Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/HhYB-qHWXopIVWWySYdcY9SASfA.roa
File: HhYB-qHWXopIVWWySYdcY9SASfA.roa (raw, json)
Hash identifier: aG4x9GUzQkG4NsI7WKDOJFfhg5XUM26fq/9g4DR/334=
Subject key identifier: 1E:16:01:FA:A1:D6:5E:8A:48:55:65:B2:49:87:5C:63:D4:80:49:F0
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 01856D4ACDA4648E331BC0CEA922D4318F12
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/HhYB-qHWXopIVWWySYdcY9SASfA.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206892
IP address blocks: 95.140.32.0/24 maxlen: 24
185.199.28.0/22 maxlen: 24
95.140.38.0/23 maxlen: 24
45.95.44.0/22 maxlen: 24
194.39.44.0/22 maxlen: 24
185.161.72.0/22 maxlen: 24
94.199.179.0/24 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: Failed, certificate revoked on Mon 19 Jun 2023 07:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cd:a4:64:8e:33:1b:c0:ce:a9:22:d4:31:8f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e1601faa1d65e8a485565b249875c63d48049f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bc:70:d5:e6:d0:bc:ca:74:91:c3:a2:6c:ae:
48:81:96:17:0a:1f:6e:7a:04:84:70:9f:2e:7e:59:
95:41:26:88:46:cd:2e:c6:79:88:a7:05:c5:15:84:
0b:75:68:27:a6:be:dd:8c:15:8a:b5:ba:8d:8c:ae:
8f:4e:9f:c0:32:05:e9:e4:58:b3:ec:0c:29:cf:16:
db:5d:02:02:1a:8d:cc:8d:fe:6c:50:c5:41:02:9a:
28:a7:15:9b:5a:b1:c3:e4:0e:80:10:0d:42:76:05:
9c:c8:9f:da:ba:de:85:7d:6c:0f:b1:de:fa:24:a1:
ac:a4:90:da:26:3b:93:6f:0b:13:41:c1:8c:e0:87:
02:2d:f3:dd:18:7c:1a:cd:9d:5f:f9:1b:93:52:e9:
f9:1f:81:3b:c4:df:c8:8f:63:61:f6:2d:dc:8b:db:
44:52:31:38:67:07:41:5c:5a:24:33:fb:33:eb:ef:
9f:37:f4:08:f6:94:4e:21:50:ea:df:8c:89:ec:e4:
5b:f7:cf:b7:4a:60:97:f9:24:15:3f:27:61:cb:73:
74:1c:1f:e8:82:50:fc:e8:ee:74:39:c3:ea:57:7a:
b0:27:c9:af:fb:f3:00:c0:0c:1a:9e:10:8d:8e:e1:
9c:5b:14:95:9d:aa:70:6c:b4:88:2a:2d:f5:22:bc:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:16:01:FA:A1:D6:5E:8A:48:55:65:B2:49:87:5C:63:D4:80:49:F0
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/HhYB-qHWXopIVWWySYdcY9SASfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.179.0/24
95.140.32.0/24
95.140.38.0/23
185.161.72.0/22
185.199.28.0/22
194.39.44.0/22
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
63:0e:42:92:0a:6e:c3:18:34:30:7e:2b:e2:0c:ea:32:f9:e6:
e4:d9:97:05:79:9f:c3:06:bd:30:23:6c:0d:9a:1d:5d:b6:b4:
81:bb:cb:7d:44:07:0b:4c:04:6c:cd:64:4e:ab:63:fa:b2:ed:
fb:9d:e1:b7:57:cd:4a:db:0a:51:c1:d0:99:63:bb:33:64:5d:
47:40:da:13:cb:9b:89:c1:c5:9a:73:88:e1:b5:4c:af:b4:d4:
4a:3e:db:a4:84:9a:12:fd:96:86:e6:fc:47:3b:f5:ba:ce:06:
9f:6f:37:e4:b6:a6:a2:69:08:f1:2b:c1:7d:4c:b2:bd:d9:92:
b2:55:ae:4c:23:68:73:f8:90:bb:a2:40:5d:1e:d9:65:a8:c9:
b7:4e:a2:f6:ba:e2:87:00:ee:e2:d0:b6:64:1d:04:df:5e:66:
00:8d:32:86:f1:61:a0:cf:98:69:6e:62:3e:4c:c3:78:fc:09:
0a:c6:4f:41:aa:d9:4f:52:40:38:ab:80:c8:03:53:6d:5e:a5:
b7:46:ec:68:f1:18:bb:e7:58:8e:43:79:b0:53:a5:b4:b7:61:
57:df:85:97:8c:6b:e5:5a:b8:4b:6f:d0:6e:ce:6e:ed:a2:54:
cd:24:27:42:cf:99:31:b2:77:80:59:d2:d1:30:53:98:48:29:
2e:83:21:7c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVtSs2kZI4zG8DOqSLUMY8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE2MDFmYWExZDY1ZThhNDg1NTY1YjI0OTg3NWM2M2Q0ODA0OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bxw1ebQvMp0kcOibK5IgZYXCh9u
egSEcJ8uflmVQSaIRs0uxnmIpwXFFYQLdWgnpr7djBWKtbqNjK6PTp/AMgXp5Fiz
7AwpzxbbXQICGo3Mjf5sUMVBApoopxWbWrHD5A6AEA1CdgWcyJ/aut6FfWwPsd76
JKGspJDaJjuTbwsTQcGM4IcCLfPdGHwazZ1f+RuTUun5H4E7xN/Ij2Nh9i3ci9tE
UjE4ZwdBXFokM/sz6++fN/QI9pROIVDq34yJ7ORb98+3SmCX+SQVPydhy3N0HB/o
glD86O50OcPqV3qwJ8mv+/MAwAwanhCNjuGcWxSVnapwbLSIKi31IryYawIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFB4WAfqh1l6KSFVlskmHXGPUgEnwMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvSGhZQi1xSFdYb3BJVldXeVNZZGNZOVNBU2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLV8sAwQA
XsezAwQAX4wgAwQBX4wmAwQCuaFIAwQCucccAwQCwicsMA0EAgACMAcDBQAqB8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjDkKSCm7DGDQwfiviDOoy+ebk2ZcFeZ/DBr0w
I2wNmh1dtrSBu8t9RAcLTARszWROq2P6su37neG3V81K2wpRwdCZY7szZF1HQNoT
y5uJwcWac4jhtUyvtNRKPtukhJoS/ZaG5vxHO/W6zgafbzfktqaiaQjxK8F9TLK9
2ZKyVa5MI2hz+JC7okBdHtllqMm3TqL2uuKHAO7i0LZkHQTfXmYAjTKG8WGgz5hp
bmI+TMN4/AkKxk9BqtlPUkA4q4DIA1NtXqW3Ruxo8Ri751iOQ3mwU6W0t2FX34WX
jGvlWrhLb9Buzm7tolTNJCdCz5kxsneAWdLRMFOYSCkugyF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org