Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/HdU5kyBSqtaVidqmLckozSrq7Qs.roa
File: HdU5kyBSqtaVidqmLckozSrq7Qs.roa (raw, json)
Hash identifier: A2YM8RoloaN5Ll1qbHuDMwvgfNqBrhdut3Yx/jxMEXQ=
Subject key identifier: 1D:D5:39:93:20:52:AA:D6:95:89:DA:A6:2D:C9:28:CD:2A:EA:ED:0B
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0188D8A3F9187A4752877CC5AA5666687E75
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/HdU5kyBSqtaVidqmLckozSrq7Qs.roa
Signing time: Tue 20 Jun 2023 11:50:04 +0000
ROA not before: Tue 20 Jun 2023 11:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 94.237.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:a3:f9:18:7a:47:52:87:7c:c5:aa:56:66:68:7e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 20 11:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dd539932052aad69589daa62dc928cd2aeaed0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b4:47:55:2a:36:74:ea:58:dc:62:f0:9e:24:
a5:39:9b:9a:54:2e:b2:06:64:85:eb:1c:c6:3f:cd:
36:e0:aa:ef:42:6f:5f:af:c7:30:24:84:48:34:cc:
39:5a:e3:77:8b:b3:00:fb:1d:52:6b:f8:a2:c7:a2:
f2:60:25:89:d6:e0:99:d1:91:b4:f5:2f:24:e2:2d:
b6:67:ad:19:4c:8b:3e:8b:e6:b7:83:e1:53:22:ab:
ea:0c:ec:c2:96:d4:1c:db:ec:85:07:1e:a4:cd:a7:
f3:a9:4e:16:96:ca:b9:ae:2b:88:06:8b:a1:bf:ba:
30:99:a7:00:f8:ee:70:36:95:66:80:81:6f:34:84:
10:89:bc:95:85:84:b7:b5:60:20:c6:f6:90:78:6b:
2b:47:17:53:a9:ea:ec:a6:d7:e9:e5:45:f6:21:0c:
3a:21:84:03:3b:10:e7:d7:12:81:89:bb:67:d9:5e:
f0:48:25:40:8d:f2:05:f0:55:1b:a5:c4:9c:85:f4:
af:17:8c:d9:f0:f2:15:56:da:0b:14:fb:63:39:a7:
c4:34:c4:4e:23:69:80:f7:c9:19:4b:6f:5a:bf:e4:
c0:27:87:ca:b9:d3:fd:e9:16:72:bc:8b:54:fa:27:
4a:b3:01:e8:a9:d0:63:47:54:07:88:77:ae:2f:5a:
e5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D5:39:93:20:52:AA:D6:95:89:DA:A6:2D:C9:28:CD:2A:EA:ED:0B
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/HdU5kyBSqtaVidqmLckozSrq7Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.237.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:8b:a3:fb:ca:85:13:60:8b:bd:28:68:ab:69:8a:bf:b2:fd:
92:cb:e0:04:08:a8:23:1b:21:ae:56:9d:8a:ea:b3:3f:a4:53:
20:41:df:8f:d9:d6:7f:fb:f6:f4:2a:37:da:b2:37:e1:0e:13:
e5:50:5a:b0:6a:d2:58:09:5b:40:fc:af:06:b6:3a:54:55:88:
73:c2:1b:8c:21:eb:66:11:62:cb:6a:fe:2b:6b:fe:63:cd:b9:
8b:89:0c:fc:49:ac:d4:8d:12:4c:ae:a4:85:09:7f:b3:b6:8e:
72:84:44:5d:e3:c8:a2:90:68:30:eb:d1:7b:36:3f:b1:8e:21:
5e:5d:ae:ae:14:b7:5e:7d:ff:54:db:db:17:5e:4f:e4:9f:0a:
bd:da:e9:8c:28:30:1d:92:75:57:09:a6:bd:44:b0:9e:04:2b:
dd:b0:a9:d3:10:3a:1a:b3:69:61:45:1b:11:67:db:00:bf:7b:
36:d0:20:a5:88:28:6c:46:f7:66:2a:0d:ba:e0:08:c3:5a:d8:
1e:53:ed:4b:81:39:8d:d3:58:57:11:d3:19:13:08:94:a4:d0:
fd:b8:d0:29:5a:29:b4:07:3d:77:47:81:c9:1d:74:d7:27:bb:
b8:1b:07:ee:27:7b:5f:ff:b8:06:63:da:e3:92:48:0b:21:34:
9a:73:27:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjYo/kYekdSh3zFqlZmaH51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjIwMTE1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ1Mzk5MzIwNTJhYWQ2OTU4OWRhYTYyZGM5MjhjZDJhZWFlZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobRHVSo2dOpY3GLwniSlOZuaVC6y
BmSF6xzGP8024KrvQm9fr8cwJIRINMw5WuN3i7MA+x1Sa/iix6LyYCWJ1uCZ0ZG0
9S8k4i22Z60ZTIs+i+a3g+FTIqvqDOzCltQc2+yFBx6kzafzqU4Wlsq5riuIBouh
v7owmacA+O5wNpVmgIFvNIQQibyVhYS3tWAgxvaQeGsrRxdTqersptfp5UX2IQw6
IYQDOxDn1xKBibtn2V7wSCVAjfIF8FUbpcSchfSvF4zZ8PIVVtoLFPtjOafENMRO
I2mA98kZS29av+TAJ4fKudP96RZyvItU+idKswHoqdBjR1QHiHeuL1rl5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3VOZMgUqrWlYnapi3JKM0q6u0LMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvSGRVNWt5QlNxdGFWaWRxbUxja296U3JxN1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXu1/MA0G
CSqGSIb3DQEBCwUAA4IBAQAai6P7yoUTYIu9KGiraYq/sv2Sy+AECKgjGyGuVp2K
6rM/pFMgQd+P2dZ/+/b0KjfasjfhDhPlUFqwatJYCVtA/K8GtjpUVYhzwhuMIetm
EWLLav4ra/5jzbmLiQz8SazUjRJMrqSFCX+zto5yhERd48iikGgw69F7Nj+xjiFe
Xa6uFLdeff9U29sXXk/knwq92umMKDAdknVXCaa9RLCeBCvdsKnTEDoas2lhRRsR
Z9sAv3s20CCliChsRvdmKg264AjDWtgeU+1LgTmN01hXEdMZEwiUpND9uNApWim0
Bz13R4HJHXTXJ7u4GwfuJ3tf/7gGY9rjkkgLITSacycV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:50 2024 by rpki-client on console-fra.rpki-client.org