Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/f5dc62-be68-4663-84de-5545b8901438/1/HQ0lcv016l-GbuhDPKdpzMRiupc.roa
File: HQ0lcv016l-GbuhDPKdpzMRiupc.roa (raw, json)
Hash identifier: thjhyHptsGaNiRA5wd++pewVbqEpYUIeZYigF4dF3jU=
Subject key identifier: 1D:0D:25:72:FD:35:EA:5F:86:6E:E8:43:3C:A7:69:CC:C4:62:BA:97
Certificate issuer: /CN=241ed58e426975e299875897caff9552640d9c09
Certificate serial: 018CC8703EDFCFEACDFF9E6D428394BA5705
Authority key identifier: 24:1E:D5:8E:42:69:75:E2:99:87:58:97:CA:FF:95:52:64:0D:9C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JB7VjkJpdeKZh1iXyv-VUmQNnAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/f5dc62-be68-4663-84de-5545b8901438/1/HQ0lcv016l-GbuhDPKdpzMRiupc.roa
Signing time: Tue 02 Jan 2024 04:30:48 +0000
ROA not before: Tue 02 Jan 2024 04:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15826
IP address blocks: 80.247.224.0/20 maxlen: 20
185.20.84.0/22 maxlen: 22
2a00:1a60::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:3e:df:cf:ea:cd:ff:9e:6d:42:83:94:ba:57:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=241ed58e426975e299875897caff9552640d9c09
Validity
Not Before: Jan 2 04:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d0d2572fd35ea5f866ee8433ca769ccc462ba97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:58:2b:58:9b:30:ce:04:2b:fb:c2:da:d3:
9a:30:bf:90:42:4d:54:41:41:e3:bf:f0:9c:4c:89:
9f:ca:f6:c4:fe:ef:5f:c1:f2:94:9a:60:14:85:57:
6c:c1:60:06:de:e9:1d:59:18:31:78:86:22:95:ff:
93:86:ea:e1:91:70:23:f0:60:e0:d9:3c:58:6a:05:
4a:9a:da:84:92:3e:ba:cc:40:d3:77:83:cc:2e:b1:
a2:3e:d7:93:08:e5:f8:a8:ea:32:b8:17:eb:9f:51:
64:83:b5:4a:2d:52:3d:dd:b1:78:28:cb:d6:e6:0d:
2e:56:b5:0a:b5:e0:45:69:86:4d:ec:e8:a7:a5:0b:
43:bc:61:13:f3:79:e2:3e:ba:93:16:6b:5f:8d:cd:
03:4f:3f:5e:88:28:df:a8:10:75:d0:7e:47:12:7f:
a7:5f:c3:a6:6d:0f:e7:bb:36:b3:d1:94:ec:d0:4a:
a4:23:04:7a:5d:8f:03:8c:4f:32:d5:51:e3:dd:c5:
3a:20:bc:da:2e:50:b3:b6:40:cf:4a:14:0b:0d:4b:
f8:8d:db:32:14:74:d2:f0:b7:2a:66:96:a2:79:c2:
cb:ad:c7:62:9f:9d:ca:a3:92:46:55:3f:ac:ad:ef:
9e:b4:18:19:e8:4b:29:07:00:f9:53:f3:8a:a2:ec:
16:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0D:25:72:FD:35:EA:5F:86:6E:E8:43:3C:A7:69:CC:C4:62:BA:97
X509v3 Authority Key Identifier:
keyid:24:1E:D5:8E:42:69:75:E2:99:87:58:97:CA:FF:95:52:64:0D:9C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JB7VjkJpdeKZh1iXyv-VUmQNnAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f5dc62-be68-4663-84de-5545b8901438/1/HQ0lcv016l-GbuhDPKdpzMRiupc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f5dc62-be68-4663-84de-5545b8901438/1/JB7VjkJpdeKZh1iXyv-VUmQNnAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.224.0/20
