Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/HePfDyDvszY63gxn_BtT7oYX1Cw.roa
File: HePfDyDvszY63gxn_BtT7oYX1Cw.roa (raw, json)
Hash identifier: 9yS8giDOuP7eXynEuRPuekt7h7ktPimtalRNycJH5Xk=
Subject key identifier: 1D:E3:DF:0F:20:EF:B3:36:3A:DE:0C:67:FC:1B:53:EE:86:17:D4:2C
Certificate issuer: /CN=1f0f78a55a5be5c01db803f438ca611b7f150307
Certificate serial: 018F106BC252E49F2B3CDFB5C5EA38D55AA8
Authority key identifier: 1F:0F:78:A5:5A:5B:E5:C0:1D:B8:03:F4:38:CA:61:1B:7F:15:03:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hw94pVpb5cAduAP0OMphG38VAwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/HePfDyDvszY63gxn_BtT7oYX1Cw.roa
Signing time: Wed 24 Apr 2024 14:04:08 +0000
ROA not before: Wed 24 Apr 2024 14:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209653
IP address blocks: 87.120.160.0/23 maxlen: 24
87.121.16.0/23 maxlen: 24
91.220.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:6b:c2:52:e4:9f:2b:3c:df:b5:c5:ea:38:d5:5a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0f78a55a5be5c01db803f438ca611b7f150307
Validity
Not Before: Apr 24 14:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1de3df0f20efb3363ade0c67fc1b53ee8617d42c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:aa:ac:1a:93:d9:06:95:d4:32:8c:56:18:c3:
f1:e6:09:19:66:7f:d8:c4:f7:67:36:77:e8:41:5a:
d2:71:3b:30:e2:78:85:35:75:2d:94:0c:b7:d9:a2:
f9:10:0e:19:2e:53:97:81:81:c7:b1:49:6b:aa:a0:
e9:78:cc:a0:a5:84:57:ca:68:2e:5a:c9:c1:b0:4b:
93:8a:ea:bf:39:89:d2:5d:bd:89:fc:36:df:46:27:
4a:58:44:7b:ab:43:e2:6c:c4:aa:8d:94:ef:b5:5a:
b0:b1:85:60:92:50:44:27:14:e4:7b:1e:85:23:a1:
c3:de:47:d5:84:b9:bc:29:d1:58:7f:dc:e4:6f:b1:
92:a0:13:66:30:cf:4e:48:4f:42:07:af:6f:79:90:
31:49:74:ad:64:ea:0a:06:84:e4:d8:b4:5e:85:3c:
15:6d:ce:3f:3f:73:1d:8b:fe:fe:5c:8b:b3:8b:7b:
6a:24:f2:50:21:f2:cf:49:45:1a:cb:39:97:cf:61:
30:3a:3a:1e:51:22:d7:1c:82:16:42:ab:dd:2b:c6:
b7:53:dd:cb:a7:09:2d:e1:d0:99:68:bb:ef:ce:e8:
d7:d5:61:e6:59:7c:b1:0e:b9:07:c9:38:af:5a:1e:
2c:fc:53:07:36:36:67:49:5e:f9:ce:7d:17:5e:e8:
76:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E3:DF:0F:20:EF:B3:36:3A:DE:0C:67:FC:1B:53:EE:86:17:D4:2C
X509v3 Authority Key Identifier:
keyid:1F:0F:78:A5:5A:5B:E5:C0:1D:B8:03:F4:38:CA:61:1B:7F:15:03:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hw94pVpb5cAduAP0OMphG38VAwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/HePfDyDvszY63gxn_BtT7oYX1Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/a50c7c-878a-47fd-8107-79f105aef8d6/1/Hw94pVpb5cAduAP0OMphG38VAwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.160.0/23
