Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/HTgMn1l4XgHFxW-vAd5diIvSUec.roa
File: HTgMn1l4XgHFxW-vAd5diIvSUec.roa (raw, json)
Hash identifier: nfrCIqz2vMxifb+U3MPvE0lXP7mLPFnhSTrMF+adg9w=
Subject key identifier: 1D:38:0C:9F:59:78:5E:01:C5:C5:6F:AF:01:DE:5D:88:8B:D2:51:E7
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0187B7DAD5208894E33256EBECA90712E8DA
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/HTgMn1l4XgHFxW-vAd5diIvSUec.roa
Signing time: Tue 25 Apr 2023 09:59:44 +0000
ROA not before: Tue 25 Apr 2023 09:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399734
IP address blocks: 83.231.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:da:d5:20:88:94:e3:32:56:eb:ec:a9:07:12:e8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Apr 25 09:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d380c9f59785e01c5c56faf01de5d888bd251e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:e4:e4:38:0d:c0:ae:1e:b8:83:7c:99:cf:
b7:89:f7:2c:21:04:6a:62:3c:59:14:a1:d6:92:bf:
2c:3c:df:83:a4:9c:33:2b:c9:e5:61:f7:9a:40:9a:
c6:07:79:90:15:3f:bd:ef:ed:1e:b1:25:c1:ab:59:
24:a3:d9:e8:54:83:f7:76:d7:99:6f:0b:61:2c:5a:
e2:2d:2f:f4:98:e0:b5:a4:5b:ee:35:d4:c6:ec:e3:
33:86:b1:e2:da:6f:31:6b:03:f7:44:4d:cc:b6:f4:
98:84:03:6f:bc:1b:0d:01:5e:b7:41:db:3a:e6:33:
11:ff:6a:22:56:bd:55:a0:9f:4a:c8:dc:db:6d:be:
da:44:13:ef:f1:e8:61:ed:57:d0:9e:9a:7f:64:f8:
39:d5:c0:4e:eb:74:09:a2:67:6f:ca:5a:2e:d8:4d:
27:e5:c7:cb:d3:c8:57:8e:b4:13:1a:d4:c5:e3:08:
e7:14:2a:d4:91:8c:75:24:17:59:92:bc:a6:c0:1c:
56:d5:93:64:f0:4b:2a:9b:65:fb:01:d9:e7:f8:96:
a7:34:30:2e:57:73:ae:78:1c:49:9d:c4:91:2d:17:
5f:5d:7d:6c:50:8c:8d:db:0d:fe:20:f7:4a:14:5c:
5b:99:0d:c2:b3:9b:c1:fa:08:84:1c:12:58:09:c1:
24:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:38:0C:9F:59:78:5E:01:C5:C5:6F:AF:01:DE:5D:88:8B:D2:51:E7
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/HTgMn1l4XgHFxW-vAd5diIvSUec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.231.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:50:73:25:f1:5f:fc:b7:3a:21:4c:5f:2a:a2:0e:f1:ba:7e:
c0:e3:1e:9c:1d:5f:91:13:58:19:4c:77:5b:88:91:6d:71:ef:
08:9b:fd:e0:28:ac:7a:27:63:c5:61:01:e4:3e:6c:b4:76:02:
22:05:58:fd:e8:a1:d8:e5:6a:06:69:29:d1:bb:a0:a2:99:93:
72:c7:83:9d:ee:89:64:fc:08:46:00:4e:ab:60:83:81:d9:7f:
f5:6f:ea:b4:74:33:37:54:a4:c1:73:ef:36:6a:f1:3c:ba:e2:
59:6f:5f:4a:a9:4f:52:56:a3:ce:08:45:d7:80:dd:b6:eb:2b:
26:f8:9a:f2:af:0d:e9:33:ab:17:bc:22:4f:1b:0b:17:36:ac:
0d:6d:ce:16:23:54:40:23:23:c3:df:29:62:42:47:8a:f4:16:
1c:5f:2b:a1:82:fd:23:4f:ba:fb:57:3b:3c:f6:d6:44:18:67:
ae:b5:23:66:00:42:b9:4a:8c:ce:40:9a:74:bb:b5:a0:89:30:
e5:8d:87:0d:a2:38:33:e3:17:5d:8a:52:2b:ff:a5:21:08:89:
b5:04:5f:31:09:25:8b:f1:fa:6b:44:68:f0:3a:60:e6:17:b3:
a7:b8:9c:5d:6d:36:b5:50:1a:cc:ad:4f:7f:76:6f:ba:7e:c8:
15:5a:2e:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe32tUgiJTjMlbr7KkHEujaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MDk1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM4MGM5ZjU5Nzg1ZTAxYzVjNTZmYWYwMWRlNWQ4ODhiZDI1MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp/k5DgNwK4euIN8mc+3ifcsIQRq
YjxZFKHWkr8sPN+DpJwzK8nlYfeaQJrGB3mQFT+97+0esSXBq1kko9noVIP3dteZ
bwthLFriLS/0mOC1pFvuNdTG7OMzhrHi2m8xawP3RE3MtvSYhANvvBsNAV63Qds6
5jMR/2oiVr1VoJ9KyNzbbb7aRBPv8ehh7VfQnpp/ZPg51cBO63QJomdvylou2E0n
5cfL08hXjrQTGtTF4wjnFCrUkYx1JBdZkrymwBxW1ZNk8Esqm2X7Adnn+JanNDAu
V3OueBxJncSRLRdfXX1sUIyN2w3+IPdKFFxbmQ3Cs5vB+giEHBJYCcEkqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB04DJ9ZeF4BxcVvrwHeXYiL0lHnMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvSFRnTW4xbDRYZ0hGeFctdkFkNWRpSXZTVWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU+fuMA0G
CSqGSIb3DQEBCwUAA4IBAQAfUHMl8V/8tzohTF8qog7xun7A4x6cHV+RE1gZTHdb
iJFtce8Im/3gKKx6J2PFYQHkPmy0dgIiBVj96KHY5WoGaSnRu6CimZNyx4Od7olk
/AhGAE6rYIOB2X/1b+q0dDM3VKTBc+82avE8uuJZb19KqU9SVqPOCEXXgN226ysm
+Jryrw3pM6sXvCJPGwsXNqwNbc4WI1RAIyPD3yliQkeK9BYcXyuhgv0jT7r7Vzs8
9tZEGGeutSNmAEK5SozOQJp0u7WgiTDljYcNojgz4xddilIr/6UhCIm1BF8xCSWL
8fprRGjwOmDmF7OnuJxdbTa1UBrMrU9/dm+6fsgVWi4A
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:03 2024 by rpki-client on console-ams.rpki-client.org