Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/HxgjK9Lug6XImvuanSaMI-_K2bE.roa
File: HxgjK9Lug6XImvuanSaMI-_K2bE.roa (raw, json)
Hash identifier: Bp8o3ylbrVzenaIruAHd5r/0n0t+sOSlVUZ+xqT4Vco=
Subject key identifier: 1F:18:23:2B:D2:EE:83:A5:C8:9A:FB:9A:9D:26:8C:23:EF:CA:D9:B1
Certificate issuer: /CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Certificate serial: 01856B533FE32E32AB2CC99FAE18B9CA47F1
Authority key identifier: 40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/HxgjK9Lug6XImvuanSaMI-_K2bE.roa
Signing time: Sun 01 Jan 2023 03:14:55 +0000
ROA not before: Sun 01 Jan 2023 03:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 193.104.147.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:3f:e3:2e:32:ab:2c:c9:9f:ae:18:b9:ca:47:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Validity
Not Before: Jan 1 03:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f18232bd2ee83a5c89afb9a9d268c23efcad9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:8d:a1:f3:fd:b1:24:de:cf:07:cc:ed:dd:
7f:d9:50:58:f6:b0:67:d1:e8:93:6a:1f:06:a6:47:
3f:31:05:5f:5c:b9:5a:a8:51:71:5e:99:e8:c5:2b:
d3:f1:79:6e:9b:2a:b6:ea:49:28:56:e1:1a:0a:c9:
5b:d7:fd:48:6e:62:8d:5c:07:df:23:19:b2:56:da:
c5:71:f3:d7:d6:ea:b2:10:6a:61:df:02:2f:7b:80:
68:00:03:63:f4:ac:56:88:ae:46:f0:5e:4a:f5:e6:
99:59:5d:03:0f:63:ff:3a:22:dd:d2:15:ef:c5:be:
44:55:fc:01:72:fc:31:66:e7:e8:73:35:8c:fb:4f:
44:b4:fa:31:dd:8a:4e:7c:3a:e6:e2:fc:14:78:f1:
44:ab:68:f6:7f:d7:8b:fd:9c:42:a6:5f:13:f3:46:
27:13:79:1e:09:fb:9a:71:72:c6:5d:62:af:fd:29:
5f:9b:92:b3:22:96:6d:76:20:04:7d:48:ba:73:df:
f2:0f:6c:a6:9d:01:56:3f:24:91:9e:8d:1a:0b:c8:
dc:fb:50:ec:e4:b7:a6:6c:28:d1:51:8f:03:88:b7:
b7:b2:75:76:e3:32:c2:1f:3e:0c:ce:db:4d:d5:ae:
6a:ef:c5:44:17:c9:6f:74:f0:10:0a:b9:fb:6f:c7:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:18:23:2B:D2:EE:83:A5:C8:9A:FB:9A:9D:26:8C:23:EF:CA:D9:B1
X509v3 Authority Key Identifier:
keyid:40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/HxgjK9Lug6XImvuanSaMI-_K2bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.147.0/24
Signature Algorithm: sha256WithRSAEncryption
95:9e:44:07:14:8d:e7:36:43:de:3d:a9:37:a7:81:68:1d:26:
91:39:78:32:6b:c4:f1:3f:03:0a:dc:c2:0d:b4:5e:90:45:cc:
63:8e:65:f8:5e:07:80:84:18:ea:5d:bd:ec:8d:f8:47:7c:62:
aa:67:b2:07:74:ad:0a:b9:5e:2e:80:93:b9:84:99:28:23:d9:
6a:55:d3:28:cd:78:eb:98:3d:22:51:95:e5:81:29:04:7a:ec:
05:87:e9:e8:38:55:9c:95:3e:b6:9f:63:9a:fe:f9:16:89:ca:
d5:30:45:34:01:62:c8:b8:50:86:81:41:ea:28:e6:49:e6:a1:
cb:53:37:4d:38:93:7b:57:b4:55:ac:3a:5c:e3:ca:c2:e9:a0:
ed:80:fa:b9:34:3d:03:67:30:fd:7d:b1:e4:1f:84:38:c8:74:
fa:18:4c:c9:00:95:d7:26:87:51:be:25:07:35:d8:c4:c8:3f:
24:52:22:82:67:96:6c:f4:8f:2e:bb:06:27:7e:61:3c:9a:16:
8d:3e:22:fe:52:1e:fb:60:66:2d:04:8a:a4:d1:9b:9c:ef:2a:
01:cb:b5:98:30:a2:19:a9:0f:8b:05:77:f7:04:fa:a0:c2:49:
e7:79:ea:9d:71:1c:51:3e:e0:f8:d3:09:4e:9b:c0:de:4c:ea:
79:20:24:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUz/jLjKrLMmfrhi5ykfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmE5MjI1MGMyODU4MGYyYWQ0Y2MxYzM1N2IwMmEyNWE3
OTBjZjcwHhcNMjMwMTAxMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE4MjMyYmQyZWU4M2E1Yzg5YWZiOWE5ZDI2OGMyM2VmY2FkOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh06NofP9sSTezwfM7d1/2VBY9rBn
0eiTah8Gpkc/MQVfXLlaqFFxXpnoxSvT8Xlumyq26kkoVuEaCslb1/1IbmKNXAff
IxmyVtrFcfPX1uqyEGph3wIve4BoAANj9KxWiK5G8F5K9eaZWV0DD2P/OiLd0hXv
xb5EVfwBcvwxZufoczWM+09EtPox3YpOfDrm4vwUePFEq2j2f9eL/ZxCpl8T80Yn
E3keCfuacXLGXWKv/Slfm5KzIpZtdiAEfUi6c9/yD2ymnQFWPySRno0aC8jc+1Ds
5LembCjRUY8DiLe3snV24zLCHz4MzttN1a5q78VEF8lvdPAQCrn7b8cFhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8YIyvS7oOlyJr7mp0mjCPvytmxMB8GA1UdIwQY
MBaAFEBqkiUMKFgPKtTMHDV7AqJaeQz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMt
N2YyMGVmMDJmMjY0LzEvSHhnaks5THVnNlhJbXZ1YW5TYU1JLV9LMmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMtN2YyMGVmMDJmMjY0
LzEvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiTMA0G
CSqGSIb3DQEBCwUAA4IBAQCVnkQHFI3nNkPePak3p4FoHSaROXgya8TxPwMK3MIN
tF6QRcxjjmX4XgeAhBjqXb3sjfhHfGKqZ7IHdK0KuV4ugJO5hJkoI9lqVdMozXjr
mD0iUZXlgSkEeuwFh+noOFWclT62n2Oa/vkWicrVMEU0AWLIuFCGgUHqKOZJ5qHL
UzdNOJN7V7RVrDpc48rC6aDtgPq5ND0DZzD9fbHkH4Q4yHT6GEzJAJXXJodRviUH
NdjEyD8kUiKCZ5Zs9I8uuwYnfmE8mhaNPiL+Uh77YGYtBIqk0Zuc7yoBy7WYMKIZ
qQ+LBXf3BPqgwknneeqdcRxRPuD40wlOm8DeTOp5ICR+
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:36 2024 by rpki-client on console-fra.rpki-client.org