Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/HYCQRPHvUX5gh_pa-QH6UX5mni8.roa
File: HYCQRPHvUX5gh_pa-QH6UX5mni8.roa (raw, json)
Hash identifier: YjGbwXHwD+MtmkS8KkeYYWzocFBEapJl8fNjV2KTaRo=
Subject key identifier: 1D:80:90:44:F1:EF:51:7E:60:87:FA:5A:F9:01:FA:51:7E:66:9E:2F
Certificate issuer: /CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Certificate serial: 01856B932CBA4654B7687E31FC5D074AE72F
Authority key identifier: E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/HYCQRPHvUX5gh_pa-QH6UX5mni8.roa
Signing time: Sun 01 Jan 2023 04:24:45 +0000
ROA not before: Sun 01 Jan 2023 04:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56376
IP address blocks: 130.255.96.0/24 maxlen: 24
130.255.98.0/23 maxlen: 24
130.255.97.0/24 maxlen: 24
130.255.100.0/22 maxlen: 24
46.231.37.0/24 maxlen: 24
46.231.36.0/24 maxlen: 24
46.231.32.0/22 maxlen: 24
185.62.241.0/24 maxlen: 24
185.62.242.0/24 maxlen: 24
185.62.243.0/24 maxlen: 24
46.231.38.0/23 maxlen: 24
185.62.240.0/24 maxlen: 24
185.62.240.0/22 maxlen: 22
2a03:d100::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 Feb 2023 12:13:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:2c:ba:46:54:b7:68:7e:31:fc:5d:07:4a:e7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Validity
Not Before: Jan 1 04:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d809044f1ef517e6087fa5af901fa517e669e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a1:11:56:6b:e0:da:ba:44:b1:b8:d0:eb:60:
45:fe:4b:21:b7:17:0c:8c:4b:5d:e6:f7:d4:84:53:
ec:d1:1f:34:bf:a3:28:41:aa:8c:86:d4:31:e5:a9:
44:64:c5:d9:24:01:c2:55:7a:5e:18:cf:46:11:d4:
27:ed:a5:82:41:62:74:aa:13:24:0c:c5:39:0a:4f:
93:24:2e:13:13:62:8b:fa:76:fb:06:b3:3b:c1:08:
24:5c:3d:12:16:c0:dd:5f:13:f9:66:7f:4d:b8:05:
bc:2d:e7:fe:69:54:23:e2:2a:5a:8c:90:14:73:4c:
7a:81:f4:2e:24:6e:e3:9f:44:80:22:9f:c7:e9:a5:
6f:5c:da:7c:69:a4:09:7d:a6:39:c2:73:84:c4:2d:
4d:99:ad:78:4c:94:31:20:5a:74:08:70:45:2a:36:
04:4c:31:57:5d:1e:29:29:d9:27:a9:55:92:fb:51:
2f:eb:b9:0b:31:cd:84:7b:2a:de:39:2b:dc:b2:6d:
90:14:11:c8:b8:da:9b:59:08:9e:b6:64:54:8c:3f:
43:c3:64:de:10:fd:aa:07:76:16:0a:b4:63:39:67:
1f:f5:4f:e4:20:09:80:b5:22:6c:db:11:df:68:43:
bf:2b:62:8e:72:27:3e:49:cf:b9:5d:57:03:98:81:
db:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:80:90:44:F1:EF:51:7E:60:87:FA:5A:F9:01:FA:51:7E:66:9E:2F
X509v3 Authority Key Identifier:
keyid:E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/HYCQRPHvUX5gh_pa-QH6UX5mni8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/6PQJAqAD2P5vfHdC60fXC1Ct4DY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.32.0/21
