Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/Hfn-BB1vEiEMdHDefYl198XED7E.roa
File: Hfn-BB1vEiEMdHDefYl198XED7E.roa (raw, json)
Hash identifier: IAf28bGdYYpMDpea3VXDH4dPHIVkkHaFUmgE6m7uHw8=
Subject key identifier: 1D:F9:FE:04:1D:6F:12:21:0C:74:70:DE:7D:89:75:F7:C5:C4:0F:B1
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 01889066716C55AE652AD0006153F22D5356
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/Hfn-BB1vEiEMdHDefYl198XED7E.roa
Signing time: Tue 06 Jun 2023 11:10:12 +0000
ROA not before: Tue 06 Jun 2023 11:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44306
IP address blocks: 213.186.25.0/24 maxlen: 24
213.186.26.0/24 maxlen: 24
213.186.27.0/24 maxlen: 24
213.186.28.0/22 maxlen: 24
46.151.128.0/21 maxlen: 24
185.151.132.0/24 maxlen: 24
185.151.133.0/24 maxlen: 24
185.151.134.0/24 maxlen: 24
213.186.0.0/24 maxlen: 24
213.186.1.0/24 maxlen: 24
213.186.0.0/19 maxlen: 19
213.186.0.0/20 maxlen: 20
213.186.4.0/23 maxlen: 23
213.186.9.0/24 maxlen: 24
213.186.16.0/23 maxlen: 23
213.186.23.0/24 maxlen: 24
213.186.18.0/24 maxlen: 24
213.186.19.0/24 maxlen: 24
213.186.22.0/23 maxlen: 23
213.186.22.0/24 maxlen: 24
91.199.77.0/24 maxlen: 24
2a02:2608:fffe::/48 maxlen: 48
2a02:2608:fffe:1::/64 maxlen: 64
2a02:2608::/32 maxlen: 32
2a02:2608:1000::/48 maxlen: 48
2a02:2608:3000::/48 maxlen: 48
2a02:2608:2000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:66:71:6c:55:ae:65:2a:d0:00:61:53:f2:2d:53:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jun 6 11:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1df9fe041d6f12210c7470de7d8975f7c5c40fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:29:4d:6c:b6:4b:18:dc:69:ad:de:d5:17:1d:
6d:bd:fc:f7:27:8e:c2:67:60:e7:ec:20:11:f8:d2:
e8:91:43:87:c3:0d:d8:16:76:c7:ec:93:01:f8:de:
b8:09:4c:c1:26:9b:6b:5d:cc:dd:cb:29:4b:00:86:
b8:d4:6e:3c:52:fa:f0:1d:ee:06:79:c1:5f:f3:55:
de:e4:b6:1c:67:e8:e7:4b:a0:4a:85:c6:2e:4d:67:
f5:a8:b6:8b:4f:8f:32:c3:bc:cf:4e:08:73:43:2b:
d9:2d:0e:c5:9e:22:14:ec:72:f9:9d:c8:41:00:54:
8e:3d:7b:63:ce:ab:b3:9c:1c:2b:a3:6f:d2:75:81:
9c:bb:bb:1f:b6:0e:25:2e:15:73:c2:c9:a2:ac:5f:
41:36:c2:96:4b:e5:84:e8:4a:f2:2f:12:c9:73:87:
cc:d7:7a:f3:be:78:9f:a1:e9:2d:58:07:a5:48:38:
29:73:64:ff:51:33:e2:88:04:2b:ac:fc:f3:a9:c8:
ff:31:34:5e:b9:1f:d1:7c:73:1a:92:3a:2e:7a:da:
5e:de:a3:2a:f5:68:bd:53:b5:fe:86:5a:b8:c6:2b:
3b:71:45:d9:ce:14:15:fd:e1:82:f4:92:ea:1d:cb:
c9:7c:6b:84:7e:37:8b:6d:d4:cf:48:61:b0:9f:ac:
5f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F9:FE:04:1D:6F:12:21:0C:74:70:DE:7D:89:75:F7:C5:C4:0F:B1
