Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/HAGSRGxGvpHvO5Z5Ok6yrNJVnaM.roa
File: HAGSRGxGvpHvO5Z5Ok6yrNJVnaM.roa (raw, json)
Hash identifier: FFc0HW0AL13+FOhcTA2uUcK1UVGUYI5Ir7y3rMt3+X0=
Subject key identifier: 1C:01:92:44:6C:46:BE:91:EF:3B:96:79:3A:4E:B2:AC:D2:55:9D:A3
Certificate issuer: /CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Certificate serial: 018CC6B7824675A593B1790903A2644B5C6F
Authority key identifier: 6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/HAGSRGxGvpHvO5Z5Ok6yrNJVnaM.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8437
IP address blocks: 194.242.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 06:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:82:46:75:a5:93:b1:79:09:03:a2:64:4b:5c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c0192446c46be91ef3b96793a4eb2acd2559da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a2:8c:45:9d:f1:de:82:b9:f3:3c:bc:a4:49:
e8:d8:00:89:42:9c:51:8f:ad:3c:fa:7a:8c:cd:49:
86:18:c1:de:40:1f:73:a6:0c:cf:cd:5e:3f:90:b1:
ab:b3:8d:c0:79:90:df:2b:60:bb:e4:40:82:87:87:
93:57:56:74:ae:b5:43:40:86:25:20:61:88:42:86:
13:fe:d7:f0:39:d9:12:6a:27:40:f0:7d:94:17:c4:
3b:d3:49:9d:08:e6:b6:cf:a9:e6:56:8c:61:c6:d3:
d2:d9:04:bb:5b:37:ef:81:89:bc:57:fb:be:f8:68:
72:3e:a2:69:4c:ed:49:d7:1c:3b:50:ca:65:cf:46:
8a:9f:f2:63:ac:de:bb:6c:8d:bd:6f:44:9c:7a:55:
eb:b8:3a:b9:c3:82:b2:b2:33:93:54:d7:8c:42:28:
9b:11:33:32:88:db:97:23:ac:38:83:14:6c:59:12:
8e:a2:4f:67:49:1a:51:df:17:74:89:59:36:ce:5c:
1e:08:39:ec:04:76:93:c1:3d:5f:53:e2:ce:c9:ac:
5e:93:90:5e:d6:2d:69:be:7e:54:29:30:be:d0:35:
0b:c3:40:83:3a:a8:b4:8c:22:34:69:33:d3:a7:13:
43:4c:08:56:8a:19:4c:b0:6f:c0:24:6e:4e:71:91:
ad:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:01:92:44:6C:46:BE:91:EF:3B:96:79:3A:4E:B2:AC:D2:55:9D:A3
X509v3 Authority Key Identifier:
keyid:6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/HAGSRGxGvpHvO5Z5Ok6yrNJVnaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/bE5-r-L_qpDK6UdoAwNNttp8Ehk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.35.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:38:39:67:0c:1e:eb:31:fd:28:74:4e:0f:f8:8a:a2:22:a4:
b0:69:59:95:f4:0e:cb:ab:1a:ab:a9:49:cd:e1:4d:6d:cc:5e:
d1:52:26:2c:d2:1c:a0:83:2f:4d:60:37:b6:0a:04:9d:d3:eb:
61:51:e6:16:14:b8:46:af:b6:69:88:ab:67:ac:c6:5a:e3:48:
8e:08:d7:ec:95:ab:f2:c7:1a:3b:58:2b:79:93:08:93:08:52:
96:3e:df:56:7a:10:b5:eb:29:53:f9:ed:9c:e6:e0:c4:15:ee:
4c:01:ad:3d:5c:9a:c4:c0:98:0d:7c:7b:c3:8b:f9:d2:86:39:
53:f5:55:6a:74:c6:39:ab:d9:bf:22:0c:73:1a:23:17:91:29:
2f:df:70:96:eb:da:5b:0b:49:04:93:84:97:33:ae:31:5e:52:
28:7a:1d:53:40:41:b8:52:f4:c6:71:3f:a8:79:64:3c:de:c4:
03:ce:8d:20:f5:a7:0a:06:91:14:5e:a1:f1:66:72:37:4f:47:
fc:62:b8:3d:9b:7b:f7:86:4e:b0:a6:43:5d:ec:9f:93:aa:dc:
53:62:da:42:b2:f9:6f:4a:d0:5c:90:7e:60:c0:87:cf:3d:4a:
1c:72:72:e5:4e:40:67:02:d6:b7:2c:4a:d3:30:16:e8:d8:10:
b8:34:54:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4JGdaWTsXkJA6JkS1xvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGU3ZWFmZTJmZmFhOTBjYWU5NDc2ODAzMDM0ZGI2ZGE3
YzEyMTkwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAxOTI0NDZjNDZiZTkxZWYzYjk2NzkzYTRlYjJhY2QyNTU5ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqKMRZ3x3oK58zy8pEno2ACJQpxR
j608+nqMzUmGGMHeQB9zpgzPzV4/kLGrs43AeZDfK2C75ECCh4eTV1Z0rrVDQIYl
IGGIQoYT/tfwOdkSaidA8H2UF8Q700mdCOa2z6nmVoxhxtPS2QS7WzfvgYm8V/u+
+GhyPqJpTO1J1xw7UMplz0aKn/JjrN67bI29b0ScelXruDq5w4KysjOTVNeMQiib
ETMyiNuXI6w4gxRsWRKOok9nSRpR3xd0iVk2zlweCDnsBHaTwT1fU+LOyaxek5Be
1i1pvn5UKTC+0DULw0CDOqi0jCI0aTPTpxNDTAhWihlMsG/AJG5OcZGtsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwBkkRsRr6R7zuWeTpOsqzSVZ2jMB8GA1UdIwQY
MBaAFGxOfq/i/6qQyulHaAMDTbbafBIZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkU1LXItTF9xcERLNlVkb0F3Tk50dHA4RWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zZGVhZTQtNzIwZC00ZWFlLWIzZDkt
YjIxZGQzZjY4YWJhLzEvSEFHU1JHeEd2cEh2TzVaNU9rNnlyTkpWbmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zZGVhZTQtNzIwZC00ZWFlLWIzZDktYjIxZGQzZjY4YWJh
LzEvYkU1LXItTF9xcERLNlVkb0F3Tk50dHA4RWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvIjMA0G
CSqGSIb3DQEBCwUAA4IBAQC7ODlnDB7rMf0odE4P+IqiIqSwaVmV9A7LqxqrqUnN
4U1tzF7RUiYs0hyggy9NYDe2CgSd0+thUeYWFLhGr7ZpiKtnrMZa40iOCNfslavy
xxo7WCt5kwiTCFKWPt9WehC16ylT+e2c5uDEFe5MAa09XJrEwJgNfHvDi/nShjlT
9VVqdMY5q9m/IgxzGiMXkSkv33CW69pbC0kEk4SXM64xXlIoeh1TQEG4UvTGcT+o
eWQ83sQDzo0g9acKBpEUXqHxZnI3T0f8Yrg9m3v3hk6wpkNd7J+TqtxTYtpCsvlv
StBckH5gwIfPPUoccnLlTkBnAta3LErTMBbo2BC4NFTx
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:18:17 2025 by rpki-client