Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/HlXYdJl_yQgKeM9NNsUEQbO9PmU.roa
File: HlXYdJl_yQgKeM9NNsUEQbO9PmU.roa (raw, json)
Hash identifier: FipsEEgfSA6TdR74VxptLDlGlSHsMZur/v+qwCN24sw=
Subject key identifier: 1E:55:D8:74:99:7F:C9:08:0A:78:CF:4D:36:C5:04:41:B3:BD:3E:65
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0185701EE3F58D87D749508D92BA96B5494D
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/HlXYdJl_yQgKeM9NNsUEQbO9PmU.roa
Signing time: Mon 02 Jan 2023 01:35:50 +0000
ROA not before: Mon 02 Jan 2023 01:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 193.219.97.0/24 maxlen: 24
2a0d:f300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e3:f5:8d:87:d7:49:50:8d:92:ba:96:b5:49:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Jan 2 01:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e55d874997fc9080a78cf4d36c50441b3bd3e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:10:f8:8f:6c:b6:b4:8b:f5:b0:7b:32:43:
a6:9b:ac:4b:b0:88:90:ea:fd:41:cf:5e:71:f3:b9:
45:bb:64:17:6d:b8:05:5b:d0:52:33:5f:3e:a5:12:
20:37:a8:f9:50:58:41:d3:95:63:21:a5:96:9c:cd:
43:03:39:d8:e4:12:9f:9f:bf:f8:e9:f7:5a:d5:7c:
3e:7f:57:53:f9:3d:67:e9:d8:df:59:c3:18:9c:3a:
9c:15:96:50:14:a3:a5:33:8f:21:5b:a7:a4:f2:b7:
5d:cc:f7:47:d6:03:54:a7:60:d0:5b:e9:04:73:b9:
0b:54:6c:31:58:a5:fc:67:ec:f7:7f:1e:f0:d9:ae:
29:be:a0:6d:69:36:bf:a3:51:92:20:a1:15:d6:f3:
63:eb:4f:b5:4a:96:83:e4:41:14:4f:0e:2e:39:57:
b7:91:35:e2:cd:51:1b:f4:78:80:cb:79:63:a9:8d:
5c:9f:c1:18:8e:d4:de:7c:e5:67:fd:1a:ba:ee:fe:
d8:f1:fa:37:3c:63:3f:55:14:39:a3:a8:15:38:cd:
37:c9:57:25:f1:5f:b2:51:c5:04:54:38:8b:01:7b:
49:70:2d:66:eb:92:93:62:ea:ef:7d:c3:fa:52:10:
e8:25:5b:5a:f7:ff:39:70:46:42:e0:1e:31:74:aa:
c7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:55:D8:74:99:7F:C9:08:0A:78:CF:4D:36:C5:04:41:B3:BD:3E:65
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/HlXYdJl_yQgKeM9NNsUEQbO9PmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.97.0/24
IPv6:
2a0d:f300::/32
Signature Algorithm: sha256WithRSAEncryption
51:11:e2:3a:23:b5:00:1e:59:4f:51:36:a7:a8:f0:7b:a8:02:
bc:27:01:14:36:54:4d:c9:f0:dc:8a:6c:f4:23:50:1f:33:81:
d0:ec:84:7e:aa:e0:a3:15:5a:70:b4:63:51:3c:fc:91:70:66:
bc:81:cf:6d:33:97:4d:98:8e:7b:ca:1a:6a:89:51:5c:f6:80:
59:33:22:91:53:06:54:0d:64:8c:f8:2a:88:d9:79:09:ba:04:
63:e7:03:ae:27:98:91:32:96:ad:98:6c:d6:0e:34:cf:e3:4c:
2d:16:20:8c:4f:f4:97:7d:57:44:86:70:50:a8:9e:46:f6:6d:
f3:05:30:86:42:39:1f:23:d9:d8:41:3b:48:3c:8b:ac:21:f6:
00:c6:1f:ea:6b:c9:76:e8:55:d8:87:d5:d4:95:83:56:5e:22:
13:bd:f7:40:92:eb:03:59:ba:bd:d7:8c:08:2a:27:75:3d:72:
61:64:6a:fe:6c:f4:33:b3:b1:cf:c7:2b:18:98:2b:76:31:9a:
63:e7:30:5d:be:21:8e:47:18:14:08:ac:95:6a:c7:66:30:6b:
ce:79:28:b3:f3:06:8a:a8:16:7f:98:0c:6b:aa:ca:ac:52:6a:
eb:9a:bc:c4:32:d3:a4:01:15:8e:c0:07:44:7b:7a:a4:0c:2f:
61:17:94:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwHuP1jYfXSVCNkrqWtUlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjMwMTAyMDEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU1ZDg3NDk5N2ZjOTA4MGE3OGNmNGQzNmM1MDQ0MWIzYmQzZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi28Q+I9strSL9bB7MkOmm6xLsIiQ
6v1Bz15x87lFu2QXbbgFW9BSM18+pRIgN6j5UFhB05VjIaWWnM1DAznY5BKfn7/4
6fda1Xw+f1dT+T1n6djfWcMYnDqcFZZQFKOlM48hW6ek8rddzPdH1gNUp2DQW+kE
c7kLVGwxWKX8Z+z3fx7w2a4pvqBtaTa/o1GSIKEV1vNj60+1SpaD5EEUTw4uOVe3
kTXizVEb9HiAy3ljqY1cn8EYjtTefOVn/Rq67v7Y8fo3PGM/VRQ5o6gVOM03yVcl
8V+yUcUEVDiLAXtJcC1m65KTYurvfcP6UhDoJVta9/85cEZC4B4xdKrHmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB5V2HSZf8kICnjPTTbFBEGzvT5lMB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvSGxYWWRKbF95UWdLZU05Tk5zVUVRYk85UG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwdthMA0E
AgACMAcDBQAqDfMAMA0GCSqGSIb3DQEBCwUAA4IBAQBREeI6I7UAHllPUTanqPB7
qAK8JwEUNlRNyfDcimz0I1AfM4HQ7IR+quCjFVpwtGNRPPyRcGa8gc9tM5dNmI57
yhpqiVFc9oBZMyKRUwZUDWSM+CqI2XkJugRj5wOuJ5iRMpatmGzWDjTP40wtFiCM
T/SXfVdEhnBQqJ5G9m3zBTCGQjkfI9nYQTtIPIusIfYAxh/qa8l26FXYh9XUlYNW
XiITvfdAkusDWbq914wIKid1PXJhZGr+bPQzs7HPxysYmCt2MZpj5zBdviGORxgU
CKyVasdmMGvOeSiz8waKqBZ/mAxrqsqsUmrrmrzEMtOkARWOwAdEe3qkDC9hF5Sm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org