Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfdacVIM4Tf5P2TT7r3koBkowgg.roa
File: hfdacVIM4Tf5P2TT7r3koBkowgg.roa (raw, json)
Hash identifier: VcP3hdvJfSVfAgYEmN6jXiQ13FpqqMvUuxQ04JwuGPo=
Subject key identifier: 85:F7:5A:71:52:0C:E1:37:F9:3F:64:D3:EE:BD:E4:A0:19:28:C2:08
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C2B4878199E633AFF6D8EB27880B2
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfdacVIM4Tf5P2TT7r3koBkowgg.roa
Signing time: Mon 02 Jan 2023 05:55:00 +0000
ROA not before: Mon 02 Jan 2023 05:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201231
IP address blocks: 91.103.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2b:48:78:19:9e:63:3a:ff:6d:8e:b2:78:80:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85f75a71520ce137f93f64d3eebde4a01928c208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:09:73:08:6e:ac:7a:e2:ed:21:cf:08:40:
94:9d:1b:72:64:ad:e0:09:12:6f:ec:22:54:c0:2b:
89:d2:19:7e:4e:1c:4e:24:f5:6a:0c:86:82:75:cf:
ec:c8:b0:14:64:25:ed:6d:a8:15:73:f8:88:13:65:
22:b2:89:55:e9:7b:05:52:a0:5e:2d:ee:75:4b:63:
62:90:02:ae:38:ae:c1:f2:bb:73:6c:36:89:c0:04:
5d:8b:44:dc:b1:02:26:e9:bb:60:d7:fc:af:f1:42:
6a:95:0e:ba:88:89:66:c3:51:47:02:68:dd:37:b2:
bc:64:51:ed:43:f6:57:bb:6d:ce:47:80:b8:6c:00:
bf:ad:3c:63:f8:d5:28:8b:f4:21:fb:a5:33:bf:06:
83:4f:fe:bb:34:45:73:46:5e:9a:32:d1:91:ea:2e:
34:51:38:cb:81:f7:cd:6b:6e:ee:ff:ea:aa:41:76:
4f:c2:05:fa:d1:95:4d:e3:25:f0:5f:21:dc:06:ee:
d8:be:d5:f5:83:5b:8a:64:b3:a9:53:55:57:ae:b2:
4e:7f:fe:84:68:9b:05:18:66:f0:ab:51:68:32:8f:
98:c2:28:63:8d:a5:3c:22:ae:30:54:54:11:a9:67:
fa:a2:f0:49:02:ca:7d:ca:bf:68:b4:e5:b5:c4:9e:
dc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F7:5A:71:52:0C:E1:37:F9:3F:64:D3:EE:BD:E4:A0:19:28:C2:08
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfdacVIM4Tf5P2TT7r3koBkowgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.254.0/24
Signature Algorithm: sha256WithRSAEncryption
00:74:5d:3a:c9:66:a8:48:1e:92:b7:df:23:22:5d:86:66:16:
15:e2:12:b4:7c:c2:0c:43:5b:2b:9f:4b:a4:2d:7e:0e:5b:db:
a3:ca:56:21:49:d8:ea:99:ac:9c:15:82:15:14:18:d7:b7:a2:
49:0c:9c:e5:64:4f:e6:91:c7:11:21:3b:95:31:63:be:23:46:
1d:18:ea:29:11:60:f8:db:6e:ff:3c:40:4d:55:7e:fd:e8:ea:
c7:20:6d:48:cd:26:34:26:83:1c:c4:55:f6:3d:e1:db:a6:fa:
ca:2d:37:8c:6b:4f:d3:ca:1b:a7:82:a4:7a:67:b5:c1:89:ac:
6b:a6:0d:c0:0d:e5:f9:4e:7f:50:00:8d:f4:31:2e:02:ee:d7:
31:ce:34:d2:53:09:61:54:3c:ff:db:40:a9:65:a2:41:4c:da:
f3:a4:48:a8:0e:0a:06:30:53:ad:db:12:9c:43:90:c7:0b:80:
5c:ec:c1:e3:82:0f:91:92:f3:f4:6e:96:84:6d:1e:5c:72:cf:
49:0f:76:30:14:36:15:49:54:a6:f5:83:3d:c4:76:51:b3:af:
b5:6d:f2:0c:33:32:8d:c5:31:63:33:bc:6e:8a:6e:6c:c8:1b:
25:12:95:f5:c6:f8:2c:fb:d0:5f:f0:93:7f:3a:ce:83:bb:65:
2f:ec:6c:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCtIeBmeYzr/bY6yeICyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY3NWE3MTUyMGNlMTM3ZjkzZjY0ZDNlZWJkZTRhMDE5MjhjMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQsJcwhurHri7SHPCECUnRtyZK3g
CRJv7CJUwCuJ0hl+ThxOJPVqDIaCdc/syLAUZCXtbagVc/iIE2UisolV6XsFUqBe
Le51S2NikAKuOK7B8rtzbDaJwARdi0TcsQIm6btg1/yv8UJqlQ66iIlmw1FHAmjd
N7K8ZFHtQ/ZXu23OR4C4bAC/rTxj+NUoi/Qh+6UzvwaDT/67NEVzRl6aMtGR6i40
UTjLgffNa27u/+qqQXZPwgX60ZVN4yXwXyHcBu7YvtX1g1uKZLOpU1VXrrJOf/6E
aJsFGGbwq1FoMo+YwihjjaU8Iq4wVFQRqWf6ovBJAsp9yr9otOW1xJ7cMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX3WnFSDOE3+T9k0+695KAZKMIIMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaGZkYWNWSU00VGY1UDJUVDdyM2tvQmtvd2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2f+MA0G
CSqGSIb3DQEBCwUAA4IBAQAAdF06yWaoSB6St98jIl2GZhYV4hK0fMIMQ1srn0uk
LX4OW9ujylYhSdjqmaycFYIVFBjXt6JJDJzlZE/mkccRITuVMWO+I0YdGOopEWD4
227/PEBNVX796OrHIG1IzSY0JoMcxFX2PeHbpvrKLTeMa0/TyhungqR6Z7XBiaxr
pg3ADeX5Tn9QAI30MS4C7tcxzjTSUwlhVDz/20CpZaJBTNrzpEioDgoGMFOt2xKc
Q5DHC4Bc7MHjgg+RkvP0bpaEbR5ccs9JD3YwFDYVSVSm9YM9xHZRs6+1bfIMMzKN
xTFjM7xuim5syBslEpX1xvgs+9Bf8JN/Os6Du2Uv7Gx8
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:23 2024 by rpki-client on console-ams.rpki-client.org