Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Hkj1fubHgOhgZCF7uW7sl4yV-Q0.roa
File: Hkj1fubHgOhgZCF7uW7sl4yV-Q0.roa (raw, json)
Hash identifier: jNWAKjEeJ96nAFjq7sruyj5YQfM6ox+m2S6BVlbcT2M=
Subject key identifier: 1E:48:F5:7E:E6:C7:80:E8:60:64:21:7B:B9:6E:EC:97:8C:95:F9:0D
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01875541E486BD4FEFAC84194E2B304233E1
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Hkj1fubHgOhgZCF7uW7sl4yV-Q0.roa
Signing time: Thu 06 Apr 2023 06:29:54 +0000
ROA not before: Thu 06 Apr 2023 06:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.95.201.0/24 maxlen: 24
37.19.68.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:41:e4:86:bd:4f:ef:ac:84:19:4e:2b:30:42:33:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Apr 6 06:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e48f57ee6c780e86064217bb96eec978c95f90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:37:d5:ae:a1:e9:f6:d9:02:3a:a8:48:85:22:
57:b0:ed:d1:50:8b:cb:1f:1e:36:3e:a3:80:c3:10:
73:5d:35:e8:e0:78:1f:97:05:23:d8:fa:80:2e:28:
bc:25:2e:bd:8c:e1:ca:bb:03:c8:db:ed:32:98:5b:
49:19:0f:be:fc:3b:37:3c:33:62:d3:9f:13:4e:f2:
9d:7f:40:97:5e:fb:56:73:2d:70:c7:65:13:c1:58:
69:25:ca:73:fb:f9:df:70:f2:86:67:d9:f8:bd:fe:
f0:69:b9:66:ba:b9:44:04:8f:69:ab:9c:18:48:2f:
e4:7e:68:eb:2e:30:47:6f:9a:10:d7:3a:58:b3:83:
2c:e7:41:d7:6b:ec:81:7c:fb:f3:bb:63:a7:7b:bb:
f4:49:3f:5b:73:59:a2:b8:57:6a:6d:89:a8:71:19:
9b:cb:f8:9b:f9:4c:3b:bb:ab:47:9a:2a:85:d0:7a:
77:6e:4e:e2:7d:6f:9c:36:9a:52:d8:09:ea:85:1e:
5f:da:9b:7a:b3:2a:49:d8:d1:55:b9:77:00:6f:42:
e6:a5:b8:cc:d0:a9:02:96:89:b5:34:56:3b:b7:61:
9a:3f:a2:a4:1e:a6:a8:b1:aa:ab:0e:cd:da:8a:87:
2b:90:16:5f:57:88:2f:b2:36:94:c1:c3:d0:3b:6e:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:48:F5:7E:E6:C7:80:E8:60:64:21:7B:B9:6E:EC:97:8C:95:F9:0D
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Hkj1fubHgOhgZCF7uW7sl4yV-Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.68.0/22
195.95.201.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:90:db:5b:0a:44:95:66:a6:70:5b:0c:6a:07:bd:24:8c:3a:
18:5e:f5:ff:6b:73:79:0a:0e:b8:22:f8:39:f2:f6:13:17:cd:
a1:f1:3b:e8:e6:0c:1f:1e:1b:0e:10:70:ee:c2:d1:8c:33:4f:
c9:6c:88:ec:2c:87:b7:04:d7:10:6b:6d:61:83:40:01:be:e1:
e7:fd:20:40:62:7a:d3:6a:a6:bb:4f:46:24:7c:b6:95:b1:07:
9a:68:e1:46:0d:ed:6a:a1:80:f5:f4:5f:82:fd:32:96:4f:41:
5a:4b:f1:29:3f:02:24:99:f8:21:ef:ef:12:c8:fd:ff:51:fb:
41:89:1e:aa:f7:4f:52:24:e5:58:d3:a3:ed:4d:63:ae:0a:f2:
7b:d2:28:d5:44:c8:2a:41:e9:79:bc:9c:6e:88:90:c9:3c:0c:
c3:ec:a9:86:05:46:18:ea:ae:ee:07:b4:e0:06:8c:9e:d7:48:
23:6d:01:ff:04:42:f6:dd:22:ca:a6:da:e8:1b:2c:84:c0:40:
d1:b5:c2:4d:65:0e:42:77:f8:72:95:20:aa:24:5d:69:73:ab:
8c:f8:3a:b7:1a:ce:f3:1c:f5:d2:c6:d2:da:ad:f0:d6:93:44:
9d:ed:82:6c:26:70:06:f7:74:97:bf:a5:eb:69:44:15:c0:05:
48:5b:eb:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdVQeSGvU/vrIQZTiswQjPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwNDA2MDYyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ4ZjU3ZWU2Yzc4MGU4NjA2NDIxN2JiOTZlZWM5NzhjOTVmOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTfVrqHp9tkCOqhIhSJXsO3RUIvL
Hx42PqOAwxBzXTXo4HgflwUj2PqALii8JS69jOHKuwPI2+0ymFtJGQ++/Ds3PDNi
058TTvKdf0CXXvtWcy1wx2UTwVhpJcpz+/nfcPKGZ9n4vf7wablmurlEBI9pq5wY
SC/kfmjrLjBHb5oQ1zpYs4Ms50HXa+yBfPvzu2One7v0ST9bc1miuFdqbYmocRmb
y/ib+Uw7u6tHmiqF0Hp3bk7ifW+cNppS2AnqhR5f2pt6sypJ2NFVuXcAb0LmpbjM
0KkClom1NFY7t2GaP6KkHqaosaqrDs3aiocrkBZfV4gvsjaUwcPQO24hMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5I9X7mx4DoYGQhe7lu7JeMlfkNMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvSGtqMWZ1YkhnT2hnWkNGN3VXN3NsNHlWLVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJRNEAwQA
w1/JMA0GCSqGSIb3DQEBCwUAA4IBAQDLkNtbCkSVZqZwWwxqB70kjDoYXvX/a3N5
Cg64Ivg58vYTF82h8Tvo5gwfHhsOEHDuwtGMM0/JbIjsLIe3BNcQa21hg0ABvuHn
/SBAYnrTaqa7T0YkfLaVsQeaaOFGDe1qoYD19F+C/TKWT0FaS/EpPwIkmfgh7+8S
yP3/UftBiR6q909SJOVY06PtTWOuCvJ70ijVRMgqQel5vJxuiJDJPAzD7KmGBUYY
6q7uB7TgBoye10gjbQH/BEL23SLKptroGyyEwEDRtcJNZQ5Cd/hylSCqJF1pc6uM
+Dq3Gs7zHPXSxtLarfDWk0Sd7YJsJnAG93SXv6XraUQVwAVIW+uV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:38 2023 by rpki-client on console-fra.rpki-client.org