Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/hPDKNazf6P6-Wk3K8HH3kdGUt5M.roa
File: hPDKNazf6P6-Wk3K8HH3kdGUt5M.roa (raw, json)
Hash identifier: sVDF7nBe5/+ESrdUk4rVcag6gTp6N3/hBj02Vzkn4Ik=
Subject key identifier: 84:F0:CA:35:AC:DF:E8:FE:BE:5A:4D:CA:F0:71:F7:91:D1:94:B7:93
Certificate issuer: /CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Certificate serial: 01856FD4E939A34875DAF0A18A10CFBC265A
Authority key identifier: 16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/hPDKNazf6P6-Wk3K8HH3kdGUt5M.roa
Signing time: Mon 02 Jan 2023 00:15:02 +0000
ROA not before: Mon 02 Jan 2023 00:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 91.199.253.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:e9:39:a3:48:75:da:f0:a1:8a:10:cf:bc:26:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Validity
Not Before: Jan 2 00:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84f0ca35acdfe8febe5a4dcaf071f791d194b793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:57:da:9b:e7:f3:a1:de:43:03:48:a5:6b:8a:
e7:03:29:eb:ad:8e:ac:76:9f:a5:28:fb:31:c3:55:
94:57:1c:ba:33:0e:40:0b:c0:a5:f3:39:c3:f8:42:
ac:70:81:df:8a:00:cb:c9:db:4c:50:53:0d:f8:a5:
9a:2a:f7:05:74:73:77:d8:d3:25:59:05:80:5f:ac:
2a:1c:b9:b0:25:cd:6d:37:c6:f9:93:8a:a7:ba:e3:
2f:37:8a:0a:72:03:ac:e9:c9:0f:ba:5e:4d:3a:91:
91:a7:33:d8:a2:56:b9:6b:ec:c3:5a:0b:47:8f:48:
ad:a3:b5:05:90:f2:f8:1c:88:5e:50:c0:01:32:ab:
44:1a:33:45:da:e7:fc:46:bd:e2:14:9e:c4:7e:33:
ab:76:b7:d6:74:a2:de:89:fe:9d:f6:a1:45:e4:15:
6c:d2:19:2b:4b:b6:e6:04:a1:2e:43:0f:03:47:b0:
fc:d6:d1:83:8c:9c:9b:11:70:b2:04:ce:1a:31:36:
1e:86:0f:5b:71:40:17:ce:b2:68:65:d8:8d:81:b9:
1a:40:14:78:f5:17:fa:01:5d:01:96:16:ad:0e:ef:
e8:77:39:45:84:45:24:f6:14:87:b1:4b:23:d2:84:
d7:6d:93:af:eb:57:5e:04:f8:20:60:d2:9b:97:70:
3c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F0:CA:35:AC:DF:E8:FE:BE:5A:4D:CA:F0:71:F7:91:D1:94:B7:93
X509v3 Authority Key Identifier:
keyid:16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/hPDKNazf6P6-Wk3K8HH3kdGUt5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/FoXNul19r23cz4Z1qQoltu1kRNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.253.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3f:bb:75:4d:b6:6c:55:21:d2:16:0d:fa:7f:dc:19:03:dd:
90:dd:b1:30:96:80:e7:fa:09:b0:64:d2:09:32:d3:bd:9a:0e:
6a:b0:50:be:ed:ba:89:b8:03:09:7b:8d:02:85:2c:8b:66:cc:
33:e1:4f:e0:7c:3e:fe:cf:80:64:c9:83:83:6e:ee:98:dd:e1:
1c:06:96:c3:4b:64:ca:a3:ef:d9:f1:8d:57:60:c7:15:60:23:
46:b0:33:45:c3:c3:9e:77:ce:e4:2d:ed:6e:2a:ca:42:3a:7d:
73:df:9d:3d:e0:c0:6f:0b:96:dd:17:cf:1d:70:16:a4:fa:ca:
45:07:86:cf:aa:0f:d8:2e:2f:19:b0:a5:31:4d:eb:e8:d4:c4:
f9:60:04:9b:72:0b:e5:3a:29:b9:87:6e:85:25:61:aa:70:a8:
f0:c3:c7:6c:44:dd:a5:ed:d2:4a:51:39:51:8d:ea:47:0f:31:
ed:dc:63:19:22:b5:35:d1:d5:4c:9d:c5:a4:6f:3d:86:4a:58:
98:56:52:2d:8d:29:73:99:0f:d4:6d:7f:20:7e:14:1e:96:13:
0f:dd:4b:13:f3:e4:30:6c:82:11:ab:04:56:cd:55:1e:56:f1:
92:4a:33:c0:2e:da:05:ee:27:fd:cc:5c:b5:0a:93:37:32:a3:
0f:be:e3:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Ok5o0h12vChihDPvCZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODVjZGJhNWQ3ZGFmNmRkY2NmODY3NWE5MGEyNWI2ZWQ2
NDQ0ZDcwHhcNMjMwMTAyMDAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYwY2EzNWFjZGZlOGZlYmU1YTRkY2FmMDcxZjc5MWQxOTRiNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1fam+fzod5DA0ila4rnAynrrY6s
dp+lKPsxw1WUVxy6Mw5AC8Cl8znD+EKscIHfigDLydtMUFMN+KWaKvcFdHN32NMl
WQWAX6wqHLmwJc1tN8b5k4qnuuMvN4oKcgOs6ckPul5NOpGRpzPYola5a+zDWgtH
j0ito7UFkPL4HIheUMABMqtEGjNF2uf8Rr3iFJ7EfjOrdrfWdKLeif6d9qFF5BVs
0hkrS7bmBKEuQw8DR7D81tGDjJybEXCyBM4aMTYehg9bcUAXzrJoZdiNgbkaQBR4
9Rf6AV0BlhatDu/odzlFhEUk9hSHsUsj0oTXbZOv61deBPggYNKbl3A8IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITwyjWs3+j+vlpNyvBx95HRlLeTMB8GA1UdIwQY
MBaAFBaFzbpdfa9t3M+GdakKJbbtZETXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMt
ZTI5OGE0M2I4OTMwLzEvaFBES05hemY2UDYtV2szSzhISDNrZEdVdDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMtZTI5OGE0M2I4OTMw
LzEvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f9MA0G
CSqGSIb3DQEBCwUAA4IBAQAQP7t1TbZsVSHSFg36f9wZA92Q3bEwloDn+gmwZNIJ
MtO9mg5qsFC+7bqJuAMJe40ChSyLZswz4U/gfD7+z4BkyYODbu6Y3eEcBpbDS2TK
o+/Z8Y1XYMcVYCNGsDNFw8Oed87kLe1uKspCOn1z35094MBvC5bdF88dcBak+spF
B4bPqg/YLi8ZsKUxTevo1MT5YASbcgvlOim5h26FJWGqcKjww8dsRN2l7dJKUTlR
jepHDzHt3GMZIrU10dVMncWkbz2GSliYVlItjSlzmQ/UbX8gfhQelhMP3UsT8+Qw
bIIRqwRWzVUeVvGSSjPALtoF7if9zFy1CpM3MqMPvuNU
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:35 2024 by rpki-client on console-ams.rpki-client.org