Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/HKSgws_0WmwS41wesp0f3BTv_Q8.roa
File: HKSgws_0WmwS41wesp0f3BTv_Q8.roa (raw, json)
Hash identifier: 1fEXSFbjEwg6tJbDbmBKKLlLmTl1cXhVKuOgGnn0bcw=
Subject key identifier: 1C:A4:A0:C2:CF:F4:5A:6C:12:E3:5C:1E:B2:9D:1F:DC:14:EF:FD:0F
Certificate issuer: /CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Certificate serial: 018C4F7FBCCE74E13E086D87FBEB482102F7
Authority key identifier: 25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/HKSgws_0WmwS41wesp0f3BTv_Q8.roa
Signing time: Sat 09 Dec 2023 16:53:40 +0000
ROA not before: Sat 09 Dec 2023 16:53:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47482
IP address blocks: 45.66.32.0/24 maxlen: 24
45.66.33.0/24 maxlen: 24
2a09:61c0::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4f:7f:bc:ce:74:e1:3e:08:6d:87:fb:eb:48:21:02:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Validity
Not Before: Dec 9 16:53:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca4a0c2cff45a6c12e35c1eb29d1fdc14effd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b7:b9:4d:fe:23:c3:69:27:2f:fb:b5:f9:c8:
14:d3:e7:87:9b:ec:e7:9f:a1:97:ce:ef:32:46:c4:
e4:d4:5b:33:9c:4e:c1:90:f1:63:04:3c:e4:16:2c:
5f:9f:62:3a:b8:df:50:b9:e5:42:50:9e:01:79:1d:
cd:2f:3e:74:bd:8d:ce:c3:65:35:0b:01:13:cf:f9:
ff:37:58:3e:e7:4c:56:3c:97:2f:62:cf:24:b0:ac:
6d:15:42:3d:47:0b:cd:8a:32:2e:bf:9a:a0:8e:ce:
e5:b5:6f:5a:6b:db:81:35:a4:d0:ba:9a:59:ca:34:
86:6e:13:86:96:a5:6e:0c:8c:e3:3b:02:f3:5e:cb:
41:f9:be:7b:55:95:47:03:d8:cd:91:35:07:d4:db:
c3:bd:9f:36:54:8b:f8:ba:10:4f:48:0d:88:19:ac:
c3:81:ba:93:ce:62:d4:c5:76:93:fd:60:52:f0:9b:
b4:0e:a3:33:4a:7d:91:46:71:53:e6:ae:ed:6c:86:
65:1f:65:a8:d8:68:a5:22:be:49:79:b2:1a:72:73:
3b:66:9a:56:8c:e6:49:2a:9e:c3:45:9e:b5:f8:32:
64:5c:a5:58:bf:a1:23:20:b5:5a:d0:49:fb:86:fc:
53:36:2f:af:e1:e2:12:61:56:a2:b4:bb:11:8f:fb:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A4:A0:C2:CF:F4:5A:6C:12:E3:5C:1E:B2:9D:1F:DC:14:EF:FD:0F
X509v3 Authority Key Identifier:
keyid:25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/HKSgws_0WmwS41wesp0f3BTv_Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.32.0/23
IPv6:
2a09:61c0::/30
Signature Algorithm: sha256WithRSAEncryption
75:aa:6d:77:a3:a2:6a:6d:00:9e:ea:2c:8a:dc:32:4d:07:ad:
4a:23:25:04:2b:4f:7f:00:fe:9c:68:7e:c5:dc:93:3c:8f:c0:
2d:dc:0c:45:82:46:bd:62:9f:74:32:d4:aa:82:16:a1:ad:63:
d3:a5:16:be:14:25:a4:05:00:4a:bb:d0:c5:43:a7:f3:fd:d3:
24:8a:a5:2d:1d:aa:80:84:ab:40:1d:8d:ec:5c:b3:c8:fe:ef:
6c:06:32:f9:62:e1:d2:e9:55:6c:b2:b1:ee:c3:7d:42:0d:0e:
ac:fb:bd:dc:6c:ef:fa:4b:88:37:ad:5c:84:1f:48:2d:e2:cd:
42:de:53:8a:6d:4c:e6:0a:e6:84:34:58:25:82:54:c0:54:0d:
88:f2:1d:f6:79:b2:34:50:5f:fe:dc:65:dd:c7:3f:b8:17:b4:
a5:31:3d:96:0d:9e:b8:e9:f0:82:95:6e:37:8d:b1:4e:de:df:
76:bd:ae:66:7c:e9:38:f6:7b:40:ab:54:d4:a1:64:e8:9d:60:
25:99:22:5a:f2:40:6e:ef:6b:16:34:7d:20:16:44:59:8f:a9:
43:dd:99:cd:24:26:9e:64:83:41:8b:ac:52:6e:1a:44:2d:25:
13:de:eb:ed:ce:79:eb:4a:66:4c:90:62:94:00:f4:9b:74:12:
19:25:17:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxPf7zOdOE+CG2H++tIIQL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Y2Y5ZDhkNTUyY2RjN2Q4YzBkYzZmNjQ5YjMwMWYyMzUx
NDA5ZWUwHhcNMjMxMjA5MTY1MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E0YTBjMmNmZjQ1YTZjMTJlMzVjMWViMjlkMWZkYzE0ZWZmZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Le5Tf4jw2knL/u1+cgU0+eHm+zn
n6GXzu8yRsTk1FsznE7BkPFjBDzkFixfn2I6uN9QueVCUJ4BeR3NLz50vY3Ow2U1
CwETz/n/N1g+50xWPJcvYs8ksKxtFUI9RwvNijIuv5qgjs7ltW9aa9uBNaTQuppZ
yjSGbhOGlqVuDIzjOwLzXstB+b57VZVHA9jNkTUH1NvDvZ82VIv4uhBPSA2IGazD
gbqTzmLUxXaT/WBS8Ju0DqMzSn2RRnFT5q7tbIZlH2Wo2GilIr5JebIacnM7ZppW
jOZJKp7DRZ61+DJkXKVYv6EjILVa0En7hvxTNi+v4eISYVaitLsRj/upkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBykoMLP9FpsEuNcHrKdH9wU7/0PMB8GA1UdIwQY
MBaAFCXPnY1VLNx9jA3G9kmzAfI1FAnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQt
YTEwNjkwYTc0NGU0LzEvSEtTZ3dzXzBXbXdTNDF3ZXNwMGYzQlR2X1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQtYTEwNjkwYTc0NGU0
LzEvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLUIgMA0E
AgACMAcDBQIqCWHAMA0GCSqGSIb3DQEBCwUAA4IBAQB1qm13o6JqbQCe6iyK3DJN
B61KIyUEK09/AP6caH7F3JM8j8At3AxFgka9Yp90MtSqghahrWPTpRa+FCWkBQBK
u9DFQ6fz/dMkiqUtHaqAhKtAHY3sXLPI/u9sBjL5YuHS6VVssrHuw31CDQ6s+73c
bO/6S4g3rVyEH0gt4s1C3lOKbUzmCuaENFglglTAVA2I8h32ebI0UF/+3GXdxz+4
F7SlMT2WDZ646fCClW43jbFO3t92va5mfOk49ntAq1TUoWTonWAlmSJa8kBu72sW
NH0gFkRZj6lD3ZnNJCaeZINBi6xSbhpELSUT3uvtznnrSmZMkGKUAPSbdBIZJRcc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:09 2024 by rpki-client on console-fra.rpki-client.org