Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/HABhFZoNL0bXmASOWn8G-APJLGE.roa
File: HABhFZoNL0bXmASOWn8G-APJLGE.roa (raw, json)
Hash identifier: KeKXKrjjQ8Pdro0QHQm5J8bAD4HIGPzThVojHIvP6N4=
Subject key identifier: 1C:00:61:15:9A:0D:2F:46:D7:98:04:8E:5A:7F:06:F8:03:C9:2C:61
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0186E46BACDB68D713FFFC85B775197082F5
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/HABhFZoNL0bXmASOWn8G-APJLGE.roa
Signing time: Wed 15 Mar 2023 08:38:27 +0000
ROA not before: Wed 15 Mar 2023 08:38:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 180.235.160.0/20 maxlen: 32
188.212.136.0/21 maxlen: 32
93.113.52.0/23 maxlen: 32
110.238.192.0/19 maxlen: 32
185.66.136.0/22 maxlen: 32
94.139.224.0/20 maxlen: 32
119.12.192.0/21 maxlen: 32
77.81.92.0/22 maxlen: 32
176.223.182.0/23 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Mar 2023 07:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:6b:ac:db:68:d7:13:ff:fc:85:b7:75:19:70:82:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Mar 15 08:38:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c0061159a0d2f46d798048e5a7f06f803c92c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:ac:26:0c:ee:35:c3:cc:c1:f6:49:7f:af:
21:b9:49:99:45:ce:5d:10:ff:53:6c:7d:d0:e0:df:
95:13:c7:48:a7:d7:81:7c:1b:13:ce:b5:13:30:ab:
8d:aa:97:5c:03:e5:88:7e:95:74:76:08:1a:8e:6d:
61:36:86:2e:28:75:19:18:e9:77:83:ee:ce:d5:a9:
81:66:b7:d7:34:86:54:d2:6a:33:49:11:53:8f:5e:
c2:62:69:02:5a:ee:45:8b:f8:5f:78:24:7a:5a:f1:
60:13:6a:b9:12:69:0b:ce:13:45:26:63:6a:3d:d3:
0c:f9:2a:b6:a3:08:f4:92:71:5f:c4:39:75:da:e9:
a1:99:a1:a5:82:4f:09:af:74:91:58:b9:40:fd:6d:
e0:7f:b0:be:c0:b6:62:ad:bf:46:01:05:48:c8:21:
13:c2:66:f0:a1:6b:62:f7:0a:58:26:89:3c:f5:98:
29:56:32:06:45:48:34:72:1e:45:b7:5c:fc:1e:1d:
63:3b:09:1c:f0:4a:a4:aa:1e:7f:6b:90:63:01:d6:
b8:4a:14:da:76:9b:cd:93:dc:76:7c:f8:e6:fa:27:
54:9e:20:2d:a6:07:dc:f2:8f:f5:f6:b7:0e:7f:c4:
ea:9f:7f:ed:47:c1:ad:ea:60:e6:79:63:0f:b6:be:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:00:61:15:9A:0D:2F:46:D7:98:04:8E:5A:7F:06:F8:03:C9:2C:61
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/HABhFZoNL0bXmASOWn8G-APJLGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.92.0/22
93.113.52.0/23
94.139.224.0/20
110.238.192.0/19
119.12.192.0/21
176.223.182.0/23
180.235.160.0/20
185.66.136.0/22
188.212.136.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:fa:be:62:3f:50:46:67:1f:26:42:cc:64:fe:90:e2:e1:b7:
7f:5e:cb:17:b7:2d:94:58:e2:8a:0b:8a:7b:86:4c:18:e4:68:
25:f8:4d:17:3c:24:cb:97:07:a1:3d:d0:5e:b0:48:65:7d:fa:
37:64:65:11:66:14:1b:94:db:7c:25:69:cf:db:ac:14:c4:1d:
eb:2a:93:74:5e:25:fd:6b:c3:4b:74:74:8e:25:d5:b6:db:f4:
a5:fe:ca:6b:48:33:ef:32:45:2c:cc:ea:06:ab:55:9c:ec:4b:
5a:eb:04:85:4e:8b:7d:e4:9e:f3:53:b6:81:92:20:0e:0b:77:
ea:88:91:c2:00:e5:b9:4d:ef:05:9d:48:18:fa:20:2e:e7:48:
3f:78:a4:2e:3f:89:e8:6c:6d:bf:d6:ca:30:41:89:ad:47:12:
57:1d:5f:0b:11:b9:8d:7c:e2:aa:8b:da:f6:64:d6:79:77:66:
49:6a:9a:9f:0b:d7:8a:c1:31:eb:c9:47:cd:f6:f2:33:f4:07:
c0:76:1d:73:3e:8d:0d:34:f3:ef:16:b3:8e:3c:dd:ee:ee:4a:
84:c6:68:3d:3b:82:25:e8:0a:5a:fb:43:e0:a5:a9:21:00:7e:
85:9a:00:54:e0:e9:29:9f:6f:9c:d4:69:e7:70:29:ca:57:7d:
27:89:d1:38
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYbka6zbaNcT//yFt3UZcIL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwMzE1MDgzODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAwNjExNTlhMGQyZjQ2ZDc5ODA0OGU1YTdmMDZmODAzYzkyYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyysJgzuNcPMwfZJf68huUmZRc5d
EP9TbH3Q4N+VE8dIp9eBfBsTzrUTMKuNqpdcA+WIfpV0dggajm1hNoYuKHUZGOl3
g+7O1amBZrfXNIZU0mozSRFTj17CYmkCWu5Fi/hfeCR6WvFgE2q5EmkLzhNFJmNq
PdMM+Sq2owj0knFfxDl12umhmaGlgk8Jr3SRWLlA/W3gf7C+wLZirb9GAQVIyCET
wmbwoWti9wpYJok89ZgpVjIGRUg0ch5Ft1z8Hh1jOwkc8Eqkqh5/a5BjAda4ShTa
dpvNk9x2fPjm+idUniAtpgfc8o/19rcOf8Tqn3/tR8Gt6mDmeWMPtr5HqQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBwAYRWaDS9G15gEjlp/BvgDySxhMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvSEFCaEZab05MMGJYbUFTT1duOEctQVBKTEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTVFcAwQB
XXE0AwQEXovgAwQFbu7AAwQDdwzAAwQBsN+2AwQEtOugAwQCuUKIAwQDvNSIMA0G
CSqGSIb3DQEBCwUAA4IBAQBO+r5iP1BGZx8mQsxk/pDi4bd/XssXty2UWOKKC4p7
hkwY5Ggl+E0XPCTLlwehPdBesEhlffo3ZGURZhQblNt8JWnP26wUxB3rKpN0XiX9
a8NLdHSOJdW22/Sl/sprSDPvMkUszOoGq1Wc7Eta6wSFTot95J7zU7aBkiAOC3fq
iJHCAOW5Te8FnUgY+iAu50g/eKQuP4nobG2/1sowQYmtRxJXHV8LEbmNfOKqi9r2
ZNZ5d2ZJapqfC9eKwTHryUfN9vIz9AfAdh1zPo0NNPPvFrOOPN3u7kqExmg9O4Il
6Apa+0PgpakhAH6FmgBU4Okpn2+c1GnncCnKV30nidE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:46 2024 by rpki-client on console-fra.rpki-client.org