Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/hfl-NNYl-t8z6vt0VBllvoqBlNc.roa
File: hfl-NNYl-t8z6vt0VBllvoqBlNc.roa (raw, json)
Hash identifier: zLw/8L1huxA9GAa2xMBqFpXWPOO04j7v4mmD3iiYoSU=
Subject key identifier: 85:F9:7E:34:D6:25:FA:DF:33:EA:FB:74:54:19:65:BE:8A:81:94:D7
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018F4AC8118247FF121698345C7A934E16E1
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/hfl-NNYl-t8z6vt0VBllvoqBlNc.roa
Signing time: Sun 05 May 2024 22:02:56 +0000
ROA not before: Sun 05 May 2024 22:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 80.232.124.0/24 maxlen: 24
89.8.0.0/15 maxlen: 15
89.9.72.0/23 maxlen: 24
89.9.254.0/24 maxlen: 24
212.125.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 06 May 2024 00:16:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4a:c8:11:82:47:ff:12:16:98:34:5c:7a:93:4e:16:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 5 22:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85f97e34d625fadf33eafb74541965be8a8194d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d9:c9:b6:06:5a:84:45:c6:aa:28:d7:38:31:
8c:65:73:eb:0c:45:4c:7c:9f:40:ca:87:a0:64:d1:
e2:18:62:e4:0c:06:59:7d:c6:66:cb:d2:3b:b0:eb:
d4:90:bc:52:79:31:fd:50:72:e3:c6:d1:94:df:93:
a9:79:ce:61:af:06:f5:af:78:1a:f7:2b:c4:ac:86:
3f:8c:87:2e:79:be:bd:b5:9d:7d:8f:a6:e0:0f:13:
0e:38:6b:3b:f5:fe:19:5a:e0:e1:2d:fc:53:69:30:
70:01:a5:64:bf:4d:4f:d5:da:55:0d:0b:78:b2:1f:
95:b9:66:39:6d:c4:25:72:81:fd:7e:d8:ff:d7:a0:
49:5f:8f:f7:a6:63:ba:e2:cc:a5:9d:80:7f:07:f8:
fc:5c:ca:3f:4e:d2:c2:b4:70:c6:59:64:59:33:a9:
11:b9:e9:ad:54:b4:39:fb:84:69:b8:cb:58:f2:ae:
5c:84:9d:df:78:73:b9:76:5e:41:bc:25:bd:bd:09:
6d:5d:b0:5d:3a:57:f5:1a:76:51:b6:46:ea:af:42:
ef:02:69:e9:3f:bc:9c:7a:e8:57:db:1d:40:6f:60:
d0:e1:90:4e:08:8d:52:7e:d0:0a:87:4a:f8:17:b8:
18:df:9a:42:e9:11:b5:73:38:b6:fd:ea:ef:5b:80:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F9:7E:34:D6:25:FA:DF:33:EA:FB:74:54:19:65:BE:8A:81:94:D7
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/hfl-NNYl-t8z6vt0VBllvoqBlNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.232.124.0/24
89.8.0.0/15
212.125.252.0/22
Signature Algorithm: sha256WithRSAEncryption
77:10:17:5f:f9:9b:57:0e:fc:68:83:61:3d:10:ee:4e:40:49:
2d:9b:f9:8d:fa:ec:4d:e3:43:4e:9e:aa:8d:16:83:6a:2a:9f:
f8:08:bd:eb:82:71:b6:27:32:9f:90:4f:d0:44:c6:2f:a7:1f:
48:01:c9:c6:92:be:c0:41:11:85:96:f0:b0:05:e3:26:d0:e4:
43:d2:48:8f:68:58:0f:49:c0:0b:04:4f:bb:7f:a5:e3:a6:24:
b0:9d:dd:b2:23:e1:64:03:62:7e:bd:2f:19:c5:89:6d:e9:50:
08:97:22:77:4f:a8:9e:c6:e3:28:df:94:da:63:bb:bd:3d:38:
65:08:f3:e5:7b:4f:d7:6f:b4:eb:78:3d:a2:55:41:2b:b7:31:
33:63:5f:f0:dd:12:72:ed:52:b9:1e:24:78:96:ef:83:c9:6a:
e9:25:d6:66:71:0f:67:40:14:45:65:64:4e:88:5f:b7:7d:e0:
45:fa:e6:ba:bf:da:c1:d5:50:8c:46:8f:f8:70:8f:52:d5:a6:
a1:30:fc:53:52:28:6b:1e:e4:fc:d1:94:00:d0:52:ed:80:24:
06:06:e1:91:fc:99:99:91:b3:af:58:aa:09:69:1d:8a:8c:1f:
04:69:ae:11:02:09:cc:bc:56:7e:2e:05:7b:02:2c:9b:93:55:
c3:4c:17:f0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY9KyBGCR/8SFpg0XHqTThbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwNTA1MjIwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY5N2UzNGQ2MjVmYWRmMzNlYWZiNzQ1NDE5NjViZThhODE5NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tnJtgZahEXGqijXODGMZXPrDEVM
fJ9AyoegZNHiGGLkDAZZfcZmy9I7sOvUkLxSeTH9UHLjxtGU35Opec5hrwb1r3ga
9yvErIY/jIcueb69tZ19j6bgDxMOOGs79f4ZWuDhLfxTaTBwAaVkv01P1dpVDQt4
sh+VuWY5bcQlcoH9ftj/16BJX4/3pmO64sylnYB/B/j8XMo/TtLCtHDGWWRZM6kR
uemtVLQ5+4RpuMtY8q5chJ3feHO5dl5BvCW9vQltXbBdOlf1GnZRtkbqr0LvAmnp
P7yceuhX2x1Ab2DQ4ZBOCI1SftAKh0r4F7gY35pC6RG1czi2/ervW4CDDQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIX5fjTWJfrfM+r7dFQZZb6KgZTXMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvaGZsLU5OWWwtdDh6NnZ0MFZCbGx2b3FCbE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQAUOh8AwMB
WQgDBALUffwwDQYJKoZIhvcNAQELBQADggEBAHcQF1/5m1cO/GiDYT0Q7k5ASS2b
+Y367E3jQ06eqo0Wg2oqn/gIveuCcbYnMp+QT9BExi+nH0gBycaSvsBBEYWW8LAF
4ybQ5EPSSI9oWA9JwAsET7t/peOmJLCd3bIj4WQDYn69LxnFiW3pUAiXIndPqJ7G
4yjflNpju709OGUI8+V7T9dvtOt4PaJVQSu3MTNjX/DdEnLtUrkeJHiW74PJaukl
1mZxD2dAFEVlZE6IX7d94EX65rq/2sHVUIxGj/hwj1LVpqEw/FNSKGse5PzRlADQ
Uu2AJAYG4ZH8mZmRs69YqglpHYqMHwRprhECCcy8Vn4uBXsCLJuTVcNMF/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org