Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HF5pcimw1YnSbEjonbjhNQtdKeY.roa
File: HF5pcimw1YnSbEjonbjhNQtdKeY.roa (raw, json)
Hash identifier: DIrBGGDOAD6lPmoZQDGyjVnMDAcpwSrxijf+nldg0I8=
Subject key identifier: 1C:5E:69:72:29:B0:D5:89:D2:6C:48:E8:9D:B8:E1:35:0B:5D:29:E6
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018C7F0FB9D4EE005D077B2FF7E9CF366154
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HF5pcimw1YnSbEjonbjhNQtdKeY.roa
Signing time: Mon 18 Dec 2023 22:33:06 +0000
ROA not before: Mon 18 Dec 2023 22:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 213.142.143.0/24 maxlen: 24
91.151.83.0/24 maxlen: 24
91.151.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7f:0f:b9:d4:ee:00:5d:07:7b:2f:f7:e9:cf:36:61:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 18 22:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c5e697229b0d589d26c48e89db8e1350b5d29e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f9:1d:f6:7a:89:9a:9b:b8:c3:34:1e:53:a0:
3c:ec:a4:94:95:d6:0e:e7:af:ef:08:f2:71:65:f7:
94:19:d0:c7:29:ad:13:3d:cc:ad:8f:7b:27:3b:05:
af:7d:89:61:fe:fd:d9:dc:89:76:0a:55:9a:d5:51:
da:99:4e:c0:c3:7e:9b:b7:ea:fe:f8:c3:ca:c4:e7:
81:9f:a1:a6:f4:17:75:eb:80:72:b2:3e:9b:b7:9f:
b1:c8:57:ed:77:8d:cb:a0:2d:8b:5b:a0:55:18:5e:
33:62:0d:67:5d:2a:53:40:1c:ff:ec:73:89:ad:0e:
d0:31:08:21:8c:d1:de:e3:a0:29:aa:bf:3b:1c:9d:
20:26:f4:48:87:fe:7a:30:f5:b7:76:9a:e5:44:65:
f5:a5:ec:34:f5:f5:d2:f1:b8:0b:89:81:7e:10:b7:
43:8f:32:48:bf:e7:ec:a5:58:be:fd:fe:db:20:d6:
2e:ba:00:9d:d3:75:33:97:1b:8e:cf:28:ad:4e:50:
cf:ad:6e:92:f9:85:95:d4:ef:55:10:7a:6b:6d:53:
15:76:f5:2d:8c:5e:42:c3:ef:84:a7:0b:46:27:0e:
e1:f4:48:cd:52:0f:5a:d9:0d:8d:34:fa:af:e3:da:
5b:d0:27:bb:2b:c0:10:dd:93:0c:48:24:c1:d2:98:
c7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5E:69:72:29:B0:D5:89:D2:6C:48:E8:9D:B8:E1:35:0B:5D:29:E6
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HF5pcimw1YnSbEjonbjhNQtdKeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.83.0-91.151.84.255
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e3:d9:27:96:a0:8b:18:0d:4b:7a:36:78:e8:3f:ee:a3:d5:
55:83:42:9e:61:19:3e:91:dd:8b:95:be:43:8f:c9:2b:39:ad:
18:e0:bf:e7:c9:6e:42:17:cf:b3:63:06:74:57:54:e0:35:ad:
b7:f5:ee:54:78:c7:33:8c:4c:11:94:e3:5b:7d:b3:6b:78:7c:
c2:a4:1f:60:2f:24:34:d7:88:9a:b7:04:dd:73:33:15:1a:86:
19:ec:5d:2c:25:bd:5f:4f:e8:08:22:ed:0e:ce:8d:76:c0:d3:
ae:88:db:e8:0e:97:05:ca:5d:6e:06:e8:f9:6f:e3:9a:53:67:
f7:b3:57:e3:fa:c8:a3:ca:f3:97:06:30:b7:21:0d:7c:5f:bc:
67:d7:9b:6e:2a:6f:6f:40:8c:09:bb:fc:8b:b3:12:bc:e2:a7:
66:af:08:aa:45:00:de:7c:9f:e8:a9:b3:25:0c:b6:1d:a6:03:
63:09:dc:46:76:a2:70:6b:a3:f9:27:cd:00:b0:f0:85:5d:73:
0d:89:22:f3:44:46:37:f5:e0:f0:e7:8a:72:cd:51:a6:1a:23:
0d:6b:43:31:81:77:11:17:0c:ea:24:79:ea:14:65:6c:2b:9a:
c0:d1:f0:51:21:a7:1f:5d:7c:be:f7:bf:0f:41:d1:e8:0e:70:
8e:64:19:c8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYx/D7nU7gBdB3sv9+nPNmFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjE4MjIzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVlNjk3MjI5YjBkNTg5ZDI2YzQ4ZTg5ZGI4ZTEzNTBiNWQyOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/kd9nqJmpu4wzQeU6A87KSUldYO
56/vCPJxZfeUGdDHKa0TPcytj3snOwWvfYlh/v3Z3Il2ClWa1VHamU7Aw36bt+r+
+MPKxOeBn6Gm9Bd164Bysj6bt5+xyFftd43LoC2LW6BVGF4zYg1nXSpTQBz/7HOJ
rQ7QMQghjNHe46Apqr87HJ0gJvRIh/56MPW3dprlRGX1pew09fXS8bgLiYF+ELdD
jzJIv+fspVi+/f7bINYuugCd03UzlxuOzyitTlDPrW6S+YWV1O9VEHprbVMVdvUt
jF5Cw++EpwtGJw7h9EjNUg9a2Q2NNPqv49pb0Ce7K8AQ3ZMMSCTB0pjHmwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBxeaXIpsNWJ0mxI6J244TULXSnmMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvSEY1cGNpbXcxWW5TYkVqb25iamhOUXRkS2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABbl1MD
BABbl1QDBADVjo8wDQYJKoZIhvcNAQELBQADggEBAE3j2SeWoIsYDUt6NnjoP+6j
1VWDQp5hGT6R3YuVvkOPySs5rRjgv+fJbkIXz7NjBnRXVOA1rbf17lR4xzOMTBGU
41t9s2t4fMKkH2AvJDTXiJq3BN1zMxUahhnsXSwlvV9P6Agi7Q7OjXbA066I2+gO
lwXKXW4G6Plv45pTZ/ezV+P6yKPK85cGMLchDXxfvGfXm24qb29AjAm7/IuzErzi
p2avCKpFAN58n+ipsyUMth2mA2MJ3EZ2onBro/knzQCw8IVdcw2JIvNERjf14PDn
inLNUaYaIw1rQzGBdxEXDOokeeoUZWwrmsDR8FEhpx9dfL73vw9B0egOcI5kGcg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org