Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/HdNszhMWxEbPM9bXIP7REPNcGeE.roa
File: HdNszhMWxEbPM9bXIP7REPNcGeE.roa (raw, json)
Hash identifier: nyw5bCyZUuE55lE9LE0ms3+s9Wf78U+D1nONdr3AwQE=
Subject key identifier: 1D:D3:6C:CE:13:16:C4:46:CF:33:D6:D7:20:FE:D1:10:F3:5C:19:E1
Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Certificate serial: 018571FA3CF5406354341B16D05CB23CAD9E
Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/HdNszhMWxEbPM9bXIP7REPNcGeE.roa
Signing time: Mon 02 Jan 2023 10:15:03 +0000
ROA not before: Mon 02 Jan 2023 10:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12826
IP address blocks: 185.55.164.0/22 maxlen: 22
91.151.64.0/20 maxlen: 20
2a00:ef60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:3c:f5:40:63:54:34:1b:16:d0:5c:b2:3c:ad:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Validity
Not Before: Jan 2 10:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dd36cce1316c446cf33d6d720fed110f35c19e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:c9:52:dc:ac:ed:5d:33:4c:43:a6:4f:47:
cf:4b:cf:48:43:4a:cb:67:dc:b0:23:9f:af:96:00:
d2:bd:21:29:e4:79:df:cd:51:19:32:22:08:7e:d9:
20:9f:96:45:65:18:fe:52:39:23:c4:6a:74:30:f7:
d3:d8:df:f9:04:9d:01:b5:d9:bc:20:93:f0:4d:5f:
b4:67:bb:b7:b4:7e:eb:27:36:e9:67:11:7a:f0:06:
e6:8e:15:cb:86:21:02:28:0f:84:1d:94:50:05:d2:
16:a6:15:0d:18:e1:28:b8:29:42:1f:a8:32:b5:f9:
11:f6:34:3f:4a:33:c4:f9:ab:89:8d:64:a1:9b:e6:
3e:26:06:16:0a:07:c1:a9:98:f7:58:94:b7:7b:fc:
57:8d:06:59:c6:d9:0d:3c:92:ed:74:22:63:1b:41:
53:69:61:2f:46:fe:a0:68:aa:4e:df:d6:5d:67:d0:
0a:06:e9:9d:a5:35:35:07:4d:1d:9b:71:20:74:d9:
0c:0a:f2:55:ae:2c:71:3b:0d:6f:ad:e1:87:6c:93:
08:7f:c5:a1:43:ad:64:01:c5:c4:02:50:0c:5f:82:
10:db:a2:e7:8f:cd:d4:0d:9b:a8:7a:96:dd:de:72:
2b:15:7e:ca:dd:93:cd:0a:83:8d:be:9c:4f:d6:1b:
33:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D3:6C:CE:13:16:C4:46:CF:33:D6:D7:20:FE:D1:10:F3:5C:19:E1
X509v3 Authority Key Identifier:
keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/HdNszhMWxEbPM9bXIP7REPNcGeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.64.0/20
185.55.164.0/22
IPv6:
2a00:ef60::/32
Signature Algorithm: sha256WithRSAEncryption
ad:b1:11:b8:bc:7c:89:95:21:2b:c1:24:bb:b9:d8:fb:48:bc:
1b:b7:a1:64:16:3f:66:a5:fd:5e:10:44:62:02:8c:39:1e:9e:
97:1b:1d:d1:ee:b2:53:ca:8b:da:d1:c5:2c:a0:70:24:8c:58:
bb:0f:85:34:d0:5b:6d:5f:9f:ee:0e:42:d8:d8:71:e1:6a:77:
24:c1:d8:34:50:2f:ca:93:d3:ca:d3:cc:5d:ef:8d:cb:59:87:
d1:03:2b:0b:04:5f:68:ea:48:c5:23:c2:25:fe:6f:cf:56:cc:
10:61:16:36:33:32:d1:19:ea:d9:5b:ac:46:0e:9e:db:80:f4:
20:14:3f:3f:83:7a:72:d1:22:06:6c:70:00:0c:8f:29:48:5b:
bd:ff:40:1f:22:d0:59:3e:2f:85:67:9d:89:0b:6d:98:b9:00:
f1:eb:e6:f6:62:4c:56:13:cc:6d:b4:f3:6a:6e:f7:65:fc:ff:
e8:52:a5:4d:09:fd:46:ee:a7:a2:cb:f0:6c:09:e3:e2:5e:22:
df:91:c9:19:0d:07:49:86:f0:a2:67:da:45:37:a5:94:b4:23:
20:11:f1:c9:fd:c3:2c:e5:9c:ec:90:52:55:40:2c:fa:c9:4f:
93:0b:84:57:c6:c5:11:46:0b:75:b8:0b:75:38:e1:6d:38:d6:
c2:9e:5a:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVx+jz1QGNUNBsW0FyyPK2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2
ODI5MzMwHhcNMjMwMTAyMTAxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQzNmNjZTEzMTZjNDQ2Y2YzM2Q2ZDcyMGZlZDExMGYzNWMxOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnDJUtys7V0zTEOmT0fPS89IQ0rL
Z9ywI5+vlgDSvSEp5HnfzVEZMiIIftkgn5ZFZRj+UjkjxGp0MPfT2N/5BJ0Btdm8
IJPwTV+0Z7u3tH7rJzbpZxF68AbmjhXLhiECKA+EHZRQBdIWphUNGOEouClCH6gy
tfkR9jQ/SjPE+auJjWShm+Y+JgYWCgfBqZj3WJS3e/xXjQZZxtkNPJLtdCJjG0FT
aWEvRv6gaKpO39ZdZ9AKBumdpTU1B00dm3EgdNkMCvJVrixxOw1vreGHbJMIf8Wh
Q61kAcXEAlAMX4IQ26Lnj83UDZuoepbd3nIrFX7K3ZPNCoONvpxP1hszswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB3TbM4TFsRGzzPW1yD+0RDzXBnhMB8GA1UdIwQY
MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt
OTVhYjgxYjc3NjkxLzEvSGROc3poTVd4RWJQTTliWElQN1JFUE5jR2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx
LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW5dAAwQC
uTekMA0EAgACMAcDBQAqAO9gMA0GCSqGSIb3DQEBCwUAA4IBAQCtsRG4vHyJlSEr
wSS7udj7SLwbt6FkFj9mpf1eEERiAow5Hp6XGx3R7rJTyova0cUsoHAkjFi7D4U0
0FttX5/uDkLY2HHhanckwdg0UC/Kk9PK08xd743LWYfRAysLBF9o6kjFI8Il/m/P
VswQYRY2MzLRGerZW6xGDp7bgPQgFD8/g3py0SIGbHAADI8pSFu9/0AfItBZPi+F
Z52JC22YuQDx6+b2YkxWE8xttPNqbvdl/P/oUqVNCf1G7qeiy/BsCePiXiLfkckZ
DQdJhvCiZ9pFN6WUtCMgEfHJ/cMs5ZzskFJVQCz6yU+TC4RXxsURRgt1uAt1OOFt
ONbCnloF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org