Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HqFoKBNQeyemfqx_BnLqCbSz3XM.roa
File: HqFoKBNQeyemfqx_BnLqCbSz3XM.roa (raw, json)
Hash identifier: WBpXp+VBnudR09UTS01J0yvmpzkvsmiJP/5fQam2tU4=
Subject key identifier: 1E:A1:68:28:13:50:7B:27:A6:7E:AC:7F:06:72:EA:09:B4:B3:DD:73
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E992FA48A333DA857674186E0B228E1C2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HqFoKBNQeyemfqx_BnLqCbSz3XM.roa
Signing time: Mon 01 Apr 2024 10:23:40 +0000
ROA not before: Mon 01 Apr 2024 10:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 22:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:2f:a4:8a:33:3d:a8:57:67:41:86:e0:b2:28:e1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 1 10:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea1682813507b27a67eac7f0672ea09b4b3dd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:95:d8:d0:08:1a:8b:71:af:5d:10:1c:20:8e:
c4:ac:cd:07:34:80:63:6e:fe:04:02:4d:b7:76:12:
34:25:10:7e:60:d6:ec:97:f2:0a:54:95:bd:b7:39:
3a:6c:6c:82:a7:2d:dd:f0:72:61:8f:55:ea:24:e0:
fa:a8:e4:1c:c0:2b:0b:bc:97:f7:23:9d:bc:62:c8:
35:63:f9:e1:d3:b6:0b:2a:1e:89:3c:c7:40:36:95:
b3:09:d3:02:53:e8:45:56:69:7e:e0:5a:82:79:6d:
29:6a:06:da:fc:68:94:79:68:f5:a0:45:62:40:cc:
80:f0:cb:bc:7e:cb:61:74:b7:fd:35:72:91:2a:4a:
a0:67:d5:77:81:56:dc:db:4b:ea:e7:fd:ac:8e:27:
dc:0c:fe:8d:51:ba:dc:7b:ef:4b:31:37:11:f7:e4:
31:20:5a:81:73:fd:72:fa:e8:c0:06:01:19:1a:1e:
ce:04:dd:80:3e:fb:37:2a:d3:46:a2:a7:d6:41:14:
85:e8:54:04:22:53:db:ef:d2:62:ee:ef:27:6e:aa:
31:99:71:e4:f2:b4:3f:52:fe:a6:7c:65:1e:8b:a1:
ea:11:3b:b4:ad:93:a5:d6:e3:36:d9:80:54:57:38:
68:fa:15:70:27:99:95:a7:bf:c8:42:02:73:21:cc:
b7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:68:28:13:50:7B:27:A6:7E:AC:7F:06:72:EA:09:B4:B3:DD:73
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HqFoKBNQeyemfqx_BnLqCbSz3XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.113.0/24
45.81.115.0/24
45.132.181.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
56:c0:45:58:a2:86:d8:b4:15:19:35:85:ad:85:8c:89:12:67:
ae:cd:68:87:fd:69:10:14:96:89:f1:ae:40:fc:54:94:56:29:
66:d4:b0:fe:1d:8f:af:58:e8:c9:9e:93:c7:7d:3f:62:2b:80:
ea:ee:89:69:c9:c5:fc:c9:89:ae:de:57:1f:3c:b4:39:cb:22:
93:a2:8d:79:88:1f:4b:d1:bf:df:f6:52:e4:44:30:2f:3b:bd:
5c:53:72:55:36:99:27:31:9e:6b:d4:6d:af:d3:c1:20:07:dc:
4c:92:4b:8e:71:88:89:58:45:a3:73:24:de:57:7e:c2:53:1a:
0f:06:d8:1c:98:47:70:c0:f4:86:1e:5b:49:7c:72:5e:3a:c9:
99:5d:c3:c3:1b:c8:f1:d5:c6:d8:9b:44:0e:65:64:48:be:52:
ad:af:55:43:84:07:32:a8:5d:07:f3:97:33:fa:33:a3:dd:3e:
75:04:49:28:29:40:b4:b5:d9:47:32:65:54:3a:b8:87:e7:e3:
d0:95:07:0f:90:aa:c7:ca:3e:7c:cc:c2:a0:22:c0:b9:29:bc:
b4:6e:a6:91:c5:99:c4:52:0b:d2:4e:e0:15:c8:ca:9b:cb:89:
fc:13:6b:26:0e:77:b9:2e:4c:18:41:e7:55:2f:0f:4d:91:c1:
6e:a5:a6:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6ZL6SKMz2oV2dBhuCyKOHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDAxMTAyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExNjgyODEzNTA3YjI3YTY3ZWFjN2YwNjcyZWEwOWI0YjNkZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5XY0Agai3GvXRAcII7ErM0HNIBj
bv4EAk23dhI0JRB+YNbsl/IKVJW9tzk6bGyCpy3d8HJhj1XqJOD6qOQcwCsLvJf3
I528Ysg1Y/nh07YLKh6JPMdANpWzCdMCU+hFVml+4FqCeW0pagba/GiUeWj1oEVi
QMyA8Mu8fsthdLf9NXKRKkqgZ9V3gVbc20vq5/2sjifcDP6NUbrce+9LMTcR9+Qx
IFqBc/1y+ujABgEZGh7OBN2APvs3KtNGoqfWQRSF6FQEIlPb79Ji7u8nbqoxmXHk
8rQ/Uv6mfGUei6HqETu0rZOl1uM22YBUVzho+hVwJ5mVp7/IQgJzIcy37wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB6haCgTUHsnpn6sfwZy6gm0s91zMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSHFGb0tCTlFleWVtZnF4X0JuTHFDYlN6M1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhtAwQA
LVFxAwQALVFzAwQALYS1AwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBWwEVYoobY
tBUZNYWthYyJEmeuzWiH/WkQFJaJ8a5A/FSUVilm1LD+HY+vWOjJnpPHfT9iK4Dq
7olpycX8yYmu3lcfPLQ5yyKToo15iB9L0b/f9lLkRDAvO71cU3JVNpknMZ5r1G2v
08EgB9xMkkuOcYiJWEWjcyTeV37CUxoPBtgcmEdwwPSGHltJfHJeOsmZXcPDG8jx
1cbYm0QOZWRIvlKtr1VDhAcyqF0H85cz+jOj3T51BEkoKUC0tdlHMmVUOriH5+PQ
lQcPkKrHyj58zMKgIsC5Kby0bqaRxZnEUgvSTuAVyMqby4n8E2smDne5LkwYQedV
Lw9NkcFupabl
-----END CERTIFICATE-----
Generated at Wed Apr 17 23:07:17 2024 by rpki-client on console-ams.rpki-client.org