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/Hfn-BB1vEiEMdHDefYl198XED7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.128.0/21
91.199.77.0/24
185.151.132.0-185.151.134.255
213.186.0.0/19
IPv6:
2a02:2608::/32
Signature Algorithm: sha256WithRSAEncryption
11:f5:16:3b:1c:f9:bd:7b:3a:3f:1c:72:9f:27:f3:a9:32:6b:
0a:27:84:5e:6b:7f:57:dc:a2:9b:11:cd:54:d6:ae:f1:ba:2a:
97:65:34:ae:7f:b4:01:3b:82:18:35:75:5d:64:a5:b9:b9:a3:
9a:58:c7:7a:56:4f:7a:6a:ac:98:28:f1:40:20:86:4f:a3:9e:
68:47:ea:77:5f:a6:ae:f7:c9:4c:fb:2b:e2:57:6c:bd:8f:29:
09:ea:b1:e5:7c:8f:71:86:c4:46:b3:c2:06:fb:fe:8a:0f:03:
f6:df:39:63:81:e3:9e:f8:ab:99:52:3c:a6:40:6f:05:fa:f9:
3e:44:df:f7:c7:58:01:b3:67:95:d9:48:89:a6:31:3b:80:62:
d6:9f:07:b5:86:b1:cc:22:e6:3f:78:03:fc:df:0c:a4:e7:7e:
28:c9:80:51:4a:a7:59:11:39:e1:11:dd:d3:cd:c6:8c:e4:f0:
7e:48:c9:71:a0:d9:c7:60:38:e5:6d:0d:a8:12:a2:45:0b:8b:
79:84:07:c9:82:3a:be:ea:9b:0a:91:5f:68:aa:23:64:68:53:
a4:55:b0:50:44:92:e6:52:da:9a:c2:5a:35:72:91:cc:48:b5:
8d:39:2a:93:b8:d9:4b:91:f3:d2:9d:67:78:23:36:46:cf:c1:
ce:d3:4a:68
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYiQZnFsVa5lKtAAYVPyLVNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjMwNjA2MTExMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY5ZmUwNDFkNmYxMjIxMGM3NDcwZGU3ZDg5NzVmN2M1YzQwZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SlNbLZLGNxprd7VFx1tvfz3J47C
Z2Dn7CAR+NLokUOHww3YFnbH7JMB+N64CUzBJptrXczdyylLAIa41G48UvrwHe4G
ecFf81Xe5LYcZ+jnS6BKhcYuTWf1qLaLT48yw7zPTghzQyvZLQ7FniIU7HL5nchB
AFSOPXtjzquznBwro2/SdYGcu7sftg4lLhVzwsmirF9BNsKWS+WE6EryLxLJc4fM
13rzvnifoektWAelSDgpc2T/UTPiiAQrrPzzqcj/MTReuR/RfHMakjouetpe3qMq
9Wi9U7X+hlq4xis7cUXZzhQV/eGC9JLqHcvJfGuEfjeLbdTPSGGwn6xfzQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFB35/gQdbxIhDHRw3n2JdffFxA+xMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvSGZuLUJCMXZFaUVNZEhEZWZZbDE5OFhFRDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLpeAAwQA
W8dNMAwDBAK5l4QDBAC5l4YDBAXVugAwDQQCAAIwBwMFACoCJggwDQYJKoZIhvcN
AQELBQADggEBABH1Fjsc+b17Oj8ccp8n86kyawonhF5rf1fcopsRzVTWrvG6Kpdl
NK5/tAE7ghg1dV1kpbm5o5pYx3pWT3pqrJgo8UAghk+jnmhH6ndfpq73yUz7K+JX
bL2PKQnqseV8j3GGxEazwgb7/ooPA/bfOWOB4574q5lSPKZAbwX6+T5E3/fHWAGz
Z5XZSImmMTuAYtafB7WGscwi5j94A/zfDKTnfijJgFFKp1kROeER3dPNxozk8H5I
yXGg2cdgOOVtDagSokULi3mEB8mCOr7qmwqRX2iqI2RoU6RVsFBEkuZS2prCWjVy
kcxItY05KpO42UuR89KdZ3gjNkbPwc7TSmg=
-----END CERTIFICATE-----
Generated at Wed Aug 30 09:53:49 2023 by rpki-client on console-fra.rpki-client.org