185.20.84.0/22
IPv6:
2a00:1a60::/32
Signature Algorithm: sha256WithRSAEncryption
ab:1c:70:10:4a:6f:59:96:c7:da:13:12:bf:0e:46:b6:4f:45:
95:f0:5a:b0:0d:d4:d1:fb:dc:5b:7a:7a:46:ba:22:24:e0:7c:
7c:e0:de:34:cf:b7:a6:36:b3:b7:60:a7:be:47:08:bb:bc:03:
e6:0f:89:bc:04:8a:d3:5d:60:7f:ae:c7:1a:cc:13:73:f5:79:
6e:7f:0b:ff:21:16:16:eb:af:ec:3e:b5:14:0a:a0:93:f0:61:
9c:72:6a:dc:b7:7d:b4:24:98:aa:f8:be:5f:8f:4c:89:ed:6b:
cf:95:96:91:87:76:6c:b3:7e:b3:28:a0:7f:5f:1d:9a:32:63:
20:82:69:26:2b:fe:c5:0b:10:03:3b:04:1d:90:9a:d9:69:b4:
93:fd:c4:f4:3b:fd:73:14:64:56:ab:ed:e5:b4:b4:4a:66:fd:
8d:18:48:09:e5:56:20:b3:ff:21:b4:8c:bc:1a:9b:10:20:43:
47:fb:e0:8f:42:39:a1:a4:9b:f9:7f:c5:57:1c:68:d1:79:7d:
6c:0c:ba:77:18:bc:79:db:e8:26:21:11:8c:4d:d1:06:05:0b:
40:f5:21:2b:d9:9e:89:09:9f:e7:27:d3:1b:a1:20:cc:34:25:
46:93:15:27:0e:b5:b6:a7:a8:34:ed:da:12:69:b6:76:07:79:
6e:b1:52:4e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcD7fz+rN/55tQoOUulcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MWVkNThlNDI2OTc1ZTI5OTg3NTg5N2NhZmY5NTUyNjQw
ZDljMDkwHhcNMjQwMTAyMDQzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBkMjU3MmZkMzVlYTVmODY2ZWU4NDMzY2E3NjljY2M0NjJiYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7hYK1ibMM4EK/vC2tOaML+QQk1U
QUHjv/CcTImfyvbE/u9fwfKUmmAUhVdswWAG3ukdWRgxeIYilf+ThurhkXAj8GDg
2TxYagVKmtqEkj66zEDTd4PMLrGiPteTCOX4qOoyuBfrn1Fkg7VKLVI93bF4KMvW
5g0uVrUKteBFaYZN7OinpQtDvGET83niPrqTFmtfjc0DTz9eiCjfqBB10H5HEn+n
X8OmbQ/nuzaz0ZTs0EqkIwR6XY8DjE8y1VHj3cU6ILzaLlCztkDPShQLDUv4jdsy
FHTS8LcqZpaiecLLrcdin53Ko5JGVT+sre+etBgZ6EspBwD5U/OKouwWvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB0NJXL9Nepfhm7oQzynaczEYrqXMB8GA1UdIwQY
MBaAFCQe1Y5CaXXimYdYl8r/lVJkDZwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkI3VmprSnBkZUtaaDFpWHl2LVZVbVFObkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mNWRjNjItYmU2OC00NjYzLTg0ZGUt
NTU0NWI4OTAxNDM4LzEvSFEwbGN2MDE2bC1HYnVoRFBLZHB6TVJpdXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mNWRjNjItYmU2OC00NjYzLTg0ZGUtNTU0NWI4OTAxNDM4
LzEvSkI3VmprSnBkZUtaaDFpWHl2LVZVbVFObkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUPfgAwQC
uRRUMA0EAgACMAcDBQAqABpgMA0GCSqGSIb3DQEBCwUAA4IBAQCrHHAQSm9Zlsfa
ExK/Dka2T0WV8FqwDdTR+9xbenpGuiIk4Hx84N40z7emNrO3YKe+Rwi7vAPmD4m8
BIrTXWB/rscazBNz9Xlufwv/IRYW66/sPrUUCqCT8GGccmrct320JJiq+L5fj0yJ
7WvPlZaRh3Zss36zKKB/Xx2aMmMggmkmK/7FCxADOwQdkJrZabST/cT0O/1zFGRW
q+3ltLRKZv2NGEgJ5VYgs/8htIy8GpsQIENH++CPQjmhpJv5f8VXHGjReX1sDLp3
GLx52+gmIRGMTdEGBQtA9SEr2Z6JCZ/nJ9MboSDMNCVGkxUnDrW2p6g07doSabZ2
B3lusVJO
-----END CERTIFICATE-----
Generated at Wed Apr 23 10:18:37 2025 by rpki-client