Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HKAgsIn6_oxFuxtF0I3YC1lQMSw.roa
File: HKAgsIn6_oxFuxtF0I3YC1lQMSw.roa (raw, json)
Hash identifier: P0Y1dOoy9AfZ+S6bGPmcqSFWcj5USJgUCjB+O/ane28=
Subject key identifier: 1C:A0:20:B0:89:FA:FE:8C:45:BB:1B:45:D0:8D:D8:0B:59:50:31:2C
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01875098F8177FB54C42323BE8468B352928
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HKAgsIn6_oxFuxtF0I3YC1lQMSw.roa
Signing time: Wed 05 Apr 2023 08:46:54 +0000
ROA not before: Wed 05 Apr 2023 08:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 03:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:98:f8:17:7f:b5:4c:42:32:3b:e8:46:8b:35:29:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Apr 5 08:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca020b089fafe8c45bb1b45d08dd80b5950312c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4d:e3:be:c0:59:55:78:f7:f9:04:ca:0d:9d:
11:cf:d6:9b:5b:67:4f:d9:97:10:21:6b:87:16:93:
56:38:2d:0c:c2:a8:8b:c8:e6:f7:9f:0b:91:a0:08:
27:a8:77:1f:11:69:1d:de:16:15:27:31:c1:d4:d2:
f7:42:d2:1a:ec:89:fb:1e:9a:de:28:d5:24:14:73:
09:2d:e7:1e:c6:4e:c9:0c:5d:30:f4:e1:b4:45:3a:
91:96:ed:11:95:12:ad:ca:40:cf:70:b7:65:0d:6e:
0f:dc:52:fe:ab:02:22:70:b3:63:77:02:04:bd:ee:
f5:53:44:2c:f2:cb:b2:0b:53:44:cc:93:a1:90:65:
d7:ab:d9:4a:12:13:f7:2e:3a:5a:ae:ad:e5:f5:95:
0b:70:40:27:9f:44:16:c0:f3:c2:3a:ed:c7:6f:76:
06:a9:5d:3a:57:70:9d:74:d2:f5:75:de:46:b8:1e:
37:48:1b:2e:1d:88:07:65:07:19:d0:0f:8b:b8:d0:
0a:78:52:63:51:f0:58:2b:b5:96:5b:52:af:cf:10:
f6:91:49:71:16:18:12:b0:e3:28:8d:16:b8:80:73:
16:9b:61:83:5d:3f:a5:e9:77:a4:a5:02:6b:14:e0:
dc:79:68:0c:6d:29:20:13:61:39:01:4c:a8:ee:13:
88:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:20:B0:89:FA:FE:8C:45:BB:1B:45:D0:8D:D8:0B:59:50:31:2C
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HKAgsIn6_oxFuxtF0I3YC1lQMSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.217.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:e0:bb:88:48:23:e2:c6:98:7c:bd:a4:2a:86:1e:25:c9:49:
69:3d:7e:30:86:e8:ab:18:5b:8f:bd:3c:95:2a:5b:03:3e:f5:
4c:17:8d:62:c9:b7:42:2e:42:04:8e:30:4c:91:91:02:fb:99:
f7:a3:9c:a9:e2:0e:0e:39:69:e6:30:16:18:33:4d:ed:fb:a3:
f3:6b:f0:79:11:ac:de:e2:8d:b7:c3:46:e9:7e:4a:2c:75:1e:
82:29:8e:7e:24:4b:0e:8a:d7:03:5c:9a:ee:fc:26:b9:a3:84:
e2:5d:20:19:a4:98:9f:ce:d6:8a:1c:9d:9d:d1:f3:b7:37:16:
73:fe:60:8a:9c:2f:a2:93:b6:2a:92:37:58:cf:c2:cc:ad:31:
a1:e0:8f:f6:e4:27:16:88:6c:dc:e7:1b:b2:3c:3e:fa:e6:b3:
c9:0a:32:77:e6:8e:91:63:4a:9e:54:c7:0a:76:ec:70:56:70:
4e:c4:77:bb:a7:ee:fd:10:74:8a:d9:fe:54:13:66:22:0f:37:
2c:27:39:64:10:dd:7f:f6:6e:94:69:84:84:62:7a:bc:3f:12:
59:6e:fc:29:17:db:b1:b4:a2:ed:e6:d5:5c:2f:87:b3:ac:bd:
f0:4b:a9:15:a2:04:8c:30:5e:b8:38:4c:b8:45:6f:64:cb:ef:
69:a8:12:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdQmPgXf7VMQjI76EaLNSkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNDA1MDg0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2EwMjBiMDg5ZmFmZThjNDViYjFiNDVkMDhkZDgwYjU5NTAzMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU3jvsBZVXj3+QTKDZ0Rz9abW2dP
2ZcQIWuHFpNWOC0MwqiLyOb3nwuRoAgnqHcfEWkd3hYVJzHB1NL3QtIa7In7Hpre
KNUkFHMJLecexk7JDF0w9OG0RTqRlu0RlRKtykDPcLdlDW4P3FL+qwIicLNjdwIE
ve71U0Qs8suyC1NEzJOhkGXXq9lKEhP3Ljparq3l9ZULcEAnn0QWwPPCOu3Hb3YG
qV06V3CddNL1dd5GuB43SBsuHYgHZQcZ0A+LuNAKeFJjUfBYK7WWW1KvzxD2kUlx
FhgSsOMojRa4gHMWm2GDXT+l6XekpQJrFODceWgMbSkgE2E5AUyo7hOIkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBygILCJ+v6MRbsbRdCN2AtZUDEsMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvSEtBZ3NJbjZfb3hGdXh0RjBJM1lDMWxRTVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS7ZAwQB
ue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCM4LuISCPixph8vaQqhh4lyUlpPX4whuir
GFuPvTyVKlsDPvVMF41iybdCLkIEjjBMkZEC+5n3o5yp4g4OOWnmMBYYM03t+6Pz
a/B5Eaze4o23w0bpfkosdR6CKY5+JEsOitcDXJru/Ca5o4TiXSAZpJifztaKHJ2d
0fO3NxZz/mCKnC+ik7YqkjdYz8LMrTGh4I/25CcWiGzc5xuyPD765rPJCjJ35o6R
Y0qeVMcKduxwVnBOxHe7p+79EHSK2f5UE2YiDzcsJzlkEN1/9m6UaYSEYnq8PxJZ
bvwpF9uxtKLt5tVcL4ezrL3wS6kVogSMMF64OEy4RW9ky+9pqBL6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org