130.255.96.0/21
185.62.240.0/22
IPv6:
2a03:d100::/32
Signature Algorithm: sha256WithRSAEncryption
5c:51:eb:db:61:7a:20:27:5b:22:1c:e0:f0:2a:f9:a5:e5:4c:
f8:9c:ea:aa:54:6a:fb:ef:ac:b0:9e:22:6d:8b:fc:77:49:4a:
5c:99:6a:49:e2:14:ba:52:88:fe:d9:e8:03:5e:d5:55:04:b5:
52:3b:76:17:5d:e8:44:7d:df:80:53:33:e3:f5:70:1f:44:aa:
e2:2c:d0:db:9a:7f:f9:e2:6b:37:ce:97:d9:7f:d0:1c:31:df:
2d:35:9c:66:8c:30:fd:b1:d4:d0:e3:f2:e8:47:4e:64:98:ce:
a8:ef:91:b3:6c:f3:b6:1d:dc:3e:2f:8d:42:59:19:d9:4d:74:
a1:2c:4b:cd:0c:86:d6:f3:8c:c8:4c:39:25:4e:db:44:65:78:
0e:1c:dd:f6:34:b1:08:e2:50:f6:c9:61:5c:0d:f1:04:55:5f:
1a:f9:c7:6d:f9:fe:39:07:0f:66:1a:f8:a2:d5:1b:d8:58:1c:
79:78:6b:3c:f3:9b:82:1e:76:71:32:39:b0:d9:e5:8f:f0:00:
5c:85:50:8f:61:fa:96:4f:20:9a:b2:13:2b:ce:f7:cd:a2:c3:
0d:f9:8c:58:c8:c6:63:0d:31:d4:0f:7a:4b:34:c4:99:b7:56:
30:16:74:b5:77:25:09:5d:0a:13:5c:08:c2:74:a9:1b:5e:2e:
af:d8:7a:13
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrkyy6RlS3aH4x/F0HSucvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjQwOTAyYTAwM2Q4ZmU2ZjdjNzc0MmViNDdkNzBiNTBh
ZGUwMzYwHhcNMjMwMTAxMDQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDgwOTA0NGYxZWY1MTdlNjA4N2ZhNWFmOTAxZmE1MTdlNjY5ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaERVmvg2rpEsbjQ62BF/kshtxcM
jEtd5vfUhFPs0R80v6MoQaqMhtQx5alEZMXZJAHCVXpeGM9GEdQn7aWCQWJ0qhMk
DMU5Ck+TJC4TE2KL+nb7BrM7wQgkXD0SFsDdXxP5Zn9NuAW8Lef+aVQj4ipajJAU
c0x6gfQuJG7jn0SAIp/H6aVvXNp8aaQJfaY5wnOExC1Nma14TJQxIFp0CHBFKjYE
TDFXXR4pKdknqVWS+1Ev67kLMc2EeyreOSvcsm2QFBHIuNqbWQietmRUjD9Dw2Te
EP2qB3YWCrRjOWcf9U/kIAmAtSJs2xHfaEO/K2KOcic+Sc+5XVcDmIHb+QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB2AkETx71F+YIf6WvkB+lF+Zp4vMB8GA1UdIwQY
MBaAFOj0CQKgA9j+b3x3QutH1wtQreA2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMt
N2E3OGM4YzRlMDUxLzEvSFlDUVJQSHZVWDVnaF9wYS1RSDZVWDVtbmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMtN2E3OGM4YzRlMDUx
LzEvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLucgAwQD
gv9gAwQCuT7wMA0EAgACMAcDBQAqA9EAMA0GCSqGSIb3DQEBCwUAA4IBAQBcUevb
YXogJ1siHODwKvml5Uz4nOqqVGr776ywniJti/x3SUpcmWpJ4hS6Uoj+2egDXtVV
BLVSO3YXXehEfd+AUzPj9XAfRKriLNDbmn/54ms3zpfZf9AcMd8tNZxmjDD9sdTQ
4/LoR05kmM6o75GzbPO2Hdw+L41CWRnZTXShLEvNDIbW84zITDklTttEZXgOHN32
NLEI4lD2yWFcDfEEVV8a+cdt+f45Bw9mGvii1RvYWBx5eGs885uCHnZxMjmw2eWP
8ABchVCPYfqWTyCashMrzvfNosMN+YxYyMZjDTHUD3pLNMSZt1YwFnS1dyUJXQoT
XAjCdKkbXi6v2HoT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:22 2024 by rpki-client on console-ams.rpki-client.org