Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/hmKVbWsGLiv3S20ZOY-UdRDuzk0.roa
File: hmKVbWsGLiv3S20ZOY-UdRDuzk0.roa (raw, json)
Hash identifier: gOFXlbXhumB2jIj3TJobW6d7xTkMxShMztV5ffPqdtw=
Subject key identifier: 86:62:95:6D:6B:06:2E:2B:F7:4B:6D:19:39:8F:94:75:10:EE:CE:4D
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018F5A5A47272FB392AB1D728FC51830CAD4
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/hmKVbWsGLiv3S20ZOY-UdRDuzk0.roa
Signing time: Wed 08 May 2024 22:36:56 +0000
ROA not before: Wed 08 May 2024 22:36:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62163
IP address blocks: 46.161.216.0/24 maxlen: 24
46.161.217.0/24 maxlen: 24
46.161.218.0/24 maxlen: 24
46.161.219.0/24 maxlen: 24
193.56.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 08:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:5a:47:27:2f:b3:92:ab:1d:72:8f:c5:18:30:ca:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 8 22:36:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8662956d6b062e2bf74b6d19398f947510eece4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:77:17:77:ca:43:1a:42:c9:08:2d:09:5d:be:
65:56:ca:1e:cf:8d:08:52:ed:c2:98:70:5f:a8:64:
9d:09:1d:b4:a3:07:1d:b5:b5:fd:92:cd:47:c4:00:
da:25:04:75:97:1e:65:ad:a4:51:17:7c:9c:51:a3:
b2:c6:90:c6:c2:a4:06:c3:bf:27:3d:5e:20:5e:d3:
d2:bf:83:95:c6:75:f5:46:d6:8d:fa:f5:f7:e1:a9:
e5:27:4f:e4:60:90:d1:04:68:4c:36:ed:13:0a:3e:
85:5c:03:a9:e6:2c:19:7a:f1:18:30:2d:3e:a3:52:
97:e4:89:85:8e:90:e5:8a:c9:d3:1b:de:58:d4:56:
43:1e:b3:46:9e:5f:5e:de:08:c3:17:7d:69:b4:e1:
fb:08:f0:e0:f3:9c:63:e0:66:1e:a2:41:3f:64:f6:
ec:65:13:92:b0:3b:bc:49:81:0b:04:42:7c:0a:a9:
72:14:d0:36:c6:f1:a2:b9:fc:4e:3c:22:73:8e:8e:
94:3f:79:22:c6:f5:3e:96:13:0d:b2:84:db:24:81:
9e:cc:fe:8e:28:de:72:97:8c:96:38:ba:4e:cc:63:
c6:c6:29:c0:fd:36:30:65:57:f2:18:88:76:7c:53:
c8:fe:a0:fe:8c:8c:dd:f5:fd:20:e7:bc:7d:8d:61:
1c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:62:95:6D:6B:06:2E:2B:F7:4B:6D:19:39:8F:94:75:10:EE:CE:4D
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/hmKVbWsGLiv3S20ZOY-UdRDuzk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.216.0/22
193.56.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:2e:67:6a:c0:da:5e:8d:f7:12:bc:9d:54:05:af:c4:2a:00:
98:bc:39:9e:e4:af:de:e4:c8:13:09:21:39:c1:c1:c7:ce:f6:
6e:9c:44:b8:fa:53:a1:c5:79:80:97:cf:70:57:2f:70:c5:0d:
59:53:cc:79:41:18:fc:1d:67:64:d4:dc:88:d8:4a:6f:c1:25:
9b:48:11:36:3b:c2:98:c8:1c:54:69:43:1c:df:c3:06:e6:d0:
05:03:83:f5:ae:f4:0d:1a:db:f5:89:55:31:b5:16:f0:fd:48:
f7:4e:e2:27:8b:0c:7c:c0:fb:47:41:8d:f3:18:34:1f:39:03:
56:69:ea:fa:30:ab:e7:b4:2c:2a:4e:67:f9:42:d8:31:d3:08:
19:28:95:f6:b8:83:f2:7b:e8:42:6e:e6:df:30:29:5c:56:87:
96:63:54:2c:f2:6e:b0:5b:bb:3d:36:b4:91:c2:72:bd:98:0e:
ce:dc:04:bc:c9:a2:71:4f:00:4f:51:77:4e:97:20:b7:35:48:
51:c7:58:b7:5c:9f:d0:e4:f7:e1:7b:3c:35:4c:fe:b2:5b:70:
fe:40:f2:fa:5b:18:d8:e6:1d:06:6e:13:a8:3b:25:f8:63:ff:
9e:f1:9e:0a:90:0b:79:fd:75:f1:ac:22:b6:5c:b8:76:6b:19:
52:1f:91:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9aWkcnL7OSqx1yj8UYMMrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTA4MjIzNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYyOTU2ZDZiMDYyZTJiZjc0YjZkMTkzOThmOTQ3NTEwZWVjZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3cXd8pDGkLJCC0JXb5lVsoez40I
Uu3CmHBfqGSdCR20owcdtbX9ks1HxADaJQR1lx5lraRRF3ycUaOyxpDGwqQGw78n
PV4gXtPSv4OVxnX1RtaN+vX34anlJ0/kYJDRBGhMNu0TCj6FXAOp5iwZevEYMC0+
o1KX5ImFjpDlisnTG95Y1FZDHrNGnl9e3gjDF31ptOH7CPDg85xj4GYeokE/ZPbs
ZROSsDu8SYELBEJ8CqlyFNA2xvGiufxOPCJzjo6UP3kixvU+lhMNsoTbJIGezP6O
KN5yl4yWOLpOzGPGxinA/TYwZVfyGIh2fFPI/qD+jIzd9f0g57x9jWEcCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZilW1rBi4r90ttGTmPlHUQ7s5NMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvaG1LVmJXc0dMaXYzUzIwWk9ZLVVkUkR1emswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLqHYAwQA
wTjvMA0GCSqGSIb3DQEBCwUAA4IBAQBtLmdqwNpejfcSvJ1UBa/EKgCYvDme5K/e
5MgTCSE5wcHHzvZunES4+lOhxXmAl89wVy9wxQ1ZU8x5QRj8HWdk1NyI2EpvwSWb
SBE2O8KYyBxUaUMc38MG5tAFA4P1rvQNGtv1iVUxtRbw/Uj3TuIniwx8wPtHQY3z
GDQfOQNWaer6MKvntCwqTmf5Qtgx0wgZKJX2uIPye+hCbubfMClcVoeWY1Qs8m6w
W7s9NrSRwnK9mA7O3AS8yaJxTwBPUXdOlyC3NUhRx1i3XJ/Q5Pfhezw1TP6yW3D+
QPL6WxjY5h0GbhOoOyX4Y/+e8Z4KkAt5/XXxrCK2XLh2axlSH5F2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org