Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/hx_fuQU6KybwxIjJQ8k47tIoHLs.roa
File: hx_fuQU6KybwxIjJQ8k47tIoHLs.roa (raw, json)
Hash identifier: dvSWhICEbfbC4bPuNNvc2joVzO+mb9jLU3/xFT7fWlg=
Subject key identifier: 87:1F:DF:B9:05:3A:2B:26:F0:C4:88:C9:43:C9:38:EE:D2:28:1C:BB
Certificate issuer: /CN=ef1e225614c65ce2cf5275eb464334395c06f430
Certificate serial: 01856F42DEFA9964BB57C116197044AE0C0A
Authority key identifier: EF:1E:22:56:14:C6:5C:E2:CF:52:75:EB:46:43:34:39:5C:06:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7x4iVhTGXOLPUnXrRkM0OVwG9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/hx_fuQU6KybwxIjJQ8k47tIoHLs.roa
Signing time: Sun 01 Jan 2023 21:35:31 +0000
ROA not before: Sun 01 Jan 2023 21:35:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198704
IP address blocks: 91.238.145.0/25 maxlen: 25
91.238.145.128/25 maxlen: 25
91.238.145.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:de:fa:99:64:bb:57:c1:16:19:70:44:ae:0c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1e225614c65ce2cf5275eb464334395c06f430
Validity
Not Before: Jan 1 21:35:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=871fdfb9053a2b26f0c488c943c938eed2281cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:81:fc:c3:08:e9:47:67:d0:fb:88:df:d2:9d:
a8:2e:4a:33:4d:f6:b8:b4:03:26:f4:fe:11:c7:9b:
2f:52:cc:68:7d:4e:b1:c3:27:17:58:cc:22:a6:ac:
d2:7b:89:d4:88:e2:8f:da:40:7b:0e:19:d8:d4:f4:
5a:c7:12:4a:71:b0:e6:d9:82:08:7c:ae:ad:b4:56:
8a:f1:3a:26:fa:bc:8d:0c:30:a1:a5:82:5e:16:ca:
11:c6:b6:7b:3a:ce:1d:b5:b6:aa:73:03:a1:5c:8b:
57:b3:f9:d5:ad:f0:bc:c5:cd:b3:4a:9f:3e:cd:8f:
a0:3c:8c:33:71:cd:86:cc:1e:e3:bb:13:a7:6c:2e:
84:f4:c7:41:fb:3e:9e:35:69:e2:f9:d3:d3:2d:11:
c9:11:f7:2f:92:8a:7a:56:ba:cf:fa:cf:40:2b:c9:
95:12:11:69:32:40:0d:69:37:37:44:f2:a8:8f:a6:
60:d3:42:dd:72:05:82:f8:d4:ac:94:42:24:a5:5a:
bf:68:61:a4:c8:58:20:95:ca:f0:c6:13:fa:80:ac:
c1:c3:38:2e:18:0b:ff:cc:9d:0b:a0:67:cf:c0:2b:
bb:47:f7:b9:fc:43:31:00:10:8a:ac:b0:76:ec:c8:
95:47:a8:51:77:6f:f1:01:3b:0d:47:c4:a7:9f:6e:
0d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1F:DF:B9:05:3A:2B:26:F0:C4:88:C9:43:C9:38:EE:D2:28:1C:BB
X509v3 Authority Key Identifier:
keyid:EF:1E:22:56:14:C6:5C:E2:CF:52:75:EB:46:43:34:39:5C:06:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7x4iVhTGXOLPUnXrRkM0OVwG9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/hx_fuQU6KybwxIjJQ8k47tIoHLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d455ba-7ec6-4f3e-acd6-11f95268ea74/1/7x4iVhTGXOLPUnXrRkM0OVwG9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:7b:9a:70:bf:63:cb:8a:79:83:a0:04:d6:2a:d3:73:79:d3:
