Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hnHrlCWMVB_8It_hAxkJfRev1hQ.roa
File: hnHrlCWMVB_8It_hAxkJfRev1hQ.roa (raw, json)
Hash identifier: FEVjpNtVuyGqgub5jCzIjaaH6WBVyfxqcqHiu6mmpL8=
Subject key identifier: 86:71:EB:94:25:8C:54:1F:FC:22:DF:E1:03:19:09:7D:17:AF:D6:14
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0191181B8E230B6549460EFA2B03BC4D7EDF
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hnHrlCWMVB_8It_hAxkJfRev1hQ.roa
Signing time: Sat 03 Aug 2024 11:59:04 +0000
ROA not before: Sat 03 Aug 2024 11:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.154.156.0/24 maxlen: 24
188.209.128.0/22 maxlen: 24
188.209.130.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Aug 2024 15:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:18:1b:8e:23:0b:65:49:46:0e:fa:2b:03:bc:4d:7e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 3 11:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8671eb94258c541ffc22dfe10319097d17afd614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:9f:f1:36:ef:3d:46:e9:6a:ce:93:c1:76:
b2:52:79:a2:82:96:51:28:da:34:69:98:10:16:cb:
ae:c5:ff:30:54:05:2d:f0:70:19:3e:8e:bf:34:4d:
53:e9:d0:43:ee:78:b3:df:49:f6:40:23:c0:36:96:
d6:79:86:ca:92:3e:17:0c:69:0b:f1:55:90:f8:7e:
39:1a:6a:4b:29:44:fa:61:08:91:c4:0c:e3:26:a0:
5f:e8:60:89:dc:f9:77:d3:08:69:6e:f9:d2:97:9f:
e0:68:af:08:e6:1e:b9:24:56:d5:7b:16:62:58:54:
c6:50:70:86:ab:99:9e:5e:c4:12:b7:ee:f6:84:c8:
b5:8d:06:17:9c:a5:e3:51:14:02:00:52:12:55:eb:
16:98:ee:4b:90:ee:04:a7:ba:fb:eb:1a:18:6d:4c:
fe:45:80:d7:21:44:71:7b:56:1f:a1:a8:21:a1:0a:
c1:45:d8:29:fd:20:24:d0:66:d7:38:0a:d3:16:13:
04:8a:72:cd:72:b4:67:bc:a9:26:fd:cc:49:82:31:
5c:74:93:85:f2:21:4c:3d:dc:2a:7d:3e:2d:47:6b:
74:88:5d:80:f5:cc:89:85:5d:6e:a4:ea:71:70:8e:
dd:bf:bc:23:e2:9a:16:01:f0:d4:fa:f7:0d:9c:4c:
59:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:71:EB:94:25:8C:54:1F:FC:22:DF:E1:03:19:09:7D:17:AF:D6:14
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hnHrlCWMVB_8It_hAxkJfRev1hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.156.0/24
188.209.128.0/21
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:2e:eb:f9:03:91:90:c7:b8:37:e8:ad:b2:5d:14:0e:46:3b:
cf:d0:03:c4:45:77:e0:b9:f3:fb:72:d5:4a:ac:0a:6c:ac:46:
ff:f4:41:61:f1:40:df:45:9a:cd:40:3a:07:99:54:43:07:b3:
11:ca:da:f9:f8:4e:3a:c9:9d:b5:d9:57:ea:5f:a5:d1:cc:6b:
37:e8:ae:62:02:fb:7e:6c:47:c8:27:38:e4:3f:ee:d3:0e:95:
61:69:b8:71:87:01:e1:82:76:7b:db:2e:f4:fc:85:7b:3a:93:
3f:66:1a:fe:42:51:11:c9:3e:4c:35:d0:3c:7a:df:fc:12:a6:
b0:9c:cc:05:86:3b:88:85:84:a7:56:84:21:98:dd:28:3c:04:
f9:cb:28:04:9f:45:64:00:b5:91:ea:c3:ee:70:67:c5:b2:8e:
95:e8:39:c5:17:d9:0e:28:71:b3:b5:1b:88:f1:f6:b0:90:24:
0a:7c:2a:61:13:12:15:55:44:98:b4:00:2f:28:2b:21:31:a0:
69:b1:7c:d7:d4:8c:3d:6c:29:8d:a5:08:5e:4e:80:83:5c:85:
06:fc:e9:6d:49:73:3e:f9:38:89:76:b1:ed:17:64:21:55:fa:
f0:f3:ef:a3:22:39:e9:19:a2:07:32:a7:f9:e4:f5:54:cf:ce:
79:0a:04:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEYG44jC2VJRg76KwO8TX7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODAzMTE1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcxZWI5NDI1OGM1NDFmZmMyMmRmZTEwMzE5MDk3ZDE3YWZkNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5Of8TbvPUbpas6TwXayUnmigpZR
KNo0aZgQFsuuxf8wVAUt8HAZPo6/NE1T6dBD7niz30n2QCPANpbWeYbKkj4XDGkL
8VWQ+H45GmpLKUT6YQiRxAzjJqBf6GCJ3Pl30whpbvnSl5/gaK8I5h65JFbVexZi
WFTGUHCGq5meXsQSt+72hMi1jQYXnKXjURQCAFISVesWmO5LkO4Ep7r76xoYbUz+
RYDXIURxe1YfoaghoQrBRdgp/SAk0GbXOArTFhMEinLNcrRnvKkm/cxJgjFcdJOF
8iFMPdwqfT4tR2t0iF2A9cyJhV1upOpxcI7dv7wj4poWAfDU+vcNnExZEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZx65QljFQf/CLf4QMZCX0Xr9YUMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvaG5IcmxDV01WQl84SXRfaEF4a0pmUmV2MWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZqcAwQD
vNGAAwQAwg9hMA0GCSqGSIb3DQEBCwUAA4IBAQArLuv5A5GQx7g36K2yXRQORjvP
0APERXfgufP7ctVKrApsrEb/9EFh8UDfRZrNQDoHmVRDB7MRytr5+E46yZ212Vfq
X6XRzGs36K5iAvt+bEfIJzjkP+7TDpVhabhxhwHhgnZ72y70/IV7OpM/Zhr+QlER
yT5MNdA8et/8EqawnMwFhjuIhYSnVoQhmN0oPAT5yygEn0VkALWR6sPucGfFso6V
6DnFF9kOKHGztRuI8fawkCQKfCphExIVVUSYtAAvKCshMaBpsXzX1Iw9bCmNpQhe
ToCDXIUG/OltSXM++TiJdrHtF2QhVfrw8++jIjnpGaIHMqf55PVUz855CgQF
-----END CERTIFICATE-----
Generated at Sun Aug 4 16:43:14 2024 by rpki-client on console-fra.rpki-client.org