Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Hvks36IPWq9baar1bQgdxN0hEKE.roa
File: Hvks36IPWq9baar1bQgdxN0hEKE.roa (raw, json)
Hash identifier: 3lNAeGCTvJW/Hv9nbcQQeWYppBCAVrypq2DlfxJ3Yn4=
Subject key identifier: 1E:F9:2C:DF:A2:0F:5A:AF:5B:69:AA:F5:6D:08:1D:C4:DD:21:10:A1
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018CC86F409181E7E7131180314B1E9E54E5
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Hvks36IPWq9baar1bQgdxN0hEKE.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
136.242.128.0/17 maxlen: 24
165.171.0.0/17 maxlen: 24
163.120.128.0/17 maxlen: 24
148.139.0.0/16 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 16:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:40:91:81:e7:e7:13:11:80:31:4b:1e:9e:54:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ef92cdfa20f5aaf5b69aaf56d081dc4dd2110a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0b:c1:e5:68:6e:d1:50:5d:05:59:fe:02:fe:
74:97:f6:86:18:d4:d0:b5:2d:b7:f3:1a:3d:a6:33:
2d:15:38:26:f9:ef:e1:5c:93:02:f6:8e:b4:ee:99:
fd:3a:4b:06:75:cb:24:ab:10:08:fb:51:4e:08:dc:
76:34:5a:e7:fd:7b:dd:56:5f:f1:0f:89:eb:22:1f:
d7:ea:8c:5b:a4:1d:a4:07:00:2c:46:12:a8:b3:0e:
19:de:91:43:78:cf:32:a5:0f:ac:f8:dd:31:22:50:
68:b4:38:ee:78:a1:ee:ed:a8:27:0b:3c:f2:c9:2f:
95:bb:9b:af:93:4c:1b:36:f8:17:57:e9:31:35:d6:
19:36:5a:7c:6c:61:05:7a:84:d7:3b:0e:3b:2c:43:
41:9a:07:fe:34:f9:98:cc:eb:73:aa:73:3a:3b:6a:
2a:bd:09:d4:d5:cd:23:7b:5d:e0:ea:c9:91:b2:42:
e2:f7:4e:4d:9b:a5:4b:f1:46:f5:f8:8a:87:7c:c5:
fa:e9:d2:3f:b9:13:f8:6a:de:c2:c6:ba:92:42:3b:
3c:ed:d0:ca:a6:e1:d8:69:86:78:9b:38:71:9e:00:
36:65:4d:fd:ec:16:69:ca:ea:b8:79:a9:02:78:bb:
85:93:3f:7e:5f:0e:35:7e:6e:8f:93:fd:1d:c1:c7:
ab:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F9:2C:DF:A2:0F:5A:AF:5B:69:AA:F5:6D:08:1D:C4:DD:21:10:A1
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Hvks36IPWq9baar1bQgdxN0hEKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:b7:46:70:ff:08:12:9d:65:ad:27:21:88:12:8b:4b:e8:01:
47:52:be:30:6a:1a:d5:61:59:ed:15:33:f7:51:78:0b:5a:13:
27:e5:b5:fa:e3:e7:7f:e2:3a:47:19:df:89:74:0b:c1:32:6d:
2d:85:a1:02:8b:1e:e0:cb:ee:7e:f2:2e:1a:a8:f9:2f:b4:13:
6d:3e:80:e5:4a:6d:8f:20:2c:01:80:19:73:3a:e2:a0:3b:73:
48:b9:2b:44:16:bc:e3:29:72:9e:fc:a7:10:95:03:df:bd:e2:
36:ee:84:27:cc:c2:87:85:2d:c1:92:1f:2d:e3:3e:53:6f:5b:
f4:d9:04:0e:7d:4d:75:df:b1:89:18:6a:95:b0:ce:7a:c3:aa:
d2:d9:fc:58:e8:f7:36:3d:44:9a:7f:35:20:10:82:ae:4c:41:
e6:fa:b0:9a:c4:ad:38:69:57:99:98:44:cb:3d:f9:88:47:b5:
73:c9:5b:51:69:76:99:76:3f:71:f2:31:3d:8d:f6:60:30:04:
5c:30:03:6d:1c:16:6a:f0:53:81:26:04:45:82:eb:7d:bc:cd:
20:90:d0:86:e0:2a:15:7b:26:2a:89:8e:b6:98:1f:ed:6e:53:
bf:b5:f7:22:89:9c:e0:4b:17:6a:10:0a:09:5f:3f:44:26:42:
5d:ec:24:23
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzIb0CRgefnExGAMUsenlTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWY5MmNkZmEyMGY1YWFmNWI2OWFhZjU2ZDA4MWRjNGRkMjExMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAvB5Whu0VBdBVn+Av50l/aGGNTQ
tS238xo9pjMtFTgm+e/hXJMC9o607pn9OksGdcskqxAI+1FOCNx2NFrn/XvdVl/x
D4nrIh/X6oxbpB2kBwAsRhKosw4Z3pFDeM8ypQ+s+N0xIlBotDjueKHu7agnCzzy
yS+Vu5uvk0wbNvgXV+kxNdYZNlp8bGEFeoTXOw47LENBmgf+NPmYzOtzqnM6O2oq
vQnU1c0je13g6smRskLi905Nm6VL8Ub1+IqHfMX66dI/uRP4at7CxrqSQjs87dDK
puHYaYZ4mzhxngA2ZU397BZpyuq4eakCeLuFkz9+Xw41fm6Pk/0dwcervwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFB75LN+iD1qvW2mq9W0IHcTdIRChMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvSHZrczM2SVBXcTliYWFyMWJRZ2R4TjBoRUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAejeIADBAelqwAwDQQCAAIwBwMFAyoEN8AwDQYJKoZI
hvcNAQELBQADggEBAJq3RnD/CBKdZa0nIYgSi0voAUdSvjBqGtVhWe0VM/dReAta
Eyfltfrj53/iOkcZ34l0C8EybS2FoQKLHuDL7n7yLhqo+S+0E20+gOVKbY8gLAGA
GXM64qA7c0i5K0QWvOMpcp78pxCVA9+94jbuhCfMwoeFLcGSHy3jPlNvW/TZBA59
TXXfsYkYapWwznrDqtLZ/Fjo9zY9RJp/NSAQgq5MQeb6sJrErThpV5mYRMs9+YhH
tXPJW1Fpdpl2P3HyMT2N9mAwBFwwA20cFmrwU4EmBEWC6328zSCQ0IbgKhV7JiqJ
jraYH+1uU7+19yKJnOBLF2oQCglfP0QmQl3sJCM=
-----END CERTIFICATE-----
Generated at Wed Jan 31 20:20:27 2024 by rpki-client on console-fra.rpki-client.org