Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d36783-4d5b-425e-949f-c41d86098df7/1/HKujw6VX65hZTYeOOJQ113T3b14.roa
File: HKujw6VX65hZTYeOOJQ113T3b14.roa (raw, json)
Hash identifier: FWManVigRVeTaXtCJ+MA7qupgZku+a2P01x1LR7NJpY=
Subject key identifier: 1C:AB:A3:C3:A5:57:EB:98:59:4D:87:8E:38:94:35:D7:74:F7:6F:5E
Certificate issuer: /CN=294b5bbbe17467476e2282888221887df549f4b9
Certificate serial: 01856D8AF6ED644089CD120124E1F832CBCF
Authority key identifier: 29:4B:5B:BB:E1:74:67:47:6E:22:82:88:82:21:88:7D:F5:49:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUtbu-F0Z0duIoKIgiGIffVJ9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d36783-4d5b-425e-949f-c41d86098df7/1/HKujw6VX65hZTYeOOJQ113T3b14.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42349
IP address blocks: 91.233.122.0/24 maxlen: 24
185.203.28.0/22 maxlen: 24
2a0a:e040::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f6:ed:64:40:89:cd:12:01:24:e1:f8:32:cb:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294b5bbbe17467476e2282888221887df549f4b9
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1caba3c3a557eb98594d878e389435d774f76f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:47:bf:73:78:25:f4:6e:2a:e4:b4:39:61:
04:22:9b:7e:1c:61:7f:9a:e0:0c:58:30:8d:e1:92:
32:e1:cc:3f:2b:84:7b:3b:64:10:69:bb:87:be:9b:
ce:b0:0b:4e:29:c5:16:e7:d5:4d:6b:51:51:eb:bc:
c2:3c:8c:88:6c:e7:03:69:c7:a7:ed:70:f4:f8:3d:
ba:9c:ee:a8:5b:74:45:52:d4:e1:40:ff:73:27:9c:
1a:3c:a2:36:ad:ae:5c:75:b9:d8:ed:23:3c:aa:69:
54:b0:86:3e:52:ed:fd:c1:0e:24:99:92:ce:5a:e0:
f2:52:63:7b:ce:72:37:d6:97:45:58:36:c8:81:f3:
95:4d:1f:af:93:5c:5a:e3:f1:06:22:5c:8a:3e:26:
f0:09:80:9e:92:39:b1:11:78:06:33:f5:4c:1d:06:
ba:d0:85:b4:95:e6:02:32:13:0e:ec:cb:91:c0:e3:
72:ce:3d:6c:46:8d:14:7d:a4:24:f0:66:5d:d7:8b:
1f:41:77:c9:2a:1a:8f:52:a8:6b:b7:21:c6:59:cf:
56:23:c7:3f:64:99:91:7c:73:02:76:fc:3c:8c:bc:
cf:1f:df:94:3e:cf:d5:26:5a:65:79:26:9c:75:a0:
e5:f2:a4:b5:74:53:d7:de:c2:3c:0d:2e:84:9e:69:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AB:A3:C3:A5:57:EB:98:59:4D:87:8E:38:94:35:D7:74:F7:6F:5E
X509v3 Authority Key Identifier:
keyid:29:4B:5B:BB:E1:74:67:47:6E:22:82:88:82:21:88:7D:F5:49:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUtbu-F0Z0duIoKIgiGIffVJ9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d36783-4d5b-425e-949f-c41d86098df7/1/HKujw6VX65hZTYeOOJQ113T3b14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d36783-4d5b-425e-949f-c41d86098df7/1/KUtbu-F0Z0duIoKIgiGIffVJ9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.122.0/24
