Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HGSD7mX8CQ5HWpZt7KIZGzn8CC0.roa
File: HGSD7mX8CQ5HWpZt7KIZGzn8CC0.roa (raw, json)
Hash identifier: RpK9pTw6kzy+6EF6MegaKWjN+2Zqn8acac6UAYGbFRY=
Subject key identifier: 1C:64:83:EE:65:FC:09:0E:47:5A:96:6D:EC:A2:19:1B:39:FC:08:2D
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018E23E84C31A3D3F12A2F115C3EA6ED756A
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HGSD7mX8CQ5HWpZt7KIZGzn8CC0.roa
Signing time: Sat 09 Mar 2024 15:50:10 +0000
ROA not before: Sat 09 Mar 2024 15:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 91.194.205.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.242.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
148.253.249.0/24 maxlen: 24
148.253.250.0/24 maxlen: 24
151.249.90.0/24 maxlen: 24
151.249.91.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.90.0/24 maxlen: 24
163.171.91.0/24 maxlen: 24
163.171.246.0/24 maxlen: 24
163.171.247.0/24 maxlen: 24
163.171.251.0/24 maxlen: 24
163.171.253.0/24 maxlen: 24
163.171.254.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Mar 2024 05:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:e8:4c:31:a3:d3:f1:2a:2f:11:5c:3e:a6:ed:75:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 9 15:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c6483ee65fc090e475a966deca2191b39fc082d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7a:c0:09:3a:fd:9e:e6:a7:6e:8c:a9:31:fc:
0e:75:b0:96:d1:5c:1d:f1:09:89:24:1b:d1:11:a9:
d0:d2:b7:50:fa:8c:90:96:a7:f5:4c:04:5e:51:3d:
ad:81:08:3d:f4:46:aa:07:b4:84:2d:1d:21:23:12:
3d:93:ab:d2:2b:0c:85:65:8b:53:dc:12:4f:3f:78:
37:ef:53:0d:6d:1c:81:be:b8:34:f0:91:6f:8e:24:
28:3f:63:67:c4:65:87:3b:72:26:c3:2f:59:a9:ca:
97:84:13:ba:c3:f4:3f:83:fd:16:c6:72:11:a9:41:
90:07:97:70:91:3c:e7:ab:13:be:32:a7:1c:76:83:
8c:e3:64:f8:47:f7:84:c1:9c:d4:dd:62:48:69:3b:
f1:5a:98:61:ff:66:cf:c9:91:4a:a7:81:b5:69:2d:
7c:1a:ad:3f:2a:ab:3b:70:e8:83:6b:76:80:b0:4a:
8c:d8:48:bf:07:b1:21:ac:10:ae:92:55:45:90:ae:
fb:de:99:b2:41:94:61:6a:09:3e:60:6b:f1:22:74:
f1:86:c1:e4:98:85:d1:13:cd:b4:39:c4:65:1b:89:
1f:ba:b8:c1:c7:6d:4b:f9:c1:30:e0:4f:69:de:47:
f7:8a:ae:ab:34:32:bd:43:7c:e1:1f:e1:c8:00:52:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:64:83:EE:65:FC:09:0E:47:5A:96:6D:EC:A2:19:1B:39:FC:08:2D
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HGSD7mX8CQ5HWpZt7KIZGzn8CC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
148.253.239.0-148.253.243.255
148.253.249.0-148.253.250.255
151.249.90.0/23
163.171.77.0/24
163.171.90.0/23
163.171.246.0/23
163.171.251.0/24
163.171.253.0-163.171.254.255
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2c:1d:3c:95:5a:8d:ca:b5:1b:d9:8b:55:4b:27:ee:38:9d:
0f:90:ca:e5:60:4d:5e:4c:b5:b3:1a:b6:05:24:65:39:ea:e6:
de:69:d2:54:ce:b1:02:ca:ff:3a:14:0b:44:3c:91:e3:7f:a9:
ef:a5:8a:88:d0:34:cb:e3:72:17:fc:2b:b8:53:a6:21:99:f2:
07:7f:83:0e:b5:06:f5:ce:5e:9a:e6:be:f4:81:65:51:40:15:
65:8b:0d:1b:30:fa:22:7a:b3:bd:bc:5d:f4:85:fb:e4:da:aa:
29:51:62:8a:6e:30:b0:74:22:2c:9b:03:70:ea:b9:86:b8:79:
0c:a3:07:0b:fe:c0:0f:de:d1:ab:0d:31:28:56:66:f7:40:18:
1f:57:2c:6b:ea:53:09:3e:87:05:74:f2:3d:da:0c:6b:b2:f0:
a3:57:d4:4e:2d:c6:5c:d5:b8:33:0c:f8:a3:df:95:91:1b:a0:
e9:90:0d:66:79:9c:69:5a:5d:98:51:a3:1c:17:3f:7d:8b:21:
fb:f6:02:74:96:b0:cc:85:40:47:76:ad:1e:93:66:b6:3a:45:
68:bf:04:cf:bf:c5:a3:51:47:f9:c6:6a:3c:b1:2c:99:af:a1:
0d:82:68:41:aa:83:53:ba:f3:5a:7b:10:95:a0:ff:e3:ec:a3:
60:b1:b7:c1
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY4j6Ewxo9PxKi8RXD6m7XVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMzA5MTU1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY0ODNlZTY1ZmMwOTBlNDc1YTk2NmRlY2EyMTkxYjM5ZmMwODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnrACTr9nuanboypMfwOdbCW0Vwd
8QmJJBvREanQ0rdQ+oyQlqf1TAReUT2tgQg99EaqB7SELR0hIxI9k6vSKwyFZYtT
3BJPP3g371MNbRyBvrg08JFvjiQoP2NnxGWHO3Imwy9ZqcqXhBO6w/Q/g/0WxnIR
qUGQB5dwkTznqxO+MqccdoOM42T4R/eEwZzU3WJIaTvxWphh/2bPyZFKp4G1aS18
Gq0/Kqs7cOiDa3aAsEqM2Ei/B7EhrBCuklVFkK773pmyQZRhagk+YGvxInTxhsHk
mIXRE820OcRlG4kfurjBx21L+cEw4E9p3kf3iq6rNDK9Q3zhH+HIAFJXkQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBxkg+5l/AkOR1qWbeyiGRs5/AgtMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvSEdTRDdtWDhDUTVIV3BadDdLSVpHem44Q0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAW8LNMAwD
BACU/e8DBAKU/fAwDAMEAJT9+QMEAJT9+gMEAZf5WgMEAKOrTQMEAaOrWgMEAaOr
9gMEAKOr+zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
LB08lVqNyrUb2YtVSyfuOJ0PkMrlYE1eTLWzGrYFJGU56ubeadJUzrECyv86FAtE
PJHjf6nvpYqI0DTL43IX/Cu4U6YhmfIHf4MOtQb1zl6a5r70gWVRQBVliw0bMPoi
erO9vF30hfvk2qopUWKKbjCwdCIsmwNw6rmGuHkMowcL/sAP3tGrDTEoVmb3QBgf
Vyxr6lMJPocFdPI92gxrsvCjV9ROLcZc1bgzDPij35WRG6DpkA1meZxpWl2YUaMc
Fz99iyH79gJ0lrDMhUBHdq0ek2a2OkVovwTPv8WjUUf5xmo8sSyZr6ENgmhBqoNT
uvNaexCVoP/j7KNgsbfB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org