Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/Hp67z_rJ57UlvNQpk1BcaSPnrSo.roa
File: Hp67z_rJ57UlvNQpk1BcaSPnrSo.roa (raw, json)
Hash identifier: UbqJSCbQwpxTCC9MQEkAvToFWacjHDmSImD9SOKWzRg=
Subject key identifier: 1E:9E:BB:CF:FA:C9:E7:B5:25:BC:D4:29:93:50:5C:69:23:E7:AD:2A
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 018CC727444B63D02F7326ABFF182D896C90
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/Hp67z_rJ57UlvNQpk1BcaSPnrSo.roa
Signing time: Mon 01 Jan 2024 22:31:28 +0000
ROA not before: Mon 01 Jan 2024 22:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29062
IP address blocks: 31.223.224.0/21 maxlen: 32
195.177.72.0/22 maxlen: 32
185.16.228.0/22 maxlen: 32
2a00:6180::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 16 Jan 2024 09:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:44:4b:63:d0:2f:73:26:ab:ff:18:2d:89:6c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e9ebbcffac9e7b525bcd42993505c6923e7ad2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:ad:09:c1:59:dc:c5:ef:1d:07:10:ee:a7:
b0:c1:87:4e:72:3e:24:bd:5a:64:d8:dd:d7:3a:39:
52:24:bf:35:03:f7:35:2b:b2:8e:a0:6a:77:50:2d:
1c:79:5a:8a:c5:84:6f:63:71:3c:7b:8a:6f:2f:f0:
4a:52:89:e3:94:fb:7e:95:57:7b:33:b9:d9:14:0a:
2f:be:bc:00:54:9c:75:b4:87:87:2b:9e:08:1c:1f:
96:32:e2:63:f1:20:71:f5:e1:97:5d:4f:92:83:8a:
99:1b:1f:0f:4a:83:22:e2:df:8e:6e:41:dd:32:02:
3b:5c:81:64:1f:e8:68:82:19:9b:71:76:2f:79:cd:
3b:1d:dc:f3:2f:00:b0:cd:6a:30:5a:20:5c:40:35:
8e:a8:ab:4e:1e:fe:5d:9c:b9:33:60:61:e1:d0:88:
31:98:30:46:df:9b:8a:6c:74:5e:a5:2e:61:10:d2:
1f:54:75:c1:55:a3:3a:b7:ab:02:81:75:ea:29:d2:
1c:5b:ab:39:ba:6f:28:aa:39:3c:74:39:8b:60:46:
f0:e0:b9:91:19:67:ee:e1:07:a7:1a:6d:f6:f1:80:
9e:39:3d:c9:5a:ac:8f:ba:ca:20:c1:41:fd:59:f5:
fd:f3:ed:fe:12:c7:9a:c0:06:03:d7:58:3c:c8:6f:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9E:BB:CF:FA:C9:E7:B5:25:BC:D4:29:93:50:5C:69:23:E7:AD:2A
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/Hp67z_rJ57UlvNQpk1BcaSPnrSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.224.0/21
185.16.228.0/22
195.177.72.0/22
IPv6:
2a00:6180::/29
Signature Algorithm: sha256WithRSAEncryption
24:60:f9:78:a0:42:ec:e3:b8:6a:de:73:75:6f:57:87:58:3e:
05:eb:14:4a:fd:9a:46:c7:d2:1f:a7:15:ed:6a:5b:c5:41:eb:
1f:b3:0e:44:f6:00:e9:f2:d5:ba:08:e6:77:75:b8:f6:11:80:
f7:93:c5:10:57:c7:42:a6:c0:d5:02:f5:b8:fe:92:35:76:b5:
e0:e2:da:ce:be:a8:de:61:9e:60:24:8f:a3:1f:27:23:73:7e:
f0:51:23:26:01:37:08:85:ee:0d:e8:b3:89:37:a8:1d:8a:ef:
53:7a:86:01:e2:37:24:ce:a2:11:60:5d:00:f2:06:88:e5:82:
1b:01:2f:3c:05:f2:f4:48:f3:8f:40:5b:3d:2a:64:a9:52:8b:
ef:45:ff:c1:67:fe:6e:36:b0:8f:72:24:61:9e:ce:37:b9:ee:
59:69:db:7d:d9:90:5a:c1:7b:f0:bc:ee:4f:27:a6:f4:97:da:
38:4f:fe:77:fc:8c:c3:03:40:e3:58:15:04:81:b8:cd:59:54:
b8:88:e4:50:f0:13:59:fe:d5:24:15:3d:d2:96:16:31:49:f6:
b2:a4:2b:51:29:95:09:7d:50:64:3d:72:99:1d:f1:54:be:9b:
9a:4b:ee:65:01:b9:e6:f1:e4:e0:6e:43:a1:52:3f:46:82:c3:
40:b3:2c:38
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJ0RLY9Avcyar/xgtiWyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTllYmJjZmZhYzllN2I1MjViY2Q0Mjk5MzUwNWM2OTIzZTdhZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAStCcFZ3MXvHQcQ7qewwYdOcj4k
vVpk2N3XOjlSJL81A/c1K7KOoGp3UC0ceVqKxYRvY3E8e4pvL/BKUonjlPt+lVd7
M7nZFAovvrwAVJx1tIeHK54IHB+WMuJj8SBx9eGXXU+Sg4qZGx8PSoMi4t+ObkHd
MgI7XIFkH+hoghmbcXYvec07HdzzLwCwzWowWiBcQDWOqKtOHv5dnLkzYGHh0Igx
mDBG35uKbHRepS5hENIfVHXBVaM6t6sCgXXqKdIcW6s5um8oqjk8dDmLYEbw4LmR
GWfu4QenGm328YCeOT3JWqyPusogwUH9WfX98+3+EseawAYD11g8yG8B3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB6eu8/6yee1JbzUKZNQXGkj560qMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvSHA2N3pfcko1N1Vsdk5RcGsxQmNhU1BuclNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH9/gAwQC
uRDkAwQCw7FIMA0EAgACMAcDBQMqAGGAMA0GCSqGSIb3DQEBCwUAA4IBAQAkYPl4
oELs47hq3nN1b1eHWD4F6xRK/ZpGx9IfpxXtalvFQesfsw5E9gDp8tW6COZ3dbj2
EYD3k8UQV8dCpsDVAvW4/pI1drXg4trOvqjeYZ5gJI+jHycjc37wUSMmATcIhe4N
6LOJN6gdiu9TeoYB4jckzqIRYF0A8gaI5YIbAS88BfL0SPOPQFs9KmSpUovvRf/B
Z/5uNrCPciRhns43ue5Zadt92ZBawXvwvO5PJ6b0l9o4T/53/IzDA0DjWBUEgbjN
WVS4iORQ8BNZ/tUkFT3SlhYxSfaypCtRKZUJfVBkPXKZHfFUvpuaS+5lAbnm8eTg
bkOhUj9GgsNAsyw4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:54 2024 by rpki-client on console-ams.rpki-client.org