Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/hkHt2yviQb5Lvi1rVMYZwnUOlw8.roa
File: hkHt2yviQb5Lvi1rVMYZwnUOlw8.roa (raw, json)
Hash identifier: OnF3UHPvcyH4TSnDWcOr0f5b4x9dcFIAiQmjys0kRVY=
Subject key identifier: 86:41:ED:DB:2B:E2:41:BE:4B:BE:2D:6B:54:C6:19:C2:75:0E:97:0F
Certificate issuer: /CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Certificate serial: 0188C49FC2C9194C231784C1FF975C944DEF
Authority key identifier: 4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/hkHt2yviQb5Lvi1rVMYZwnUOlw8.roa
Signing time: Fri 16 Jun 2023 14:33:04 +0000
ROA not before: Fri 16 Jun 2023 14:33:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43989
IP address blocks: 195.216.202.0/23 maxlen: 23
185.181.136.0/22 maxlen: 22
79.98.40.0/21 maxlen: 21
109.234.56.0/21 maxlen: 21
93.188.96.0/21 maxlen: 21
2a01:b600::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c4:9f:c2:c9:19:4c:23:17:84:c1:ff:97:5c:94:4d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Validity
Not Before: Jun 16 14:33:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8641eddb2be241be4bbe2d6b54c619c2750e970f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:74:30:d0:e8:e6:2c:e1:79:47:da:1c:a6:af:
82:64:aa:36:39:e8:46:6e:74:37:b2:ad:6f:8a:8e:
ae:1a:56:e3:c2:31:50:68:01:49:cd:b3:91:ce:df:
23:c5:c6:99:75:1c:1b:c6:bb:e5:7e:4b:58:93:eb:
76:d5:43:bd:b5:a2:5a:fa:f7:ff:21:ad:7f:2b:af:
50:24:0b:55:22:f7:f1:cd:a2:67:9e:59:33:4a:94:
9c:ab:43:0b:2c:54:26:b0:fe:04:45:63:25:b4:d2:
95:80:16:ef:9b:b9:51:d6:b3:ef:43:3b:24:a4:b3:
de:74:d9:58:c6:49:35:d6:e0:6e:84:df:71:c0:bd:
13:1e:12:4a:b2:eb:f1:db:b7:95:54:52:34:b6:e0:
58:58:5b:b7:90:ea:c9:4e:73:0b:3e:e0:75:fc:79:
70:4d:0a:50:f4:d7:af:e8:11:3c:42:06:0f:59:12:
fc:e1:5c:f8:34:2e:67:89:bb:5c:53:cc:b8:d4:34:
2a:78:66:e2:f3:6b:2a:42:ca:ea:db:60:db:87:dc:
6c:55:13:c0:6c:8d:99:c8:5d:23:37:9c:b8:bb:39:
f7:e8:39:5e:78:de:fa:a1:6f:e4:ae:68:b0:fe:58:
44:a8:2f:16:62:8b:4c:65:89:31:5e:74:45:11:bb:
8c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:41:ED:DB:2B:E2:41:BE:4B:BE:2D:6B:54:C6:19:C2:75:0E:97:0F
X509v3 Authority Key Identifier:
keyid:4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/hkHt2yviQb5Lvi1rVMYZwnUOlw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/S_PRgzZkK2qayK7f-_eu5uXmKfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.40.0/21
93.188.96.0/21
109.234.56.0/21
185.181.136.0/22
195.216.202.0/23
IPv6:
2a01:b600::/32
