Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/hUPgE6voXgjvux8Ff5yPuchjVrk.roa
File: hUPgE6voXgjvux8Ff5yPuchjVrk.roa (raw, json)
Hash identifier: REZrMkzRQ/H7yYGRYbirXUY8V3JhSzx01ViSdLpIP6g=
Subject key identifier: 85:43:E0:13:AB:E8:5E:08:EF:BB:1F:05:7F:9C:8F:B9:C8:63:56:B9
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 01857255AE47D5883FAD426D5A644B7F8008
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/hUPgE6voXgjvux8Ff5yPuchjVrk.roa
Signing time: Mon 02 Jan 2023 11:54:55 +0000
ROA not before: Mon 02 Jan 2023 11:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50233
IP address blocks: 212.31.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:ae:47:d5:88:3f:ad:42:6d:5a:64:4b:7f:80:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Jan 2 11:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8543e013abe85e08efbb1f057f9c8fb9c86356b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:9e:b6:8c:64:86:29:23:0d:e5:8b:2e:b3:
01:28:85:31:88:7b:ce:13:7b:85:03:77:81:5f:e2:
86:5b:d7:f4:84:a2:53:2d:19:44:6a:ff:77:9e:eb:
dd:f4:1c:fd:bd:9f:57:fc:10:7d:5a:55:af:a4:1a:
54:31:ae:b9:b4:e1:41:6e:7d:df:41:d7:32:3a:25:
69:1f:13:f5:e2:d7:e2:37:f9:03:55:77:48:c5:ec:
f9:9d:2d:0f:c3:ca:e5:c0:72:bf:30:87:0f:27:0d:
fd:5b:70:a4:c1:69:6d:5c:76:d7:94:ac:82:1d:d4:
5b:50:52:de:0d:66:76:8d:e1:e3:43:67:74:44:bb:
93:fd:d3:ce:ce:40:30:25:41:26:9f:da:ae:17:d6:
cf:8d:b9:b8:d2:d5:c7:59:1d:82:c6:d6:0d:a7:b9:
40:f7:92:9e:0e:01:50:e1:9b:2a:6f:49:de:8b:f7:
35:ce:af:6a:24:e5:a6:16:ed:58:39:cb:37:0d:3f:
30:fd:67:b1:d1:be:d1:65:80:00:4b:d1:b6:61:d2:
61:8b:fb:c1:f5:6d:b8:72:94:40:76:85:b1:71:66:
89:06:2a:49:05:ab:31:8b:82:51:22:c5:35:2c:da:
0d:8e:b6:a5:1b:32:d5:b8:01:1e:91:89:d6:c8:3a:
60:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:43:E0:13:AB:E8:5E:08:EF:BB:1F:05:7F:9C:8F:B9:C8:63:56:B9
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/hUPgE6voXgjvux8Ff5yPuchjVrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.31.118.0/23
Signature Algorithm: sha256WithRSAEncryption
30:2a:44:3e:1e:23:0d:72:ac:be:84:b8:e7:30:74:4a:02:1b:
78:89:24:c7:1c:77:e0:77:96:68:21:16:95:46:5d:db:87:24:
c5:a6:2e:7f:d7:14:39:09:3d:56:f0:f8:90:a5:3a:8d:46:32:
93:b4:8b:ca:65:29:37:d8:25:63:92:cf:2e:5e:82:ee:fc:74:
ae:66:15:d1:1d:81:e8:e0:0c:cd:c7:9e:7f:c7:87:30:1c:07:
bb:45:ef:e0:28:34:77:ba:9d:c5:57:dd:08:64:b6:1c:7c:d4:
66:7d:10:a1:6c:63:9b:a2:79:b1:22:ad:25:9f:bc:85:22:ab:
d5:23:cc:f2:ba:f0:67:6a:ec:0b:10:d6:54:25:f7:b4:c7:16:
ac:1a:ce:ff:40:31:da:df:61:1c:c4:cd:96:6a:5f:27:f2:1b:
d8:35:65:14:77:da:59:d1:37:fd:2c:0e:a9:f7:8a:19:48:a3:
f2:5a:29:f8:7f:7b:0b:d1:d0:b4:64:74:fb:e9:2c:7e:01:1e:
e4:27:4e:4d:6a:5b:74:2a:08:97:dd:b2:65:0b:67:75:ce:3d:
07:3e:22:fe:fa:29:bf:20:fb:8b:e4:8b:bc:78:1b:b4:c1:4e:
d3:fb:83:24:d1:d3:ac:cb:08:b4:9a:64:bc:1b:33:d0:76:13:
bf:91:53:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVa5H1Yg/rUJtWmRLf4AIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjMwMTAyMTE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQzZTAxM2FiZTg1ZTA4ZWZiYjFmMDU3ZjljOGZiOWM4NjM1NmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgKetoxkhikjDeWLLrMBKIUxiHvO
E3uFA3eBX+KGW9f0hKJTLRlEav93nuvd9Bz9vZ9X/BB9WlWvpBpUMa65tOFBbn3f
QdcyOiVpHxP14tfiN/kDVXdIxez5nS0Pw8rlwHK/MIcPJw39W3CkwWltXHbXlKyC
HdRbUFLeDWZ2jeHjQ2d0RLuT/dPOzkAwJUEmn9quF9bPjbm40tXHWR2CxtYNp7lA
95KeDgFQ4Zsqb0nei/c1zq9qJOWmFu1YOcs3DT8w/Wex0b7RZYAAS9G2YdJhi/vB
9W24cpRAdoWxcWaJBipJBasxi4JRIsU1LNoNjralGzLVuAEekYnWyDpgPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVD4BOr6F4I77sfBX+cj7nIY1a5MB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvaFVQZ0U2dm9YZ2p2dXg4RmY1eVB1Y2hqVnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1B92MA0G
CSqGSIb3DQEBCwUAA4IBAQAwKkQ+HiMNcqy+hLjnMHRKAht4iSTHHHfgd5ZoIRaV
Rl3bhyTFpi5/1xQ5CT1W8PiQpTqNRjKTtIvKZSk32CVjks8uXoLu/HSuZhXRHYHo
4AzNx55/x4cwHAe7Re/gKDR3up3FV90IZLYcfNRmfRChbGObonmxIq0ln7yFIqvV
I8zyuvBnauwLENZUJfe0xxasGs7/QDHa32EcxM2Wal8n8hvYNWUUd9pZ0Tf9LA6p
94oZSKPyWin4f3sL0dC0ZHT76Sx+AR7kJ05Nalt0KgiX3bJlC2d1zj0HPiL++im/
IPuL5Iu8eBu0wU7T+4Mk0dOsywi0mmS8GzPQdhO/kVO1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:14 2024 by rpki-client on console-fra.rpki-client.org