Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HBFNIE1IW6QdIDTI01oB2k1E6ZY.roa
File: HBFNIE1IW6QdIDTI01oB2k1E6ZY.roa (raw, json)
Hash identifier: t4J6VGniedMzUfqaXASUhabV76OWsLqQRQk+jcgbPEE=
Subject key identifier: 1C:11:4D:20:4D:48:5B:A4:1D:20:34:C8:D3:5A:01:DA:4D:44:E9:96
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0193B58E4F2C65C7CC6BB59CC30DE6B2E7F1
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HBFNIE1IW6QdIDTI01oB2k1E6ZY.roa
Signing time: Wed 11 Dec 2024 11:50:22 +0000
ROA not before: Wed 11 Dec 2024 11:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213808
IP address blocks: 213.108.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:8e:4f:2c:65:c7:cc:6b:b5:9c:c3:0d:e6:b2:e7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Dec 11 11:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c114d204d485ba41d2034c8d35a01da4d44e996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:97:c2:c6:f3:4c:92:ae:ec:fc:e5:c1:59:
e6:56:ba:ef:98:67:a7:80:a4:a4:f3:f8:df:04:17:
f3:3c:a5:20:88:5d:4b:86:64:0b:55:24:1d:a8:c1:
22:24:4c:d4:70:e4:f1:8f:da:f6:4c:07:3b:8c:16:
4b:71:31:41:ca:a1:f3:44:b7:c2:76:3d:6e:c8:5f:
3c:94:e7:c7:fc:c4:9a:cb:83:99:c6:97:77:aa:7d:
1b:10:68:91:99:ea:e2:88:8c:88:06:c3:a7:cd:e7:
11:b4:20:e7:4f:e0:e5:d3:08:da:29:91:5a:3e:69:
72:56:bf:09:ba:b3:68:40:ab:c9:bb:13:be:f8:2c:
d9:7b:d0:e0:23:55:b2:a4:d7:f5:33:c7:c3:e7:ba:
06:e4:49:b6:15:09:30:9d:13:70:5b:56:76:ba:85:
ae:a0:4f:b8:0e:7a:e0:8f:a6:1e:88:4b:17:d3:da:
6c:c0:05:61:f4:8e:53:05:07:72:8d:5d:d9:46:5a:
cf:b3:15:e1:c3:bf:90:10:3b:c8:df:73:ad:b4:e3:
b8:0b:18:97:60:0e:4f:03:14:8c:84:36:80:8f:7b:
41:e8:9b:f1:32:4c:f8:a0:4c:14:1f:a0:5c:ee:78:
1c:5b:06:34:11:3a:c9:b7:41:fa:1a:a6:a9:c9:e0:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:11:4D:20:4D:48:5B:A4:1D:20:34:C8:D3:5A:01:DA:4D:44:E9:96
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HBFNIE1IW6QdIDTI01oB2k1E6ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.108.7.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e9:17:c9:34:47:99:bc:50:89:71:f2:c4:c4:08:10:f7:ab:
35:49:dd:3a:36:a5:89:e8:35:e6:32:92:df:75:0b:26:fa:73:
3e:1a:de:14:8c:af:db:67:58:04:27:15:25:83:a1:e6:e4:01:
db:14:2c:9c:2e:7a:f0:d6:31:dc:03:af:7a:1a:0c:01:35:59:
90:4f:e0:3a:2b:9c:8b:98:dd:36:e8:50:19:ce:c1:b7:e4:1e:
72:1c:b3:36:04:f9:ac:1d:b8:7d:94:6c:d9:80:2d:07:00:97:
aa:c0:79:3c:8a:b8:e8:bf:68:a4:ed:3e:6e:7d:57:7c:7a:0f:
21:de:1c:af:00:d8:17:e6:34:45:6a:12:32:61:ce:74:68:61:
ab:cd:28:91:ed:0b:4a:98:99:e0:61:54:f8:cd:6b:6e:7a:57:
ac:a0:60:6e:c1:8e:0f:7f:34:e7:16:38:59:18:74:fc:23:f9:
9b:d7:2d:5b:4c:28:c4:cd:6f:ae:23:7c:25:10:f3:8e:42:40:
ef:ef:2d:33:ef:55:36:b8:c6:69:86:16:11:7b:80:a6:49:e1:
21:98:38:a7:97:f8:5e:f9:17:88:65:a9:ed:64:43:bf:82:9a:
30:bd:a7:a5:5f:a9:14:bf:c8:6b:0f:ca:de:51:2a:55:d2:1c:
95:2a:78:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO1jk8sZcfMa7Wcww3msufxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQxMjExMTE1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzExNGQyMDRkNDg1YmE0MWQyMDM0YzhkMzVhMDFkYTRkNDRlOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIWXwsbzTJKu7PzlwVnmVrrvmGen
gKSk8/jfBBfzPKUgiF1LhmQLVSQdqMEiJEzUcOTxj9r2TAc7jBZLcTFByqHzRLfC
dj1uyF88lOfH/MSay4OZxpd3qn0bEGiRmeriiIyIBsOnzecRtCDnT+Dl0wjaKZFa
PmlyVr8JurNoQKvJuxO++CzZe9DgI1WypNf1M8fD57oG5Em2FQkwnRNwW1Z2uoWu
oE+4Dnrgj6YeiEsX09pswAVh9I5TBQdyjV3ZRlrPsxXhw7+QEDvI33OttOO4CxiX
YA5PAxSMhDaAj3tB6JvxMkz4oEwUH6Bc7ngcWwY0ETrJt0H6GqapyeD+XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwRTSBNSFukHSA0yNNaAdpNROmWMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSEJGTklFMUlXNlFkSURUSTAxb0IyazFFNlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1WwHMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ6RfJNEeZvFCJcfLExAgQ96s1Sd06NqWJ6DXmMpLf
dQsm+nM+Gt4UjK/bZ1gEJxUlg6Hm5AHbFCycLnrw1jHcA696GgwBNVmQT+A6K5yL
mN026FAZzsG35B5yHLM2BPmsHbh9lGzZgC0HAJeqwHk8irjov2ik7T5ufVd8eg8h
3hyvANgX5jRFahIyYc50aGGrzSiR7QtKmJngYVT4zWtuelesoGBuwY4PfzTnFjhZ
GHT8I/mb1y1bTCjEzW+uI3wlEPOOQkDv7y0z71U2uMZphhYRe4CmSeEhmDinl/he
+ReIZantZEO/gpowvaelX6kUv8hrD8reUSpV0hyVKng8
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:18 2025 by rpki-client