Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HHXzbbujOnL3r0n2rhRj4cfDoaM.roa
File: HHXzbbujOnL3r0n2rhRj4cfDoaM.roa (raw, json)
Hash identifier: FmPhkk8Q5cSsapO2V79Qo1oHMlFkZ9fEQh/WWqr59dc=
Subject key identifier: 1C:75:F3:6D:BB:A3:3A:72:F7:AF:49:F6:AE:14:63:E1:C7:C3:A1:A3
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018D736DDD34AC2F0323BDF824E8EA38416D
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HHXzbbujOnL3r0n2rhRj4cfDoaM.roa
Signing time: Sun 04 Feb 2024 09:23:16 +0000
ROA not before: Sun 04 Feb 2024 09:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25003
IP address blocks: 80.74.96.0/19 maxlen: 19
80.74.96.0/22 maxlen: 22
80.74.96.0/23 maxlen: 23
80.74.100.0/22 maxlen: 22
80.74.100.0/23 maxlen: 23
80.74.104.0/22 maxlen: 22
80.74.106.0/23 maxlen: 23
80.74.108.0/22 maxlen: 22
80.74.108.0/23 maxlen: 23
80.74.110.0/23 maxlen: 23
80.74.112.0/22 maxlen: 22
80.74.116.0/22 maxlen: 22
80.74.116.0/23 maxlen: 23
80.74.118.0/24 maxlen: 24
80.74.120.0/22 maxlen: 22
80.74.124.0/22 maxlen: 22
91.143.224.0/20 maxlen: 20
91.143.224.0/22 maxlen: 22
91.143.224.0/23 maxlen: 23
91.143.226.0/23 maxlen: 23
91.143.228.0/24 maxlen: 24
91.143.232.0/22 maxlen: 22
91.143.232.0/23 maxlen: 23
92.61.224.0/20 maxlen: 20
92.61.234.0/23 maxlen: 23
94.188.128.0/17 maxlen: 17
94.188.128.0/22 maxlen: 22
94.188.130.0/23 maxlen: 23
94.188.130.0/24 maxlen: 24
94.188.133.0/24 maxlen: 24
94.188.138.0/23 maxlen: 23
94.188.140.0/24 maxlen: 24
94.188.152.0/22 maxlen: 22
94.188.155.0/24 maxlen: 24
94.188.158.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.163.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.173.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.176.0/23 maxlen: 23
94.188.178.0/23 maxlen: 23
94.188.178.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.192.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.199.0/24 maxlen: 24
94.188.221.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.244.0/23 maxlen: 23
94.188.246.0/23 maxlen: 23
94.188.248.0/22 maxlen: 22
94.188.248.0/23 maxlen: 23
94.188.252.0/23 maxlen: 23
94.188.254.0/23 maxlen: 23
2a02:23b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Feb 2024 07:16:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:6d:dd:34:ac:2f:03:23:bd:f8:24:e8:ea:38:41:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 4 09:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c75f36dbba33a72f7af49f6ae1463e1c7c3a1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:21:d0:b4:54:03:0e:5c:82:b2:a6:32:0b:97:
52:85:7c:40:22:f0:a3:ee:52:f0:b4:96:30:b7:5e:
1e:9f:62:98:2c:26:e1:46:44:80:a9:6a:3f:69:89:
70:ee:41:78:53:a1:78:b0:40:66:c9:1c:9e:e7:8d:
80:3e:aa:dd:4c:31:16:62:59:67:4d:1d:1d:eb:0e:
86:d9:7b:49:66:9d:20:e5:dc:be:b4:26:75:d2:2d:
4e:f4:60:d4:e9:8c:3e:c1:b7:1f:4e:37:a3:63:2a:
38:66:8d:74:a7:e9:ef:6f:2f:2d:f2:a1:0b:92:00:
35:fd:d7:17:92:67:bb:85:e8:ab:15:59:63:83:98:
