Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hsjCZVvhwXNPszVW4wg5U2ZA6pk.roa
File: hsjCZVvhwXNPszVW4wg5U2ZA6pk.roa (raw, json)
Hash identifier: D3VZBo1FHvS8yyhKWwFSRX2XeP/LHinL+N6VKzwtrNc=
Subject key identifier: 86:C8:C2:65:5B:E1:C1:73:4F:B3:35:56:E3:08:39:53:66:40:EA:99
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E2E6D65B4EA8CB48755AF81C1E947E5AC
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hsjCZVvhwXNPszVW4wg5U2ZA6pk.roa
Signing time: Mon 11 Mar 2024 16:51:45 +0000
ROA not before: Mon 11 Mar 2024 16:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:6d:65:b4:ea:8c:b4:87:55:af:81:c1:e9:47:e5:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 11 16:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86c8c2655be1c1734fb33556e30839536640ea99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1a:44:1d:e9:e1:cb:f7:67:1f:f7:36:1a:9d:
f7:86:ca:f6:50:8d:43:b5:a2:30:91:13:91:37:39:
0d:fb:a2:b8:22:ce:1d:70:67:dd:f4:9b:56:98:fc:
63:d1:cc:8b:38:9b:a8:9a:52:f7:52:64:45:83:41:
00:18:af:a4:e0:2c:2c:74:6f:cc:af:4d:d6:7f:c7:
e1:fd:0d:e4:54:85:6d:88:33:42:93:78:89:4a:b7:
c8:5c:81:f3:60:bd:14:f0:c2:27:c2:9a:14:f4:b7:
4e:01:98:1c:57:dc:00:9c:bf:f2:ba:85:9e:01:32:
c7:5b:09:41:3a:e9:ea:9c:ba:2b:f0:81:d5:36:ff:
28:01:13:c1:68:b1:2c:aa:81:e2:dc:b8:67:5c:c5:
bd:34:aa:31:6c:f6:15:77:ce:48:81:d6:a5:51:1f:
b4:3a:d3:4e:a0:d0:26:49:7c:76:e3:ce:c1:89:c6:
67:25:be:f9:e3:14:63:3d:e4:5e:3e:29:43:08:90:
6f:02:a3:fc:9a:35:09:b0:d5:6b:ad:37:46:19:d3:
c2:77:c9:a7:1b:58:ed:d3:75:bb:d0:af:cc:2b:10:
92:27:60:e3:a1:b2:76:29:d5:2f:d7:bc:d9:4c:87:
4f:1e:f1:fd:27:47:dc:5b:01:1b:13:70:94:cc:43:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C8:C2:65:5B:E1:C1:73:4F:B3:35:56:E3:08:39:53:66:40:EA:99
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hsjCZVvhwXNPszVW4wg5U2ZA6pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
77:a0:2e:26:1c:62:d8:af:2d:ba:1c:9f:ed:7d:0e:fb:44:b2:
b5:3e:bd:33:32:b0:ba:f9:6b:4f:a0:5f:d1:cd:91:79:6c:63:
89:97:8a:55:54:ad:25:12:3e:2c:2c:10:07:bb:1a:3f:f1:66:
12:73:b2:79:d4:6e:56:7e:d2:fe:59:82:f4:72:f6:cc:64:d4:
94:cf:ea:62:a7:80:f1:12:61:f3:5f:86:9b:8e:0b:e8:43:f4:
b5:31:7c:11:1a:fc:89:20:62:ff:8c:bb:87:ef:a2:0b:20:4f:
19:a6:b7:c3:9b:63:6b:83:ed:94:cc:6e:be:a3:fe:22:15:ff:
29:98:0d:f6:46:6c:f5:e7:e5:c7:f3:4e:85:5a:1c:d1:48:d4:
dd:21:c2:53:51:e2:b3:7c:d1:89:a8:80:5c:2c:71:ac:29:b9:
fe:60:ba:53:59:18:19:28:12:a9:75:53:e2:35:c9:94:a2:7d:
6d:ed:af:6f:06:53:01:20:89:e9:ac:01:f8:e1:ab:1d:a7:b8:
2b:1e:e2:04:90:97:9a:0e:13:14:57:cb:a4:40:28:c6:f9:4e:
18:e8:d1:b3:52:34:e5:f2:a2:f4:89:31:cf:a4:7a:8f:91:de:
93:f7:3e:ca:f5:a5:f3:e2:02:99:db:2d:af:4a:40:bf:88:d7:
38:ac:53:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4ubWW06oy0h1WvgcHpR+WsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzExMTY1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM4YzI2NTViZTFjMTczNGZiMzM1NTZlMzA4Mzk1MzY2NDBlYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRpEHenhy/dnH/c2Gp33hsr2UI1D
taIwkRORNzkN+6K4Is4dcGfd9JtWmPxj0cyLOJuomlL3UmRFg0EAGK+k4CwsdG/M
r03Wf8fh/Q3kVIVtiDNCk3iJSrfIXIHzYL0U8MInwpoU9LdOAZgcV9wAnL/yuoWe
ATLHWwlBOunqnLor8IHVNv8oARPBaLEsqoHi3LhnXMW9NKoxbPYVd85IgdalUR+0
OtNOoNAmSXx2487BicZnJb754xRjPeRePilDCJBvAqP8mjUJsNVrrTdGGdPCd8mn
G1jt03W70K/MKxCSJ2DjobJ2KdUv17zZTIdPHvH9J0fcWwEbE3CUzENENQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIbIwmVb4cFzT7M1VuMIOVNmQOqZMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvaHNqQ1pWdmh3WE5Qc3pWVzR3ZzVVMlpBNnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQFwxogMA0GCSqGSIb3DQEBCwUAA4IBAQB3oC4mHGLY
ry26HJ/tfQ77RLK1Pr0zMrC6+WtPoF/RzZF5bGOJl4pVVK0lEj4sLBAHuxo/8WYS
c7J51G5WftL+WYL0cvbMZNSUz+pip4DxEmHzX4abjgvoQ/S1MXwRGvyJIGL/jLuH
76ILIE8ZprfDm2Nrg+2UzG6+o/4iFf8pmA32Rmz15+XH806FWhzRSNTdIcJTUeKz
fNGJqIBcLHGsKbn+YLpTWRgZKBKpdVPiNcmUon1t7a9vBlMBIInprAH44asdp7gr
HuIEkJeaDhMUV8ukQCjG+U4Y6NGzUjTl8qL0iTHPpHqPkd6T9z7K9aXz4gKZ2y2v
SkC/iNc4rFPL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org