Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HNtwAic41q-YHP44ISyGZGc9IgU.roa
File: HNtwAic41q-YHP44ISyGZGc9IgU.roa (raw, json)
Hash identifier: NgpQmCfLWxfutFE7NDIq19OFk4KtQ3xqarEmfDPQxH4=
Subject key identifier: 1C:DB:70:02:27:38:D6:AF:98:1C:FE:38:21:2C:86:64:67:3D:22:05
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192D872D57FD80B76C997951EDE3CB395CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HNtwAic41q-YHP44ISyGZGc9IgU.roa
Signing time: Tue 29 Oct 2024 13:24:17 +0000
ROA not before: Tue 29 Oct 2024 13:24:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 5.253.59.0/24 maxlen: 24
45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.218.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.100.0/24 maxlen: 24
94.125.101.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.8.185.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 06:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:72:d5:7f:d8:0b:76:c9:97:95:1e:de:3c:b3:95:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 29 13:24:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cdb70022738d6af981cfe38212c8664673d2205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:b7:e2:1b:c2:54:23:64:42:0b:df:92:c4:
56:44:71:73:3a:ac:68:af:8d:97:c0:54:68:ca:c5:
df:4f:c1:52:74:18:be:8f:80:43:7b:6b:c3:35:9a:
2c:8d:71:99:e9:84:eb:9b:a5:59:46:90:45:00:68:
21:be:5e:1e:2f:bc:84:08:b9:97:90:00:48:5a:e1:
2a:3c:dc:61:58:f9:90:b8:6d:a9:8b:f2:21:d4:21:
dc:ba:b3:62:bb:1c:bc:e8:fc:f1:aa:c0:6d:d0:e5:
66:99:97:4a:f9:31:f5:f7:d8:b4:bd:ec:8b:b9:65:
b9:fa:af:88:d3:ad:6f:70:40:db:5a:08:81:67:b9:
2b:ae:7e:ee:71:ce:53:89:ae:6e:27:6d:69:29:6b:
c2:93:fb:a7:54:69:ed:05:70:b0:d3:ad:e4:06:42:
09:dc:4c:1f:ac:4a:28:3e:4d:3c:c7:7e:ee:c8:da:
95:3e:d0:1f:f1:11:de:b7:88:09:df:45:49:62:3f:
04:5f:ee:18:bd:cb:d4:eb:a9:f4:dd:fb:aa:43:a0:
a0:4d:e4:d6:22:b0:77:4d:de:b3:9e:21:df:af:d5:
ba:a9:5f:50:c8:e0:7b:45:f4:41:bc:02:78:d5:55:
2d:4b:58:65:e7:f8:de:7e:d5:6c:25:57:b6:16:2c:
58:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DB:70:02:27:38:D6:AF:98:1C:FE:38:21:2C:86:64:67:3D:22:05
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HNtwAic41q-YHP44ISyGZGc9IgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.59.0/24
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
83.143.113.0/24
85.208.139.0/24
87.120.36.0/24
87.120.88.0/24
87.121.98.0/24
87.121.218.0/24
93.123.31.0/24
94.125.100.0/23
109.206.236.0/24
109.206.242.0/24
185.218.137.0/24
185.246.222.0/24
193.8.185.0/24
193.168.196.0/23
193.168.199.0/24
Signature Algorithm: sha256WithRSAEncryption
19:a4:cb:02:0f:d3:17:8d:89:e4:b5:44:c7:a1:4a:68:02:a6:
c7:06:b4:97:92:07:73:fe:61:b1:64:3d:ab:08:ab:8c:42:d0:
b2:af:61:d0:4c:66:c5:b7:e6:3d:27:6c:a3:84:bc:c0:bd:82:
94:ec:4c:33:fb:75:d4:5e:04:6b:73:47:b5:9d:05:93:f2:a0:
5d:38:70:d6:0f:db:c5:9e:b9:e6:dc:86:d8:de:cc:5b:4f:8e:
e4:23:dc:60:2a:de:aa:f9:f4:91:09:ad:f6:d8:b5:13:64:ad:
cc:ba:17:d2:2f:30:7d:81:25:7b:31:61:bf:d4:f3:e4:d1:4c:
6f:83:63:3e:41:14:94:f2:54:5c:6a:fa:7b:bd:c9:12:2b:53:
e9:50:b0:f1:4d:46:42:d9:03:70:9c:7e:c1:aa:23:f8:7c:74:
b0:c1:bd:f2:a8:60:ba:ee:e6:c7:e6:62:df:6f:04:a5:1c:f7:
2d:49:52:2b:af:1f:48:6c:ec:60:cf:cc:2f:50:9e:ee:9d:72:
43:9f:a0:1d:01:77:f3:13:69:2d:eb:64:1a:11:61:f1:af:b7:
5a:5e:f4:2e:66:5c:fb:e9:a2:e5:0b:71:63:a3:38:35:0f:3e:
d4:a0:22:34:36:6c:ee:05:ee:9e:77:5a:43:86:f7:86:25:d2:
02:24:7a:1c
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZLYctV/2At2yZeVHt48s5XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI5MTMyNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RiNzAwMjI3MzhkNmFmOTgxY2ZlMzgyMTJjODY2NDY3M2QyMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIK34hvCVCNkQgvfksRWRHFzOqxo
r42XwFRoysXfT8FSdBi+j4BDe2vDNZosjXGZ6YTrm6VZRpBFAGghvl4eL7yECLmX
kABIWuEqPNxhWPmQuG2pi/Ih1CHcurNiuxy86PzxqsBt0OVmmZdK+TH199i0veyL
uWW5+q+I061vcEDbWgiBZ7krrn7ucc5Tia5uJ21pKWvCk/unVGntBXCw063kBkIJ
3EwfrEooPk08x37uyNqVPtAf8RHet4gJ30VJYj8EX+4YvcvU66n03fuqQ6CgTeTW
IrB3Td6zniHfr9W6qV9QyOB7RfRBvAJ41VUtS1hl5/jeftVsJVe2FixY1wIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBzbcAInONavmBz+OCEshmRnPSIFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSE50d0FpYzQxcS1ZSFA0NElTeUdaR2M5SWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAAX9OwME
AC1UWAMEAC1Z9AMEAC1bwQMEAFOPcQMEAFXQiwMEAFd4JAMEAFd4WAMEAFd5YgME
AFd52gMEAF17HwMEAV59ZAMEAG3O7AMEAG3O8gMEALnaiQMEALn23gMEAMEIuQME
AcGoxAMEAMGoxzANBgkqhkiG9w0BAQsFAAOCAQEAGaTLAg/TF42J5LVEx6FKaAKm
xwa0l5IHc/5hsWQ9qwirjELQsq9h0ExmxbfmPSdso4S8wL2ClOxMM/t11F4Ea3NH
tZ0Fk/KgXThw1g/bxZ655tyG2N7MW0+O5CPcYCreqvn0kQmt9ti1E2StzLoX0i8w
fYElezFhv9Tz5NFMb4NjPkEUlPJUXGr6e73JEitT6VCw8U1GQtkDcJx+waoj+Hx0
sMG98qhguu7mx+Zi328EpRz3LUlSK68fSGzsYM/ML1Ce7p1yQ5+gHQF38xNpLetk
GhFh8a+3Wl70LmZc++mi5QtxY6M4NQ8+1KAiNDZs7gXunndaQ4b3hiXSAiR6HA==
-----END CERTIFICATE-----
Generated at Wed Oct 30 08:32:27 2024 by rpki-client on console-ams.rpki-client.org