Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/8HVHAN_N6hgaXQRXrDjwUECtMXA.roa
File: 8HVHAN_N6hgaXQRXrDjwUECtMXA.roa (raw, json)
Hash identifier: N3OJRhLHMbggGA3IgFcNGntbA0t8wlqqFvonGLr4fXc=
Subject key identifier: F0:75:47:00:DF:CD:EA:18:1A:5D:04:57:AC:38:F0:50:40:AD:31:70
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019395A79D32AB1A52AEE81D6044F29FD064
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/8HVHAN_N6hgaXQRXrDjwUECtMXA.roa
Signing time: Thu 05 Dec 2024 07:10:10 +0000
ROA not before: Thu 05 Dec 2024 07:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44060
IP address blocks: 147.234.4.0/23 maxlen: 23
147.234.4.0/24 maxlen: 24
147.234.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:95:a7:9d:32:ab:1a:52:ae:e8:1d:60:44:f2:9f:d0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Dec 5 07:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0754700dfcdea181a5d0457ac38f05040ad3170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:16:f2:58:3a:08:28:e5:a2:5b:41:7a:a5:
2d:59:f6:b0:23:f5:24:b4:41:89:28:4f:e9:b8:a4:
16:ab:ac:83:c4:51:1a:82:7f:d0:bc:bd:69:50:f5:
eb:ce:c4:bb:ab:07:ed:ef:2e:cb:4a:a3:c5:55:16:
ce:0c:6a:9d:a9:09:e9:2a:83:89:c9:93:1f:cc:55:
a7:bb:f1:13:0f:91:f2:70:90:ea:11:ce:f8:52:b6:
a1:b6:54:10:a7:45:f2:44:b9:9e:e3:e9:58:47:f8:
0b:c5:ce:09:e4:e5:87:90:d1:58:e2:c5:12:2a:f6:
a3:30:c3:fc:9f:03:79:2d:03:49:02:94:a8:5b:7f:
6f:65:e9:bd:f3:81:05:46:2f:30:c0:fc:ce:c5:d3:
2a:9d:b7:8c:e8:51:0e:ed:14:f6:05:54:ea:d6:a2:
46:68:a7:83:e4:71:84:b6:36:6b:96:24:ab:a6:64:
f6:ef:fb:25:b2:44:cd:8f:bf:83:90:f3:54:c7:7b:
05:f8:d5:92:d1:7c:0b:8f:e5:40:aa:18:03:a2:6c:
a6:e7:dc:69:89:cf:a0:01:bf:3a:0e:53:8d:61:48:
8a:85:6f:75:3b:f0:c3:be:d6:4e:4e:4e:6a:ef:77:
8a:7d:b3:61:aa:00:39:35:e6:dd:61:d6:ee:f1:13:
66:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:75:47:00:DF:CD:EA:18:1A:5D:04:57:AC:38:F0:50:40:AD:31:70
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/8HVHAN_N6hgaXQRXrDjwUECtMXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.4.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:71:f3:15:74:3b:62:b4:bd:cf:84:54:3c:df:e3:da:59:cf:
10:2e:ca:d2:65:71:50:43:bf:21:5e:db:d7:0b:72:98:8a:e0:
64:07:15:01:7a:8e:dd:14:69:96:e2:96:22:ed:e6:f9:53:04:
22:7c:57:61:3d:75:99:6f:97:ac:82:ba:d1:97:71:c7:ec:7a:
6e:3d:96:39:1b:03:9f:e8:bd:35:a6:d6:48:8c:5a:43:17:c5:
f0:72:9b:58:41:76:f5:1e:80:af:57:16:5b:36:47:d0:69:f0:
84:75:22:83:3e:44:0d:6e:7f:32:67:60:29:19:2b:40:ba:61:
db:5a:37:22:bd:e4:c9:50:e9:83:d1:bf:48:5a:e1:dc:46:fd:
3a:21:60:99:96:62:eb:b7:52:e0:1f:19:da:ef:f7:cc:46:90:
cd:ea:5f:bd:dd:43:79:07:07:39:b5:d1:2a:f4:9a:77:67:cf:
47:9f:af:08:88:b7:57:8d:29:ba:d3:23:67:1a:ef:b4:dd:c6:
dc:f3:c7:c3:6f:6d:99:0b:66:09:73:15:5a:75:24:05:82:3e:
d2:c2:56:60:77:8a:50:04:9b:bb:e7:e0:cd:f1:ff:4b:c0:90:
66:c6:75:69:e6:7f:e2:c6:77:3a:f0:9e:5d:56:d3:3c:59:07:
99:6a:e9:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOVp50yqxpSrugdYETyn9BkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQxMjA1MDcxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDc1NDcwMGRmY2RlYTE4MWE1ZDA0NTdhYzM4ZjA1MDQwYWQzMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlUW8lg6CCjloltBeqUtWfawI/Uk
tEGJKE/puKQWq6yDxFEagn/QvL1pUPXrzsS7qwft7y7LSqPFVRbODGqdqQnpKoOJ
yZMfzFWnu/ETD5HycJDqEc74UrahtlQQp0XyRLme4+lYR/gLxc4J5OWHkNFY4sUS
KvajMMP8nwN5LQNJApSoW39vZem984EFRi8wwPzOxdMqnbeM6FEO7RT2BVTq1qJG
aKeD5HGEtjZrliSrpmT27/slskTNj7+DkPNUx3sF+NWS0XwLj+VAqhgDomym59xp
ic+gAb86DlONYUiKhW91O/DDvtZOTk5q73eKfbNhqgA5NebdYdbu8RNm3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPB1RwDfzeoYGl0EV6w48FBArTFwMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvOEhWSEFOX042aGdhWFFSWHJEandVRUN0TVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk+oEMA0G
CSqGSIb3DQEBCwUAA4IBAQCicfMVdDtitL3PhFQ83+PaWc8QLsrSZXFQQ78hXtvX
C3KYiuBkBxUBeo7dFGmW4pYi7eb5UwQifFdhPXWZb5esgrrRl3HH7HpuPZY5GwOf
6L01ptZIjFpDF8XwcptYQXb1HoCvVxZbNkfQafCEdSKDPkQNbn8yZ2ApGStAumHb
WjciveTJUOmD0b9IWuHcRv06IWCZlmLrt1LgHxna7/fMRpDN6l+93UN5Bwc5tdEq
9Jp3Z89Hn68IiLdXjSm60yNnGu+03cbc88fDb22ZC2YJcxVadSQFgj7SwlZgd4pQ
BJu75+DN8f9LwJBmxnVp5n/ixnc68J5dVtM8WQeZaumu
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:33 2025 by rpki-client