Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/Hr3UxkJuApGUtx4zHAZiWWEie2w.roa
File: Hr3UxkJuApGUtx4zHAZiWWEie2w.roa (raw, json)
Hash identifier: WNIeqgBZ7gxVDtSkKU916dq/QjlqS1KqXYH9j3AX/uE=
Subject key identifier: 1E:BD:D4:C6:42:6E:02:91:94:B7:1E:33:1C:06:62:59:61:22:7B:6C
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B68B94C1F4A67F4AAFDEC8D3E8E1B79B2
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/Hr3UxkJuApGUtx4zHAZiWWEie2w.roa
Signing time: Wed 25 Oct 2023 21:24:15 +0000
ROA not before: Wed 25 Oct 2023 21:24:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 213.171.3.0/24 maxlen: 24
213.171.4.0/24 maxlen: 24
213.171.8.0/24 maxlen: 24
213.171.9.0/24 maxlen: 24
213.171.10.0/24 maxlen: 24
213.171.5.0/24 maxlen: 24
213.171.6.0/24 maxlen: 24
213.171.7.0/24 maxlen: 24
213.171.15.0/24 maxlen: 24
213.171.12.0/24 maxlen: 24
213.171.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:68:b9:4c:1f:4a:67:f4:aa:fd:ec:8d:3e:8e:1b:79:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 25 21:24:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ebdd4c6426e029194b71e331c06625961227b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:b3:ce:b9:63:e4:ae:3a:d0:d1:f6:6b:24:
0e:1f:44:58:81:4d:d2:ff:eb:22:c1:4a:d7:e0:00:
23:bb:db:31:ef:cd:35:44:78:4d:80:5f:17:0a:86:
82:ea:d4:bb:03:e0:6a:4e:18:7d:8f:97:4f:9e:eb:
3e:f4:e5:cc:82:84:05:7f:87:94:f9:f1:ab:a1:e2:
a8:5c:24:44:c9:54:1b:f4:a5:ed:6e:35:03:aa:8e:
c2:d1:bf:fd:f0:ea:97:fb:86:b0:6b:e6:2f:e2:4c:
af:b2:a1:e9:28:e1:a5:a7:ed:b4:eb:d1:08:4f:d7:
c9:28:26:16:0b:49:ef:2c:d8:f9:8d:d5:82:16:14:
3b:00:a8:1f:5a:41:58:45:a8:43:9f:b1:84:2a:f1:
f2:88:47:8c:14:c9:cc:a5:23:14:5f:4b:78:33:64:
06:11:3b:c1:db:e1:5d:38:66:d0:e5:38:bf:a2:3f:
f8:3e:41:5f:8b:32:df:09:b0:7c:6f:25:72:af:8b:
56:98:7f:3c:26:88:5e:e7:20:1a:35:e1:75:44:41:
53:a0:6f:d6:9c:64:b1:61:88:43:48:2d:2e:cf:76:
56:86:c3:7f:bd:4f:b3:b2:ac:9d:39:b0:68:1e:0d:
49:53:69:f9:3d:12:7c:4a:61:b3:8e:35:06:d7:b5:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BD:D4:C6:42:6E:02:91:94:B7:1E:33:1C:06:62:59:61:22:7B:6C
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/Hr3UxkJuApGUtx4zHAZiWWEie2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.3.0-213.171.10.255
213.171.12.0/24
213.171.14.0/23
Signature Algorithm: sha256WithRSAEncryption
71:e1:f0:67:ce:4c:07:6a:d5:6c:2c:3d:a4:70:07:69:cd:60:
51:da:cc:0b:b5:69:a3:7d:f4:b5:41:15:ea:76:74:83:8d:34:
a0:3d:c8:38:9a:38:0d:ac:ce:b3:ee:18:2d:80:33:08:1b:79:
35:9b:2e:36:6e:96:97:fe:fd:42:a3:28:3d:6b:b7:4a:9f:02:
50:93:9d:25:53:d6:22:0e:f1:eb:d0:83:ff:2d:66:b4:6f:d8:
94:a3:99:05:a7:d0:ff:7c:61:ee:5c:a1:38:df:7a:b1:b3:d3:
46:67:03:e3:fc:8b:2b:ce:ba:03:ca:db:68:03:49:7f:ef:59:
71:57:3b:d2:0b:b2:8b:41:b0:29:ed:1b:84:79:2b:4d:33:d0:
84:36:b6:17:6f:58:5a:4b:6b:c2:42:13:c2:af:3c:69:6f:6a:
c5:c9:6e:69:28:64:83:87:fc:ac:98:33:1d:83:07:ff:23:c0:
e1:06:cc:de:05:c5:8a:f9:2e:88:f8:e2:29:5e:e6:01:2e:6c:
d9:d3:49:c2:a8:a0:3b:0b:03:d3:fe:8f:e8:2e:e2:08:6f:10:
3a:d4:15:ac:13:3a:cf:10:b6:0f:fb:87:9f:51:a0:8d:49:ed:
62:97:aa:cf:6b:b3:08:04:21:1c:3d:65:ac:25:b1:15:7a:d7:
36:18:77:b6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYtouUwfSmf0qv3sjT6OG3myMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDI1MjEyNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWJkZDRjNjQyNmUwMjkxOTRiNzFlMzMxYzA2NjI1OTYxMjI3YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2yzzrlj5K460NH2ayQOH0RYgU3S
/+siwUrX4AAju9sx7801RHhNgF8XCoaC6tS7A+BqThh9j5dPnus+9OXMgoQFf4eU
+fGroeKoXCREyVQb9KXtbjUDqo7C0b/98OqX+4awa+Yv4kyvsqHpKOGlp+2069EI
T9fJKCYWC0nvLNj5jdWCFhQ7AKgfWkFYRahDn7GEKvHyiEeMFMnMpSMUX0t4M2QG
ETvB2+FdOGbQ5Ti/oj/4PkFfizLfCbB8byVyr4tWmH88Johe5yAaNeF1REFToG/W
nGSxYYhDSC0uz3ZWhsN/vU+zsqydObBoHg1JU2n5PRJ8SmGzjjUG17WdFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB691MZCbgKRlLceMxwGYllhIntsMB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvSHIzVXhrSnVBcEdVdHg0ekhBWmlXV0VpZTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADVqwMD
BADVqwoDBADVqwwDBAHVqw4wDQYJKoZIhvcNAQELBQADggEBAHHh8GfOTAdq1Wws
PaRwB2nNYFHazAu1aaN99LVBFep2dIONNKA9yDiaOA2szrPuGC2AMwgbeTWbLjZu
lpf+/UKjKD1rt0qfAlCTnSVT1iIO8evQg/8tZrRv2JSjmQWn0P98Ye5coTjferGz
00ZnA+P8iyvOugPK22gDSX/vWXFXO9ILsotBsCntG4R5K00z0IQ2thdvWFpLa8JC
E8KvPGlvasXJbmkoZIOH/KyYMx2DB/8jwOEGzN4FxYr5Loj44ile5gEubNnTScKo
oDsLA9P+j+gu4ghvEDrUFawTOs8Qtg/7h59RoI1J7WKXqs9rswgEIRw9ZawlsRV6
1zYYd7Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:15 2024 by rpki-client on console.sobornost.net