Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HBWvbHPJVBHusFhAqDoZkDYvuFs.roa
File: HBWvbHPJVBHusFhAqDoZkDYvuFs.roa (raw, json)
Hash identifier: gVLLqAquKVN3MuhWM4SYepslyhRC0YTuiJGmJzkY+Og=
Subject key identifier: 1C:15:AF:6C:73:C9:54:11:EE:B0:58:40:A8:3A:19:90:36:2F:B8:5B
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AEF59F14FE58CBA663BCD6A341ECE
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HBWvbHPJVBHusFhAqDoZkDYvuFs.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59677
IP address blocks: 85.121.4.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ef:59:f1:4f:e5:8c:ba:66:3b:cd:6a:34:1e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c15af6c73c95411eeb05840a83a1990362fb85b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:4d:4e:91:25:49:8b:c9:5e:a6:bb:6d:dc:
f1:f0:45:d0:75:d0:86:dc:85:49:f3:c9:a8:e4:3a:
16:d2:00:1d:dd:09:c4:0f:ae:c0:88:92:cf:ed:ef:
c4:d6:22:53:f9:c8:e5:a4:cd:ae:73:69:15:72:f0:
dc:fb:dd:b6:3c:10:02:03:69:db:53:70:8a:e1:5c:
9c:e1:91:a5:e6:1f:d7:07:d9:07:bc:1a:cd:0f:4a:
d5:52:bc:af:61:0a:f3:b7:8d:24:6d:ad:f3:6c:68:
69:29:97:86:fb:4e:f0:08:d9:10:45:6b:6d:07:e2:
b5:e2:f6:6b:92:ed:9b:98:63:e2:78:6d:4e:9e:3d:
fc:ad:30:fc:98:ba:21:76:8f:99:e3:6d:c8:43:e3:
3e:ed:df:3d:23:b8:d6:d7:e5:21:df:b1:7c:d8:81:
7c:08:85:80:88:d5:61:12:bc:79:d9:0d:74:23:6e:
99:8e:16:14:af:70:44:e0:b5:d0:38:5d:14:2e:30:
b5:93:a0:30:9b:e7:11:e3:02:a3:fb:46:ae:4a:b5:
60:4e:e2:b1:01:6f:6b:ab:c6:b3:b1:34:e1:4a:37:
e7:c0:1b:6d:73:c5:b1:e3:f3:a4:63:e5:7b:ee:8a:
e9:ff:56:ec:d5:c6:42:44:50:e5:4f:be:6a:10:ef:
15:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:15:AF:6C:73:C9:54:11:EE:B0:58:40:A8:3A:19:90:36:2F:B8:5B
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HBWvbHPJVBHusFhAqDoZkDYvuFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.4.0/23
Signature Algorithm: sha256WithRSAEncryption
90:e0:6a:74:13:70:92:40:aa:94:7c:d9:e3:43:90:64:2a:e4:
73:13:83:35:2f:f6:bf:5b:78:0a:30:71:05:57:85:35:00:1c:
19:ea:03:b8:c8:f4:9a:81:12:98:04:d0:1c:8a:69:10:e0:dd:
d7:9d:be:b5:b4:09:f4:f8:f5:f3:cc:33:e3:c3:bf:a5:04:e4:
bd:09:b7:a3:19:68:cc:3e:2b:ec:d5:e8:21:23:6f:30:e2:9f:
a2:fe:ac:b8:87:5c:93:e3:c4:a6:b4:54:c2:64:7e:e4:f4:d1:
53:37:a0:f4:5b:48:87:a3:81:e1:9a:d1:e7:ff:68:34:46:e8:
d4:d6:4d:76:4b:6e:f2:21:54:2f:d8:21:88:60:73:63:7d:fc:
fb:0b:57:1a:c6:8c:bf:9f:5d:41:1b:75:af:03:10:18:b2:16:
22:3d:de:5e:f3:f3:ed:de:34:86:de:d0:91:18:6d:9b:2b:77:
28:dc:19:e5:6c:cb:98:e9:4b:ea:74:6d:f2:21:62:93:1a:c3:
5c:58:10:86:7e:71:e6:30:9e:51:38:15:34:a5:f9:b2:05:01:
84:7f:e6:ce:31:c3:54:ef:0e:7e:4c:8d:02:3a:4c:75:51:8f:
9e:e8:b4:63:68:7a:b4:05:84:02:f0:db:92:37:b9:9e:a7:99:
e4:b0:fb:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSu9Z8U/ljLpmO81qNB7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE1YWY2YzczYzk1NDExZWViMDU4NDBhODNhMTk5MDM2MmZiODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn5NTpElSYvJXqa7bdzx8EXQddCG
3IVJ88mo5DoW0gAd3QnED67AiJLP7e/E1iJT+cjlpM2uc2kVcvDc+922PBACA2nb
U3CK4Vyc4ZGl5h/XB9kHvBrND0rVUryvYQrzt40kba3zbGhpKZeG+07wCNkQRWtt
B+K14vZrku2bmGPieG1Onj38rTD8mLohdo+Z423IQ+M+7d89I7jW1+Uh37F82IF8
CIWAiNVhErx52Q10I26ZjhYUr3BE4LXQOF0ULjC1k6Awm+cR4wKj+0auSrVgTuKx
AW9rq8azsTThSjfnwBttc8Wx4/OkY+V77orp/1bs1cZCRFDlT75qEO8VFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwVr2xzyVQR7rBYQKg6GZA2L7hbMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSEJXdmJIUEpWQkh1c0ZoQXFEb1prRFl2dUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXkEMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ4Gp0E3CSQKqUfNnjQ5BkKuRzE4M1L/a/W3gKMHEF
V4U1ABwZ6gO4yPSagRKYBNAcimkQ4N3Xnb61tAn0+PXzzDPjw7+lBOS9CbejGWjM
Pivs1eghI28w4p+i/qy4h1yT48SmtFTCZH7k9NFTN6D0W0iHo4HhmtHn/2g0RujU
1k12S27yIVQv2CGIYHNjffz7C1caxoy/n11BG3WvAxAYshYiPd5e8/Pt3jSG3tCR
GG2bK3co3BnlbMuY6UvqdG3yIWKTGsNcWBCGfnHmMJ5ROBU0pfmyBQGEf+bOMcNU
7w5+TI0COkx1UY+e6LRjaHq0BYQC8NuSN7mep5nksPsV
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:12 2025 by rpki-client