Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hzb-qpAW_NZ_IX_AdlrtS9G0n_Y.roa
File: hzb-qpAW_NZ_IX_AdlrtS9G0n_Y.roa (raw, json)
Hash identifier: xejzb4i1zxDmlmViqiidyXDvJgO6T9+Qw0gCwq0xavE=
Subject key identifier: 87:36:FE:AA:90:16:FC:D6:7F:21:7F:C0:76:5A:ED:4B:D1:B4:9F:F6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E48F4C8DB698C9177C8D2D7997051918D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hzb-qpAW_NZ_IX_AdlrtS9G0n_Y.roa
Signing time: Sat 16 Mar 2024 20:29:45 +0000
ROA not before: Sat 16 Mar 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 5.253.64.0/24 maxlen: 24
5.253.65.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Nov 2024 00:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:f4:c8:db:69:8c:91:77:c8:d2:d7:99:70:51:91:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 16 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8736feaa9016fcd67f217fc0765aed4bd1b49ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:26:a9:c0:1e:2a:c6:ab:a7:fd:fc:8f:61:3c:
e0:86:c5:cf:f1:7d:79:cf:e0:04:72:4b:ef:07:6d:
ce:1f:6d:ab:4a:06:47:f3:bb:ca:b1:fa:c7:25:fc:
fe:e5:16:73:99:2a:3c:b6:2f:90:44:84:ee:0c:fc:
3c:a1:5a:0f:5c:ea:d7:bf:c9:ac:40:cf:45:26:4c:
c0:70:0c:fc:64:d7:ae:d3:b4:da:80:5b:ef:52:fa:
1c:24:4a:c3:1a:17:9d:fd:82:23:58:4e:5c:1e:9e:
97:31:d5:f5:e8:75:d2:15:6f:7f:7c:bd:56:df:8f:
f3:4b:d9:8c:fe:f3:ba:af:99:11:93:d5:17:15:f5:
5c:aa:ce:f3:d5:1d:c9:c5:32:f3:02:ef:59:79:9b:
91:2e:48:b7:0b:63:28:36:2b:82:2e:66:25:ce:21:
a1:26:42:ac:c6:c9:7e:a7:14:47:82:90:5b:02:bb:
ed:86:f3:22:09:2b:ce:90:17:62:6a:aa:81:e2:0b:
4b:1b:98:ab:4c:bf:e7:4c:78:9a:e2:fd:09:5e:89:
fc:33:6a:69:eb:5f:0a:1e:97:8a:f1:f5:4c:ac:97:
24:48:ac:8a:38:25:7a:26:00:1c:99:cb:7a:a6:65:
58:35:ee:2f:8f:ee:9f:cb:48:83:c2:0a:5e:9b:11:
8d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:36:FE:AA:90:16:FC:D6:7F:21:7F:C0:76:5A:ED:4B:D1:B4:9F:F6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hzb-qpAW_NZ_IX_AdlrtS9G0n_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
01:02:80:d7:f0:0f:62:3f:b5:c0:17:08:02:99:3f:8e:86:3e:
fb:01:ba:f4:7c:ed:b7:b9:c6:4e:24:e2:be:d3:29:e6:d2:3b:
b7:5f:19:05:6f:1f:33:d7:4d:fd:59:0d:40:0a:74:89:39:96:
03:28:e2:c4:45:21:92:b6:44:00:64:85:f4:70:a4:ae:e5:4f:
42:70:d5:03:49:af:17:97:fa:8e:0a:80:8e:d9:54:b2:8a:b9:
48:79:27:9a:f6:61:3e:07:f1:4c:94:58:6f:c0:92:85:b6:ea:
34:53:7c:e5:5b:e0:9a:17:d1:05:b8:24:be:b5:1e:09:87:cf:
7c:23:90:23:9c:10:20:dd:08:e5:72:38:1b:66:5b:71:ec:5a:
a5:f9:09:18:14:9c:b1:53:6d:11:72:36:57:c0:65:08:36:4f:
db:36:0d:59:b0:ad:a2:c8:7a:15:5f:e3:a7:00:ee:2d:a0:8c:
8e:f2:63:28:93:2c:bd:25:0a:b9:a7:4b:ec:b9:08:c6:50:30:
a6:10:08:50:c1:ee:56:bb:ca:42:0b:18:d4:b7:60:ce:8a:d9:
24:19:60:2c:06:7d:07:bc:5d:58:63:a3:d8:da:41:8f:ef:5d:
b2:7b:69:b1:4f:a1:83:6e:08:6b:86:17:6d:81:5f:13:fd:34:
cf:98:04:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5I9MjbaYyRd8jS15lwUZGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE2MjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM2ZmVhYTkwMTZmY2Q2N2YyMTdmYzA3NjVhZWQ0YmQxYjQ5ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiapwB4qxqun/fyPYTzghsXP8X15
z+AEckvvB23OH22rSgZH87vKsfrHJfz+5RZzmSo8ti+QRITuDPw8oVoPXOrXv8ms
QM9FJkzAcAz8ZNeu07TagFvvUvocJErDGhed/YIjWE5cHp6XMdX16HXSFW9/fL1W
34/zS9mM/vO6r5kRk9UXFfVcqs7z1R3JxTLzAu9ZeZuRLki3C2MoNiuCLmYlziGh
JkKsxsl+pxRHgpBbArvthvMiCSvOkBdiaqqB4gtLG5irTL/nTHia4v0JXon8M2pp
618KHpeK8fVMrJckSKyKOCV6JgAcmct6pmVYNe4vj+6fy0iDwgpemxGN1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIc2/qqQFvzWfyF/wHZa7UvRtJ/2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaHpiLXFwQVdfTlpfSVhfQWRscnRTOUcwbl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBf1AAwQA
pCi5MA0GCSqGSIb3DQEBCwUAA4IBAQABAoDX8A9iP7XAFwgCmT+Ohj77Abr0fO23
ucZOJOK+0ynm0ju3XxkFbx8z1039WQ1ACnSJOZYDKOLERSGStkQAZIX0cKSu5U9C
cNUDSa8Xl/qOCoCO2VSyirlIeSea9mE+B/FMlFhvwJKFtuo0U3zlW+CaF9EFuCS+
tR4Jh898I5AjnBAg3QjlcjgbZltx7Fql+QkYFJyxU20RcjZXwGUINk/bNg1ZsK2i
yHoVX+OnAO4toIyO8mMokyy9JQq5p0vsuQjGUDCmEAhQwe5Wu8pCCxjUt2DOitkk
GWAsBn0HvF1YY6PY2kGP712ye2mxT6GDbghrhhdtgV8T/TTPmATQ
-----END CERTIFICATE-----
Generated at Sat Nov 16 03:10:48 2024 by rpki-client on console-fra.rpki-client.org