Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HqBXiQvLhVJ4b5ffpd0LWVhTITQ.roa
File: HqBXiQvLhVJ4b5ffpd0LWVhTITQ.roa (raw, json)
Hash identifier: wzmmdAk3bJupMeYxiP0OtgQH2sNFSw2DIIxxboAeCfA=
Subject key identifier: 1E:A0:57:89:0B:CB:85:52:78:6F:97:DF:A5:DD:0B:59:58:53:21:34
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01917435AB64D47E847F734E2BE4E5573812
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HqBXiQvLhVJ4b5ffpd0LWVhTITQ.roa
Signing time: Wed 21 Aug 2024 09:12:39 +0000
ROA not before: Wed 21 Aug 2024 09:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 91.226.59.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 08:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:35:ab:64:d4:7e:84:7f:73:4e:2b:e4:e5:57:38:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 21 09:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea057890bcb8552786f97dfa5dd0b5958532134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:1f:e7:c9:53:98:5c:5a:85:21:7d:91:f6:
0d:99:f9:5d:75:04:76:ca:59:f0:e5:4c:5c:e1:27:
e4:16:41:00:a4:57:7d:a5:72:a6:81:0f:16:13:7b:
1d:37:c5:5a:eb:de:23:e9:51:1a:88:d8:b0:f9:54:
0c:cb:f0:21:42:27:ef:c4:ce:46:6f:4b:12:36:95:
a9:37:d2:83:43:03:d0:b3:30:85:35:07:30:a4:24:
d7:6b:85:e9:4b:f8:0f:15:87:63:32:f4:93:3e:d2:
79:14:62:97:2b:7b:18:91:62:51:d4:59:d4:fa:b6:
06:98:69:64:31:3a:a4:66:3e:da:e8:a5:01:5e:8b:
41:01:b9:01:37:8b:d2:a8:14:27:13:60:ac:6d:36:
ba:a2:91:f8:37:29:ba:e0:41:b4:84:75:68:f5:27:
9a:45:de:d7:d4:2e:78:eb:1c:f3:bc:b2:4a:a7:c3:
1c:25:15:0c:74:1d:9f:41:e3:d2:87:97:fb:28:ea:
62:b3:26:22:9b:56:c0:19:e8:be:09:b1:fb:ea:68:
7d:ea:73:a2:d9:8f:c2:47:82:0f:3f:14:e6:c6:3d:
d2:bc:47:5a:e8:ae:88:e9:19:53:be:a5:0b:0e:91:
b5:74:7f:16:81:2f:30:3a:b4:ea:db:27:2c:80:6a:
00:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A0:57:89:0B:CB:85:52:78:6F:97:DF:A5:DD:0B:59:58:53:21:34
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HqBXiQvLhVJ4b5ffpd0LWVhTITQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.59.0/24
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:40:d6:ef:46:3e:13:26:45:25:b4:4d:a6:e6:46:69:1d:4b:
b0:a7:8a:7a:3f:27:bf:4d:4d:e2:56:76:b3:77:a5:cc:a0:3b:
71:23:42:eb:bc:9b:8c:71:bd:66:99:2e:5e:0f:98:4d:16:83:
7c:2b:e3:29:ef:1b:5b:f6:21:4b:69:f8:47:66:27:70:3e:61:
85:9b:d3:2a:97:50:1c:d5:7a:d2:ce:c7:8c:48:c7:9d:fb:35:
91:a0:12:b1:e6:0d:f0:aa:52:de:6e:51:41:9f:32:c2:de:c9:
9d:3c:d0:1b:49:08:0c:e8:a6:91:26:cb:e3:13:d8:ad:77:ac:
52:17:20:d5:96:9c:38:fc:81:a5:c8:36:bf:58:53:dd:86:01:
b4:68:16:21:14:02:7b:78:c0:66:e5:c6:b4:e1:56:88:08:dd:
a3:e4:7e:be:1d:ac:eb:ac:38:23:30:4c:10:81:c6:e1:8e:24:
63:6d:7a:16:0e:32:5d:f4:88:d3:0d:7c:14:47:c6:7e:14:9d:
dd:59:46:58:7c:33:71:6a:18:53:b6:24:97:34:4f:5a:d4:4d:
98:2f:b3:bc:59:cd:b7:06:2f:40:d5:b0:ce:48:87:c2:ef:00:
8c:c8:d9:d3:96:f7:89:d0:30:3f:3f:da:8d:9a:2f:88:b2:a3:
d5:98:20:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF0Natk1H6Ef3NOK+TlVzgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwODIxMDkxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWEwNTc4OTBiY2I4NTUyNzg2Zjk3ZGZhNWRkMGI1OTU4NTMyMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibAf58lTmFxahSF9kfYNmflddQR2
ylnw5Uxc4SfkFkEApFd9pXKmgQ8WE3sdN8Va694j6VEaiNiw+VQMy/AhQifvxM5G
b0sSNpWpN9KDQwPQszCFNQcwpCTXa4XpS/gPFYdjMvSTPtJ5FGKXK3sYkWJR1FnU
+rYGmGlkMTqkZj7a6KUBXotBAbkBN4vSqBQnE2CsbTa6opH4Nym64EG0hHVo9Sea
Rd7X1C546xzzvLJKp8McJRUMdB2fQePSh5f7KOpisyYim1bAGei+CbH76mh96nOi
2Y/CR4IPPxTmxj3SvEda6K6I6RlTvqULDpG1dH8WgS8wOrTq2ycsgGoAIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6gV4kLy4VSeG+X36XdC1lYUyE0MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSHFCWGlRdkxoVko0YjVmZnBkMExXVmhUSVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+I7AwQA
bXorMA0GCSqGSIb3DQEBCwUAA4IBAQB6QNbvRj4TJkUltE2m5kZpHUuwp4p6Pye/
TU3iVnazd6XMoDtxI0LrvJuMcb1mmS5eD5hNFoN8K+Mp7xtb9iFLafhHZidwPmGF
m9Mql1Ac1XrSzseMSMed+zWRoBKx5g3wqlLeblFBnzLC3smdPNAbSQgM6KaRJsvj
E9itd6xSFyDVlpw4/IGlyDa/WFPdhgG0aBYhFAJ7eMBm5ca04VaICN2j5H6+Hazr
rDgjMEwQgcbhjiRjbXoWDjJd9IjTDXwUR8Z+FJ3dWUZYfDNxahhTtiSXNE9a1E2Y
L7O8Wc23Bi9A1bDOSIfC7wCMyNnTlveJ0DA/P9qNmi+IsqPVmCDf
-----END CERTIFICATE-----
Generated at Mon Nov 4 10:08:01 2024 by rpki-client on console-fra.rpki-client.org