Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HFS_rrCTv5Te0CkEXnAq9u-MI7c.roa
File: HFS_rrCTv5Te0CkEXnAq9u-MI7c.roa (raw, json)
Hash identifier: RHaw+tvDm7i1LFbXYd91XwpobliAsgq1ce9DKfEFQ3s=
Subject key identifier: 1C:54:BF:AE:B0:93:BF:94:DE:D0:29:04:5E:70:2A:F6:EF:8C:23:B7
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8B9DFF2708C3562A84ADDA9A0905E10
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HFS_rrCTv5Te0CkEXnAq9u-MI7c.roa
Signing time: Thu 16 Nov 2023 15:22:22 +0000
ROA not before: Thu 16 Nov 2023 15:22:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201917
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
195.232.128.0/17 maxlen: 24
46.190.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:b9:df:f2:70:8c:35:62:a8:4a:dd:a9:a0:90:5e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 15:22:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c54bfaeb093bf94ded029045e702af6ef8c23b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:e3:24:41:11:f8:06:d3:27:f9:2f:4c:07:
e7:8e:f4:2a:40:6c:b1:d9:9d:03:f8:0a:59:89:c1:
dc:e8:9c:00:e6:0a:ca:30:27:4a:c9:c9:04:52:d1:
c7:6b:01:9a:40:0f:e8:b7:23:1e:55:00:ac:ed:4c:
9c:86:cf:7d:73:42:55:b0:6b:83:b7:73:86:30:fb:
fe:96:bb:2d:99:e0:b6:b3:db:8f:7a:f0:b4:4c:92:
bc:dd:b1:50:ac:c7:f8:17:34:f9:a0:f0:0c:52:08:
6e:21:94:e7:79:51:1f:83:20:7f:81:1e:0c:39:4f:
f5:6c:09:fa:be:c9:96:06:be:8b:49:0a:d8:5b:4b:
93:e2:c4:b5:75:7d:84:33:37:40:a5:56:7d:d7:16:
62:45:ee:90:a7:ba:4b:79:5c:c4:c8:e7:05:0a:55:
6c:38:c4:ed:9b:a7:6c:ca:ee:ec:80:05:32:e3:de:
da:bc:bb:f2:d2:fd:7c:15:5c:b4:56:7b:8b:ce:ad:
6b:f3:b1:5c:30:93:1e:a2:a5:90:b1:7a:a9:7c:76:
15:83:d6:b1:9a:3e:e3:cc:49:d6:4d:dc:df:dd:09:
41:8c:dd:8b:ee:72:99:1b:ff:39:e6:74:70:f9:6b:
b8:ba:79:09:d0:47:ff:99:63:d2:bf:9f:8c:ef:b3:
f3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:54:BF:AE:B0:93:BF:94:DE:D0:29:04:5E:70:2A:F6:EF:8C:23:B7
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/HFS_rrCTv5Te0CkEXnAq9u-MI7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
7b:83:ed:0b:7e:cb:a5:bb:b6:1a:96:ae:a5:58:1b:57:24:b2:
ef:df:21:b8:13:ca:66:28:af:5f:51:5e:cc:7a:e7:0f:e6:c9:
14:1f:c6:40:8c:29:af:c3:97:32:14:02:f9:f3:68:14:88:fd:
83:2c:24:9c:59:9b:cb:02:84:e6:86:ec:5e:a7:43:75:53:6d:
f8:65:14:bf:95:78:c3:cd:ab:f6:b7:ce:92:73:56:d5:90:60:
0a:23:ec:3d:5b:f6:80:a4:10:98:c2:7f:90:83:82:91:3f:96:
ed:e9:ff:6d:1b:9a:b1:5d:07:dc:9e:b1:48:3a:27:1d:0b:ff:
a6:68:02:65:b5:3c:31:50:6e:8d:4c:44:ef:04:9a:1b:36:d1:
21:0c:20:bc:49:b4:75:f9:40:e1:17:75:c9:e0:66:a8:4a:c1:
5f:6e:8a:c2:4e:47:0b:7c:b9:f6:aa:47:7d:11:b7:db:cd:0e:
01:6d:3c:9b:b1:35:28:8d:a9:25:6b:30:e8:14:85:18:a5:74:
34:02:f9:13:a4:83:25:8f:ff:48:1e:ba:65:87:33:d5:82:53:
27:57:8a:1d:57:56:d6:74:3f:3c:b4:40:f7:32:22:eb:26:05:
e0:ce:a2:26:27:6b:57:08:42:2e:68:c0:d9:19:9a:21:ab:bf:
45:61:4f:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvYud/ycIw1YqhK3amgkF4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTUyMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzU0YmZhZWIwOTNiZjk0ZGVkMDI5MDQ1ZTcwMmFmNmVmOGMyM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRfjJEER+AbTJ/kvTAfnjvQqQGyx
2Z0D+ApZicHc6JwA5grKMCdKyckEUtHHawGaQA/otyMeVQCs7Uychs99c0JVsGuD
t3OGMPv+lrstmeC2s9uPevC0TJK83bFQrMf4FzT5oPAMUghuIZTneVEfgyB/gR4M
OU/1bAn6vsmWBr6LSQrYW0uT4sS1dX2EMzdApVZ91xZiRe6Qp7pLeVzEyOcFClVs
OMTtm6dsyu7sgAUy497avLvy0v18FVy0VnuLzq1r87FcMJMeoqWQsXqpfHYVg9ax
mj7jzEnWTdzf3QlBjN2L7nKZG/855nRw+Wu4unkJ0Ef/mWPSv5+M77PzTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBxUv66wk7+U3tApBF5wKvbvjCO3MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvSEZTX3JyQ1R2NVRlMENrRVhuQXE5dS1NSTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHJRmAAwMA
LmwDBAcuvoAwCwMEB8PogAMDAcPoMA0GCSqGSIb3DQEBCwUAA4IBAQB7g+0Lfsul
u7Yalq6lWBtXJLLv3yG4E8pmKK9fUV7MeucP5skUH8ZAjCmvw5cyFAL582gUiP2D
LCScWZvLAoTmhuxep0N1U234ZRS/lXjDzav2t86Sc1bVkGAKI+w9W/aApBCYwn+Q
g4KRP5bt6f9tG5qxXQfcnrFIOicdC/+maAJltTwxUG6NTETvBJobNtEhDCC8SbR1
+UDhF3XJ4GaoSsFfborCTkcLfLn2qkd9EbfbzQ4BbTybsTUojaklazDoFIUYpXQ0
AvkTpIMlj/9IHrplhzPVglMnV4odV1bWdD88tED3MiLrJgXgzqImJ2tXCEIuaMDZ
GZohq79FYU93
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org