Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/HUZ1Rxgak4zqOL57NxPtlHsXOys.roa
File: HUZ1Rxgak4zqOL57NxPtlHsXOys.roa (raw, json)
Hash identifier: hWHEr9kq3o34FQsOVgtX93VbCQrL7mOek5IDcVXD5EM=
Subject key identifier: 1D:46:75:47:18:1A:93:8C:EA:38:BE:7B:37:13:ED:94:7B:17:3B:2B
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018DB17FD6DB46B4BDDF9CD22F2F5F7C43A7
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/HUZ1Rxgak4zqOL57NxPtlHsXOys.roa
Signing time: Fri 16 Feb 2024 10:39:21 +0000
ROA not before: Fri 16 Feb 2024 10:39:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 212.49.131.0/24 maxlen: 24
212.49.142.0/24 maxlen: 24
212.49.167.0/24 maxlen: 24
212.49.181.0/24 maxlen: 24
212.49.190.0/24 maxlen: 24
212.163.206.0/24 maxlen: 24
213.9.173.0/24 maxlen: 24
213.9.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 17:34:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:7f:d6:db:46:b4:bd:df:9c:d2:2f:2f:5f:7c:43:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Feb 16 10:39:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d467547181a938cea38be7b3713ed947b173b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:a5:f4:ee:5f:56:03:15:c6:cd:69:33:91:
6b:2a:66:93:c8:69:bd:93:c4:6e:97:52:9e:60:6e:
08:ef:4f:a5:2d:9e:f5:84:5d:9c:c7:94:7c:20:59:
f5:af:c9:db:db:be:ec:69:4b:e9:1b:6d:5c:97:63:
71:d1:15:a5:0a:ab:b7:bc:8e:0a:eb:26:b3:de:09:
ef:cd:95:c3:5a:76:dc:34:92:a5:b8:b5:9c:b3:77:
4a:2a:8e:76:c9:ca:b0:92:7f:8a:1f:03:05:9a:c2:
69:00:49:44:99:71:96:20:20:11:e3:88:9c:bb:1f:
68:dd:af:31:05:18:09:8b:57:b3:b7:3e:7c:ff:b8:
7b:5d:88:60:ab:40:da:b6:dd:5b:1a:f5:13:8b:27:
7d:af:f4:36:77:f6:e8:66:11:f5:ce:e5:45:0e:3b:
f5:2f:fc:9a:26:21:a1:25:5e:1a:ee:b7:9e:d9:da:
cb:c7:bf:34:37:3c:72:b6:d3:32:ef:97:e1:5e:cc:
e0:04:49:14:1e:8b:d0:04:59:0c:46:eb:4f:31:d6:
aa:26:92:fe:05:f5:d8:9e:bb:b5:cd:cd:54:a9:9c:
b1:f1:b9:fa:fa:cf:34:95:32:ca:e0:cf:4c:c8:47:
06:3b:fc:d0:55:52:45:ea:27:18:c9:5d:92:5e:65:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:46:75:47:18:1A:93:8C:EA:38:BE:7B:37:13:ED:94:7B:17:3B:2B
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/HUZ1Rxgak4zqOL57NxPtlHsXOys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.131.0/24
212.49.142.0/24
212.49.167.0/24
212.49.181.0/24
212.49.190.0/24
212.163.206.0/24
213.9.173.0/24
213.9.188.0/24
Signature Algorithm: sha256WithRSAEncryption
06:57:ae:0d:3b:e2:a8:36:d9:7d:80:7e:8f:b3:96:38:1b:e1:
e7:9b:f2:4f:cb:82:87:aa:81:45:68:7c:ce:58:68:ff:50:eb:
0f:70:9f:37:0e:1d:1f:a2:1d:43:87:f2:62:f6:3c:3f:17:72:
0f:ff:e0:57:e4:08:30:aa:b8:74:da:99:5d:ab:e0:03:33:81:
ba:9b:cc:51:99:b6:0c:35:da:7b:5d:45:10:32:3d:1b:f7:6b:
68:29:4c:aa:33:27:92:16:fe:b0:26:81:2a:7c:34:ff:60:dc:
8f:cf:8d:4a:79:77:7b:0f:4b:e4:e7:7a:1f:77:2d:0d:ea:d5:
b3:24:6d:0b:70:96:a0:d1:c0:c4:82:4f:19:a5:12:26:19:a1:
33:65:3d:d0:67:0a:ac:78:53:aa:d2:10:25:75:c5:d5:a9:7a:
92:99:2f:9c:4a:7b:3c:99:d6:91:15:fc:46:e9:91:70:d0:11:
8a:40:35:87:39:29:d9:93:f5:b2:19:d0:8e:5e:da:c4:0a:2e:
8b:fb:af:b2:1d:58:93:b0:90:91:73:79:f0:e1:32:e7:18:13:
0a:ea:7d:5d:3f:67:e7:13:83:2c:a2:ae:cd:e0:d0:84:0c:55:
97:01:72:2f:ab:b9:ab:24:54:1c:63:40:e3:74:4b:be:9d:22:
67:ff:f3:0f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY2xf9bbRrS935zSLy9ffEOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMjE2MTAzOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ2NzU0NzE4MWE5MzhjZWEzOGJlN2IzNzEzZWQ5NDdiMTczYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibCl9O5fVgMVxs1pM5FrKmaTyGm9
k8Rul1KeYG4I70+lLZ71hF2cx5R8IFn1r8nb277saUvpG21cl2Nx0RWlCqu3vI4K
6yaz3gnvzZXDWnbcNJKluLWcs3dKKo52ycqwkn+KHwMFmsJpAElEmXGWICAR44ic
ux9o3a8xBRgJi1eztz58/7h7XYhgq0Datt1bGvUTiyd9r/Q2d/boZhH1zuVFDjv1
L/yaJiGhJV4a7ree2drLx780NzxyttMy75fhXszgBEkUHovQBFkMRutPMdaqJpL+
BfXYnru1zc1UqZyx8bn6+s80lTLK4M9MyEcGO/zQVVJF6icYyV2SXmXV4wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB1GdUcYGpOM6ji+ezcT7ZR7FzsrMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvSFVaMVJ4Z2FrNHpxT0w1N054UHRsSHNYT3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQA1DGDAwQA
1DGOAwQA1DGnAwQA1DG1AwQA1DG+AwQA1KPOAwQA1QmtAwQA1Qm8MA0GCSqGSIb3
DQEBCwUAA4IBAQAGV64NO+KoNtl9gH6Ps5Y4G+Hnm/JPy4KHqoFFaHzOWGj/UOsP
cJ83Dh0foh1Dh/Ji9jw/F3IP/+BX5Agwqrh02pldq+ADM4G6m8xRmbYMNdp7XUUQ
Mj0b92toKUyqMyeSFv6wJoEqfDT/YNyPz41KeXd7D0vk53ofdy0N6tWzJG0LcJag
0cDEgk8ZpRImGaEzZT3QZwqseFOq0hAldcXVqXqSmS+cSns8mdaRFfxG6ZFw0BGK
QDWHOSnZk/WyGdCOXtrECi6L+6+yHViTsJCRc3nw4TLnGBMK6n1dP2fnE4Msoq7N
4NCEDFWXAXIvq7mrJFQcY0DjdEu+nSJn//MP
-----END CERTIFICATE-----
Generated at Mon May 13 19:53:46 2024 by rpki-client on console-ams.rpki-client.org