87.121.16.0/23
91.220.30.0/24
Signature Algorithm: sha256WithRSAEncryption
51:3a:f1:15:6f:76:b4:a7:6e:b7:92:f8:2d:75:bf:9b:d0:c1:
1b:02:93:cd:db:9f:f2:8f:5a:2d:9b:0d:7e:d0:82:04:77:4a:
3f:32:76:66:cb:2b:f7:f8:09:53:11:b3:e3:76:c8:48:04:5b:
d5:4a:bb:47:9b:9d:44:5d:0b:ea:6e:bc:15:7f:9a:37:2e:70:
98:88:5b:2d:47:c5:16:ed:03:6a:8f:6a:a6:5e:39:f5:41:3c:
ec:6d:3b:b2:a4:ed:47:b4:b4:f2:cc:9d:59:ff:1e:f2:6b:e6:
90:cf:53:90:7a:86:c4:0d:62:4c:e1:fe:1f:35:1e:9c:34:e3:
69:53:77:a5:4b:12:e1:af:44:cd:91:e1:dd:38:0e:a4:8b:5f:
13:91:db:7f:71:71:91:4e:9f:58:e2:63:8f:22:21:83:e1:32:
d8:5e:4c:f8:42:01:d7:ab:b6:87:89:1c:52:12:30:a8:b4:6e:
15:1d:cb:ba:bb:44:35:07:d9:b9:9a:e1:b6:2a:b4:e9:8b:7c:
bf:45:49:8e:1a:23:f0:27:e6:05:a2:19:8b:82:ca:9b:dc:96:
01:69:58:ee:7e:dc:6b:3d:35:83:a3:59:ae:19:2a:02:1e:10:
66:e6:40:dc:47:00:42:f6:54:ab:21:3b:96:44:77:61:79:21:
89:6f:c3:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8Qa8JS5J8rPN+1xeo41VqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMGY3OGE1NWE1YmU1YzAxZGI4MDNmNDM4Y2E2MTFiN2Yx
NTAzMDcwHhcNMjQwNDI0MTQwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGUzZGYwZjIwZWZiMzM2M2FkZTBjNjdmYzFiNTNlZTg2MTdkNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqqsGpPZBpXUMoxWGMPx5gkZZn/Y
xPdnNnfoQVrScTsw4niFNXUtlAy32aL5EA4ZLlOXgYHHsUlrqqDpeMygpYRXymgu
WsnBsEuTiuq/OYnSXb2J/DbfRidKWER7q0PibMSqjZTvtVqwsYVgklBEJxTkex6F
I6HD3kfVhLm8KdFYf9zkb7GSoBNmMM9OSE9CB69veZAxSXStZOoKBoTk2LRehTwV
bc4/P3Mdi/7+XIuzi3tqJPJQIfLPSUUayzmXz2EwOjoeUSLXHIIWQqvdK8a3U93L
pwkt4dCZaLvvzujX1WHmWXyxDrkHyTivWh4s/FMHNjZnSV75zn0XXuh2GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB3j3w8g77M2Ot4MZ/wbU+6GF9QsMB8GA1UdIwQY
MBaAFB8PeKVaW+XAHbgD9DjKYRt/FQMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHc5NHBWcGI1Y0FkdUFQME9NcGhHMzhWQXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hNTBjN2MtODc4YS00N2ZkLTgxMDct
NzlmMTA1YWVmOGQ2LzEvSGVQZkR5RHZzelk2M2d4bl9CdFQ3b1lYMUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hNTBjN2MtODc4YS00N2ZkLTgxMDctNzlmMTA1YWVmOGQ2
LzEvSHc5NHBWcGI1Y0FkdUFQME9NcGhHMzhWQXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3igAwQB
V3kQAwQAW9weMA0GCSqGSIb3DQEBCwUAA4IBAQBROvEVb3a0p263kvgtdb+b0MEb
ApPN25/yj1otmw1+0IIEd0o/MnZmyyv3+AlTEbPjdshIBFvVSrtHm51EXQvqbrwV
f5o3LnCYiFstR8UW7QNqj2qmXjn1QTzsbTuypO1HtLTyzJ1Z/x7ya+aQz1OQeobE
DWJM4f4fNR6cNONpU3elSxLhr0TNkeHdOA6ki18Tkdt/cXGRTp9Y4mOPIiGD4TLY
Xkz4QgHXq7aHiRxSEjCotG4VHcu6u0Q1B9m5muG2KrTpi3y/RUmOGiPwJ+YFohmL
gsqb3JYBaVjuftxrPTWDo1muGSoCHhBm5kDcRwBC9lSrITuWRHdheSGJb8Mw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:32 2025 by rpki-client