Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HaKnYt4u_twpqTTF1uOUkbUEBYw.roa
File: HaKnYt4u_twpqTTF1uOUkbUEBYw.roa (raw, json)
Hash identifier: pqOnVRth2N1+vHRipRSPVypKViHrTvTEvb83lFA9V0s=
Subject key identifier: 1D:A2:A7:62:DE:2E:FE:DC:29:A9:34:C5:D6:E3:94:91:B5:04:05:8C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192DDBF691D72F42C36858679A3F32DDF9E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HaKnYt4u_twpqTTF1uOUkbUEBYw.roa
Signing time: Wed 30 Oct 2024 14:06:01 +0000
ROA not before: Wed 30 Oct 2024 14:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.95.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 17:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:bf:69:1d:72:f4:2c:36:85:86:79:a3:f3:2d:df:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 30 14:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da2a762de2efedc29a934c5d6e39491b504058c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:20:60:0b:dc:3e:bd:cb:22:9f:4f:10:3a:
cf:94:17:2f:fc:e1:4a:d5:ab:40:9b:f5:b7:49:8f:
7e:d5:9d:ab:f0:79:8a:96:3a:06:24:09:97:ee:0d:
ae:ec:4f:43:c6:9a:73:40:46:8e:65:39:3a:54:2d:
0b:17:1f:4d:3c:27:8d:03:19:c8:3e:70:82:51:01:
6a:71:ea:94:1f:14:09:ff:21:c4:a9:53:08:6c:51:
6b:07:20:c1:45:c8:3f:11:c7:d4:6a:f4:9b:ab:3a:
cd:3b:20:99:0b:97:73:ac:3c:a8:11:19:19:51:14:
4c:a3:fe:0d:ec:3e:c5:6e:5a:8a:af:41:50:e6:4e:
07:c0:6d:55:84:c3:b6:75:95:c0:1d:67:7a:cb:af:
5e:bc:99:ed:1a:16:f0:fc:96:bd:89:ef:0e:1e:f9:
95:d6:17:4e:a2:db:8f:a9:99:19:f9:e0:fb:24:fc:
79:eb:78:b7:cc:2e:c9:d1:48:c6:a2:c5:ac:78:c9:
d0:1f:d2:9e:ad:f2:10:4a:44:d2:18:d8:b2:67:0c:
5e:be:5a:27:d1:be:53:1f:ef:31:65:1c:4e:c9:49:
60:26:1d:d2:c5:f2:96:5e:d8:51:9c:ea:1e:d1:b2:
07:55:42:2a:0c:3b:42:c2:df:d7:82:46:71:54:8e:
c4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A2:A7:62:DE:2E:FE:DC:29:A9:34:C5:D6:E3:94:91:B5:04:05:8C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HaKnYt4u_twpqTTF1uOUkbUEBYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
45.95.1.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3a:99:5e:2a:47:c1:8e:60:84:94:5b:11:23:26:1b:87:55:
4d:43:aa:f2:30:0a:cd:c2:70:98:46:14:fe:4a:cf:24:4d:7e:
42:ae:b6:9c:c9:02:07:a3:c1:06:c4:b0:2f:00:c6:79:d0:f4:
2e:ee:19:ef:95:60:75:cd:93:76:1a:88:bb:30:ce:df:a7:ef:
f9:4b:62:40:f5:e0:b2:96:15:d1:0c:64:14:9b:4b:1b:83:6e:
2b:78:69:ed:47:17:38:3a:55:99:d3:65:92:5c:79:96:3f:ba:
18:99:74:9b:71:f3:7e:af:a6:33:26:56:ef:15:b9:dc:3b:94:
73:e6:7e:4c:dc:2b:83:6d:d4:47:8a:c4:2d:68:22:77:f0:3d:
86:fe:cb:ba:1a:fd:e2:34:32:49:6e:b6:5b:74:f0:ce:37:3d:
68:07:71:95:b3:c9:9d:24:70:21:ed:f4:b2:23:5d:08:7d:1e:
6f:2d:c8:47:ee:1c:ab:69:9e:25:bc:20:ef:d4:59:2b:d0:29:
a6:d8:76:bf:c1:43:4d:00:01:02:a7:3e:d9:29:80:3f:60:db:
5a:5d:b0:34:2d:4c:db:5c:d6:be:c3:e1:e5:f5:ae:e7:0a:7c:
3e:1f:6b:6f:75:3a:0e:eb:76:da:96:7b:7f:f4:de:72:11:07:
a2:61:75:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLdv2kdcvQsNoWGeaPzLd+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDMwMTQwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEyYTc2MmRlMmVmZWRjMjlhOTM0YzVkNmUzOTQ5MWI1MDQwNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8cgYAvcPr3LIp9PEDrPlBcv/OFK
1atAm/W3SY9+1Z2r8HmKljoGJAmX7g2u7E9DxppzQEaOZTk6VC0LFx9NPCeNAxnI
PnCCUQFqceqUHxQJ/yHEqVMIbFFrByDBRcg/EcfUavSbqzrNOyCZC5dzrDyoERkZ
URRMo/4N7D7FblqKr0FQ5k4HwG1VhMO2dZXAHWd6y69evJntGhbw/Ja9ie8OHvmV
1hdOotuPqZkZ+eD7JPx563i3zC7J0UjGosWseMnQH9KerfIQSkTSGNiyZwxevlon
0b5TH+8xZRxOyUlgJh3SxfKWXthRnOoe0bIHVUIqDDtCwt/XgkZxVI7EqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB2ip2LeLv7cKak0xdbjlJG1BAWMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGFLbll0NHVfdHdwcVRURjF1T1VrYlVFQll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVRYAwQA
LVn0AwQALVvBAwQALV8BMA0GCSqGSIb3DQEBCwUAA4IBAQB6OpleKkfBjmCElFsR
IyYbh1VNQ6ryMArNwnCYRhT+Ss8kTX5CrracyQIHo8EGxLAvAMZ50PQu7hnvlWB1
zZN2Goi7MM7fp+/5S2JA9eCylhXRDGQUm0sbg24reGntRxc4OlWZ02WSXHmWP7oY
mXSbcfN+r6YzJlbvFbncO5Rz5n5M3CuDbdRHisQtaCJ38D2G/su6Gv3iNDJJbrZb
dPDONz1oB3GVs8mdJHAh7fSyI10IfR5vLchH7hyraZ4lvCDv1Fkr0Cmm2Ha/wUNN
AAECpz7ZKYA/YNtaXbA0LUzbXNa+w+Hl9a7nCnw+H2tvdToO63balnt/9N5yEQei
YXVT
-----END CERTIFICATE-----
Generated at Wed Oct 30 19:53:35 2024 by rpki-client on console-fra.rpki-client.org