00:e0:d8:e7:cd:ef:63:75:c9:38:be:8a:50:d5:76:57:0d:3b:
ba:45:7a:94:47:f5:fd:2c:14:db:36:d6:e9:8a:28:08:57:0d:
c1:a8:45:31:b6:cd:a8:c6:21:3f:60:5b:55:09:60:a6:67:66:
fc:94:81:6d:a2:56:f1:7b:38:f4:99:ef:bd:9c:63:64:40:17:
e0:62:e1:25:38:6d:3f:34:fe:40:f2:2b:40:90:28:98:9d:b2:
fc:3a:17:73:3f:d3:d1:e9:23:ce:81:32:44:e6:76:b2:70:c2:
46:dc:d1:92:1f:cf:a4:f6:ce:d5:fc:e9:b0:71:e0:37:60:d2:
4d:2c:a6:b2:f8:50:87:f2:e0:3f:94:f5:e6:d7:ae:19:51:56:
51:e3:ba:b0:75:57:71:13:c8:5a:1b:63:d7:34:f9:fc:6e:32:
e3:09:61:1b:14:06:8f:c4:38:51:f1:ff:df:05:55:8d:d0:a4:
60:b7:10:3b:54:c2:54:fa:4c:12:88:c9:98:e7:7c:0b:bd:8d:
32:98:eb:7b:66:31:8e:5a:87:49:dd:1b:ac:ab:34:a8:b5:d7:
38:81:2f:82:98:a4:f5:02:a1:ed:46:c2:31:23:30:ed:4a:ce:
10:15:92:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQt76mWS7V8EWGXBErgwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWUyMjU2MTRjNjVjZTJjZjUyNzVlYjQ2NDMzNDM5NWMw
NmY0MzAwHhcNMjMwMTAxMjEzNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFmZGZiOTA1M2EyYjI2ZjBjNDg4Yzk0M2M5MzhlZWQyMjgxY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4H8wwjpR2fQ+4jf0p2oLkozTfa4
tAMm9P4Rx5svUsxofU6xwycXWMwipqzSe4nUiOKP2kB7DhnY1PRaxxJKcbDm2YII
fK6ttFaK8Tom+ryNDDChpYJeFsoRxrZ7Os4dtbaqcwOhXItXs/nVrfC8xc2zSp8+
zY+gPIwzcc2GzB7juxOnbC6E9MdB+z6eNWni+dPTLRHJEfcvkop6VrrP+s9AK8mV
EhFpMkANaTc3RPKoj6Zg00LdcgWC+NSslEIkpVq/aGGkyFgglcrwxhP6gKzBwzgu
GAv/zJ0LoGfPwCu7R/e5/EMxABCKrLB27MiVR6hRd2/xATsNR8Snn24N0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcf37kFOism8MSIyUPJOO7SKBy7MB8GA1UdIwQY
MBaAFO8eIlYUxlziz1J160ZDNDlcBvQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3g0aVZoVEdYT0xQVW5YclJrTTBPVndHOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kNDU1YmEtN2VjNi00ZjNlLWFjZDYt
MTFmOTUyNjhlYTc0LzEvaHhfZnVRVTZLeWJ3eElqSlE4azQ3dElvSExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kNDU1YmEtN2VjNi00ZjNlLWFjZDYtMTFmOTUyNjhlYTc0
LzEvN3g0aVZoVEdYT0xQVW5YclJrTTBPVndHOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+6RMA0G
CSqGSIb3DQEBCwUAA4IBAQC0e5pwv2PLinmDoATWKtNzedMA4Njnze9jdck4vopQ
1XZXDTu6RXqUR/X9LBTbNtbpiigIVw3BqEUxts2oxiE/YFtVCWCmZ2b8lIFtolbx
ezj0me+9nGNkQBfgYuElOG0/NP5A8itAkCiYnbL8OhdzP9PR6SPOgTJE5naycMJG
3NGSH8+k9s7V/OmwceA3YNJNLKay+FCH8uA/lPXm164ZUVZR47qwdVdxE8haG2PX
NPn8bjLjCWEbFAaPxDhR8f/fBVWN0KRgtxA7VMJU+kwSiMmY53wLvY0ymOt7ZjGO
WodJ3RusqzSotdc4gS+CmKT1AqHtRsIxIzDtSs4QFZKH
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:37 2024 by rpki-client on console-fra.rpki-client.org