Signature Algorithm: sha256WithRSAEncryption
54:19:dd:ce:a1:4f:e9:d0:8a:e7:f0:4d:51:0a:55:81:54:b2:
7b:7b:ea:86:e5:05:b4:bf:62:dd:d1:6e:cc:07:1c:ba:94:f0:
ed:32:40:e8:0d:a8:07:c0:d1:d8:ea:9e:ec:ad:87:d1:43:a2:
9b:ea:50:5f:14:f2:3b:d0:70:9d:20:14:a1:61:d3:5c:35:7c:
1d:d5:63:45:aa:3b:99:c6:dd:2b:29:f5:65:8c:9a:ab:b2:7e:
48:41:87:84:c4:e0:67:53:a6:87:14:4a:b5:0d:41:73:80:2f:
3f:d6:80:4e:29:dc:a7:4c:22:7e:f7:18:7a:40:60:12:38:bd:
ef:73:0d:a4:e7:0f:e0:f7:ec:62:8d:0f:26:79:9e:0e:95:23:
0c:8b:25:08:79:62:89:d1:b8:0e:6a:0a:3b:60:16:4d:61:70:
9d:aa:5a:04:34:f5:ce:2f:e3:49:8a:da:e7:f2:13:17:e2:8e:
75:c1:1c:ba:c2:8f:95:7a:20:73:21:13:f4:37:71:d9:43:4a:
42:09:c1:9d:8e:fe:07:b3:ab:3e:19:5b:15:6b:17:c4:af:64:
4d:74:94:6e:05:33:dd:f0:71:f4:2a:80:54:e6:d1:71:1f:f9:
a2:9a:34:04:c6:a6:ee:43:36:87:16:bb:45:30:6b:4c:08:3d:
67:a1:14:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYjEn8LJGUwjF4TB/5dclE3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjNkMTgzMzY2NDJiNmE5YWM4YWVkZmZiZjdhZWU2ZTVl
NjI5ZjQwHhcNMjMwNjE2MTQzMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQxZWRkYjJiZTI0MWJlNGJiZTJkNmI1NGM2MTljMjc1MGU5NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Qw0OjmLOF5R9ocpq+CZKo2OehG
bnQ3sq1vio6uGlbjwjFQaAFJzbORzt8jxcaZdRwbxrvlfktYk+t21UO9taJa+vf/
Ia1/K69QJAtVIvfxzaJnnlkzSpScq0MLLFQmsP4ERWMltNKVgBbvm7lR1rPvQzsk
pLPedNlYxkk11uBuhN9xwL0THhJKsuvx27eVVFI0tuBYWFu3kOrJTnMLPuB1/Hlw
TQpQ9Nev6BE8QgYPWRL84Vz4NC5nibtcU8y41DQqeGbi82sqQsrq22Dbh9xsVRPA
bI2ZyF0jN5y4uzn36DleeN76oW/krmiw/lhEqC8WYotMZYkxXnRFEbuMDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIZB7dsr4kG+S74ta1TGGcJ1DpcPMB8GA1UdIwQY
MBaAFEvz0YM2ZCtqmsiu3/v3rubl5in0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQt
MGRhMzAwYzdjNjNkLzEvaGtIdDJ5dmlRYjVMdmkxclZNWVp3blVPbHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQtMGRhMzAwYzdjNjNk
LzEvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDT2IoAwQD
XbxgAwQDbeo4AwQCubWIAwQBw9jKMA0EAgACMAcDBQAqAbYAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUGd3OoU/p0Irn8E1RClWBVLJ7e+qG5QW0v2Ld0W7MBxy6lPDtMkDo
DagHwNHY6p7srYfRQ6Kb6lBfFPI70HCdIBShYdNcNXwd1WNFqjuZxt0rKfVljJqr
sn5IQYeExOBnU6aHFEq1DUFzgC8/1oBOKdynTCJ+9xh6QGASOL3vcw2k5w/g9+xi
jQ8meZ4OlSMMiyUIeWKJ0bgOago7YBZNYXCdqloENPXOL+NJitrn8hMX4o51wRy6
wo+VeiBzIRP0N3HZQ0pCCcGdjv4Hs6s+GVsVaxfEr2RNdJRuBTPd8HH0KoBU5tFx
H/mimjQExqbuQzaHFrtFMGtMCD1noRTy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:46 2024 by rpki-client on console-ams.rpki-client.org