiERAVKaiZN/GHKb7MYvTtDN
1GXAF1ESoUy9iGtji+ByHkhR7UsJMm6kAQhG+bs5yXfdntbU4Wfw0BC8umwVat5w
PgkJCexuw4x9QfWqkjqIGnXvpgsQncwr3B+SL6LLjpNaWncpFtqG8un5QYHaENvP
HLFRy7MPt7DGdCASfMtuFMwPF9E8wuvDMovjcNcVWIWSJMJFWimrET27NZf2vZJv
hbKQoqR4kHeN8LNvTEGeH5NcTycwa+1MMRCqHw7LOKhLioRq+KwqoZt2HQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5MsM5XU0QHAPlf7O4S5HIc9VRvMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvSGt5d3psZFRSQWNBLVZfczdoTGtjaHoxVkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEftAwQA
UR2VMA0GCSqGSIb3DQEBCwUAA4IBAQARkSUW/iI6hiEk68HGl0xOu62gFyAJrOep
Pq+fuprjU23oab5cAxjdD8Q6W3WMVPRm3V6sTic9Vwl/+GkL8rUpOSUXzk4uof/T
F70+uDBqpB2egICJw6fFw9xh27CBytKqAWV4sfB2xN7VXwjpu9o8eXdjaM/d5Hdi
NXDLdQEUgaAMI5xfzqil1T3xR7I1odBZuqOmDq6YN8oKYxBazCW9vsMDmjobNQxP
VjME5IWbU8D3nDN+Qcod6YxOhvTjTOfSlpbMB4N3YyVbqeAELum2Li1aoFgkfLco
1taTZeNOV6iYlfcaxeIPpk89ObK3T9Dzr/O5y969YLPi8BZ45UDe
Generated at Wed Aug 16 06:01:02 2023 by rpki-client on console-ams.rpki-client.org