5f:99:e3:7c:51:b2:af:d3:0a:3d:f2:40:c4:8a:77:
fb:cb:ae:85:fc:03:75:f4:76:15:72:af:31:27:e4:
33:88:48:22:41:c6:d8:20:f6:85:8f:5b:e7:23:2a:
38:90:0b:77:b5:27:cd:30:d1:42:c9:8a:d3:6e:3a:
f5:16:49:2c:50:e0:3d:e7:2c:41:d4:56:23:77:9a:
cc:86:4a:44:01:96:d8:c0:d0:49:fa:35:71:cd:50:
86:41:29:85:83:6f:7c:1c:03:42:15:88:28:d2:e3:
a0:c7:97:8c:de:9c:a9:a2:f0:b9:02:0c:07:fb:b8:
44:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:75:F3:6D:BB:A3:3A:72:F7:AF:49:F6:AE:14:63:E1:C7:C3:A1:A3
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/HHXzbbujOnL3r0n2rhRj4cfDoaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/19
91.143.224.0/20
92.61.224.0/20
94.188.128.0/17
IPv6:
2a02:23b8::/32
Signature Algorithm: sha256WithRSAEncryption
8c:85:3d:fa:6b:44:6b:86:5d:2e:21:bd:f1:6a:80:02:e5:f5:
93:cc:63:24:0e:fb:e3:07:68:54:d3:6b:74:a8:c3:b3:bc:42:
2e:44:4f:fe:d7:53:59:ac:3a:dd:46:80:30:75:d1:37:37:c4:
cb:24:0b:56:91:ce:6e:af:24:b0:b6:eb:88:52:a8:18:7d:9c:
43:69:5c:9e:d3:fa:93:c2:6e:a2:df:5f:01:fe:66:df:66:61:
a6:11:d0:9c:e8:4e:a1:1a:9e:a6:47:0e:81:aa:ff:71:bc:87:
7e:63:68:2f:ed:08:f4:d4:48:7d:a4:19:81:e3:1a:0d:fb:45:
32:03:35:f6:aa:f8:53:ee:5e:0a:e6:ba:6a:2f:2c:e4:a6:fc:
ba:1e:7d:6a:ff:f6:98:f7:1f:ec:2a:14:c7:f4:38:45:a6:1c:
83:7a:79:ca:96:6c:91:e6:57:66:d5:b5:23:a3:39:fa:f9:35:
71:5c:9c:6e:83:72:0a:51:51:a3:2a:42:e4:0d:4e:cf:73:b2:
aa:8c:eb:7f:ff:f9:91:e3:68:00:e3:18:94:be:4a:87:98:08:
77:65:72:b6:d4:be:08:a3:77:df:e9:73:95:29:7b:76:65:27:
bf:a4:e8:d3:40:03:b2:d7:be:04:ef:d9:51:8f:10:24:32:a4:
1c:c8:ea:6b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY1zbd00rC8DI734JOjqOEFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjA0MDkyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc1ZjM2ZGJiYTMzYTcyZjdhZjQ5ZjZhZTE0NjNlMWM3YzNhMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyHQtFQDDlyCsqYyC5dShXxAIvCj
7lLwtJYwt14en2KYLCbhRkSAqWo/aYlw7kF4U6F4sEBmyRye542APqrdTDEWYlln
TR0d6w6G2XtJZp0g5dy+tCZ10i1O9GDU6Yw+wbcfTjejYyo4Zo10p+nvby8t8qEL
kgA1/dcXkme7heirFVljg5hfmeN8UbKv0wo98kDEinf7y66F/AN19HYVcq8xJ+Qz
iEgiQcbYIPaFj1vnIyo4kAt3tSfNMNFCyYrTbjr1FkksUOA95yxB1FYjd5rMhkpE
AZbYwNBJ+jVxzVCGQSmFg298HANCFYgo0uOgx5eM3pypovC5AgwH+7hEmQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBx18227ozpy969J9q4UY+HHw6GjMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvSEhYemJidWpPbkwzcjBuMnJoUmo0Y2ZEb2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFUEpgAwQE
W4/gAwQEXD3gAwQHXryAMA0EAgACMAcDBQAqAiO4MA0GCSqGSIb3DQEBCwUAA4IB
AQCMhT36a0Rrhl0uIb3xaoAC5fWTzGMkDvvjB2hU02t0qMOzvEIuRE/+11NZrDrd
RoAwddE3N8TLJAtWkc5urySwtuuIUqgYfZxDaVye0/qTwm6i318B/mbfZmGmEdCc
6E6hGp6mRw6Bqv9xvId+Y2gv7Qj01Eh9pBmB4xoN+0UyAzX2qvhT7l4K5rpqLyzk
pvy6Hn1q//aY9x/sKhTH9DhFphyDennKlmyR5ldm1bUjozn6+TVxXJxug3IKUVGj
KkLkDU7Pc7KqjOt///mR42gA4xiUvkqHmAh3ZXK21L4Io3ff6XOVKXt2ZSe/pOjT
QAOy174E79lRjxAkMqQcyOpr
-----END CERTIFICATE-----
Generated at Mon Feb 5 11:49:36 2024 by rpki-client on console-fra.rpki-client.org