185.203.28.0/22
IPv6:
2a0a:e040::/29
Signature Algorithm: sha256WithRSAEncryption
ab:8f:d9:1f:3f:8c:52:1b:58:91:be:ac:9f:02:a4:7e:5c:e8:
0a:dc:e5:8e:49:90:71:0d:0c:f2:6a:4f:41:c3:a0:6b:37:8c:
58:c0:29:de:d6:cc:b8:b1:18:ac:3a:78:e6:8a:43:e8:55:8c:
39:02:ef:ed:53:1f:88:2b:5a:cd:2b:60:80:71:26:3e:97:5e:
19:b7:83:40:86:25:f8:02:84:01:94:07:e4:f4:89:21:88:15:
a5:12:59:2e:22:61:81:4b:9d:b8:db:10:36:32:34:8f:26:61:
d7:96:90:48:70:4f:01:f9:c9:a6:57:b3:cd:7d:76:e0:e5:66:
a4:29:5b:a7:9a:72:d2:65:1f:66:0b:42:b1:27:3c:d4:d4:7c:
5b:17:c3:d3:69:94:e1:68:e9:9c:2f:f7:3d:a8:56:79:f2:35:
2c:ac:d4:38:15:23:52:65:2e:3e:63:3a:8c:fa:40:5d:06:35:
2f:4b:79:ce:eb:15:29:4b:90:ab:17:c3:d5:77:80:13:f9:5d:
f8:99:6e:9a:bb:54:f1:34:9e:ca:42:6b:7c:07:1a:29:8a:92:
0b:0e:8b:6e:35:b9:d9:d2:f0:17:3e:ac:f9:5e:f6:32:99:fa:
f1:23:ff:8d:17:cf:cf:23:96:fd:5d:b9:c6:00:51:75:a6:d2:
84:a6:7e:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtivbtZECJzRIBJOH4MsvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NGI1YmJiZTE3NDY3NDc2ZTIyODI4ODgyMjE4ODdkZjU0
OWY0YjkwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FiYTNjM2E1NTdlYjk4NTk0ZDg3OGUzODk0MzVkNzc0Zjc2ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR9Hv3N4JfRuKuS0OWEEIpt+HGF/
muAMWDCN4ZIy4cw/K4R7O2QQabuHvpvOsAtOKcUW59VNa1FR67zCPIyIbOcDacen
7XD0+D26nO6oW3RFUtThQP9zJ5waPKI2ra5cdbnY7SM8qmlUsIY+Uu39wQ4kmZLO
WuDyUmN7znI31pdFWDbIgfOVTR+vk1xa4/EGIlyKPibwCYCekjmxEXgGM/VMHQa6
0IW0leYCMhMO7MuRwONyzj1sRo0UfaQk8GZd14sfQXfJKhqPUqhrtyHGWc9WI8c/
ZJmRfHMCdvw8jLzPH9+UPs/VJlpleSacdaDl8qS1dFPX3sI8DS6EnmnMpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFByro8OlV+uYWU2HjjiUNdd0929eMB8GA1UdIwQY
MBaAFClLW7vhdGdHbiKCiIIhiH31SfS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1V0YnUtRjBaMGR1SW9LSWdpR0lmZlZKOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMzY3ODMtNGQ1Yi00MjVlLTk0OWYt
YzQxZDg2MDk4ZGY3LzEvSEt1anc2Vlg2NWhaVFllT09KUTExM1QzYjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMzY3ODMtNGQ1Yi00MjVlLTk0OWYtYzQxZDg2MDk4ZGY3
LzEvS1V0YnUtRjBaMGR1SW9LSWdpR0lmZlZKOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+l6AwQC
ucscMA0EAgACMAcDBQMqCuBAMA0GCSqGSIb3DQEBCwUAA4IBAQCrj9kfP4xSG1iR
vqyfAqR+XOgK3OWOSZBxDQzyak9Bw6BrN4xYwCne1sy4sRisOnjmikPoVYw5Au/t
Ux+IK1rNK2CAcSY+l14Zt4NAhiX4AoQBlAfk9IkhiBWlElkuImGBS5242xA2MjSP
JmHXlpBIcE8B+cmmV7PNfXbg5WakKVunmnLSZR9mC0KxJzzU1HxbF8PTaZThaOmc
L/c9qFZ58jUsrNQ4FSNSZS4+YzqM+kBdBjUvS3nO6xUpS5CrF8PVd4AT+V34mW6a
u1TxNJ7KQmt8BxopipILDotuNbnZ0vAXPqz5XvYymfrxI/+NF8/PI5b9XbnGAFF1
ptKEpn7+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org