Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HqffGkDJPGzHlkPZBjTqDz3Vuzs.roa
File: HqffGkDJPGzHlkPZBjTqDz3Vuzs.roa (raw, json)
Hash identifier: xgxuvhyRCAjJmXujlSiEjSQy7q7YudVhXLPZ73NO7Vc=
Subject key identifier: 1E:A7:DF:1A:40:C9:3C:6C:C7:96:43:D9:06:34:EA:0F:3D:D5:BB:3B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188817470B7C3EC4B418E9FF1BEA944CBC5
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HqffGkDJPGzHlkPZBjTqDz3Vuzs.roa
Signing time: Sat 03 Jun 2023 13:31:11 +0000
ROA not before: Sat 03 Jun 2023 13:31:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Jun 2023 14:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:74:70:b7:c3:ec:4b:41:8e:9f:f1:be:a9:44:cb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 3 13:31:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ea7df1a40c93c6cc79643d90634ea0f3dd5bb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:66:91:e8:d2:e5:b2:e4:20:50:ba:e2:c7:
5f:55:ff:69:01:d6:f8:d7:61:a4:5b:c8:2e:0e:4e:
4f:7d:9c:59:9d:ce:18:a2:ad:41:7d:ee:88:83:9a:
22:68:99:a7:38:e1:a1:57:59:28:a3:ce:cb:5d:d8:
5b:52:49:06:0e:e7:b1:97:d6:40:df:dd:52:f1:f0:
eb:ed:57:d7:d4:be:7b:20:a1:34:fd:03:94:33:32:
ac:e3:a0:9d:5a:cd:74:a2:83:fa:59:70:1a:c7:b7:
be:97:81:e7:fa:4d:bc:72:45:1c:ca:cb:60:f8:d8:
19:ba:6f:aa:05:60:0b:18:09:d6:c0:75:ae:8b:51:
62:60:93:50:2f:5a:96:0b:54:53:ad:d9:b9:1c:b8:
5d:5d:aa:92:ba:22:73:41:f6:23:3c:d7:b4:71:32:
04:fe:f7:4f:18:13:4f:2a:3c:6a:fa:a0:ca:15:30:
df:fd:fe:e4:fa:f0:db:79:46:67:f6:e6:52:47:07:
cc:0c:27:f3:2b:d8:b5:7a:52:63:e1:a5:7d:b4:4d:
4a:76:7f:15:3d:a6:9c:8a:89:00:7e:6c:c5:75:a8:
aa:6f:53:da:69:99:cc:a9:af:b6:b6:f1:b2:e5:53:
d9:11:dd:0e:37:44:76:4e:ca:4f:44:c6:f5:a9:f0:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A7:DF:1A:40:C9:3C:6C:C7:96:43:D9:06:34:EA:0F:3D:D5:BB:3B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HqffGkDJPGzHlkPZBjTqDz3Vuzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.51.0/24
89.35.129.0-89.35.131.255
92.114.32.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
77:65:f4:33:b1:53:80:1c:99:ec:78:46:94:b1:7a:81:40:00:
39:d6:31:75:38:7c:f0:34:c5:62:97:42:f7:17:79:4e:33:44:
82:eb:20:ac:c3:8d:6d:be:b7:4a:99:74:38:66:6c:87:48:4d:
9b:52:de:e7:40:57:3e:6b:42:5f:d7:35:ae:a8:5c:2c:8a:a8:
a7:cf:f0:8c:54:2d:e8:83:71:b1:d1:67:ad:3b:c8:84:60:ec:
9a:4c:46:3c:3b:c9:ac:ae:3c:8a:3c:c1:d1:6d:1d:fa:b5:55:
16:e5:88:02:51:6c:ea:46:20:de:8d:58:b1:77:cd:53:89:f1:
b4:25:cc:17:49:12:d1:59:30:13:9f:b2:ce:b3:05:91:68:a2:
15:22:9c:1e:59:0f:4f:2b:03:43:31:e7:45:53:4d:69:50:aa:
04:01:c2:b7:ad:92:b0:bf:0f:b6:2c:bb:f7:4c:72:01:21:b7:
46:59:f0:eb:92:29:92:e5:8d:9d:64:e7:df:9f:cd:45:bf:9d:
8a:f8:81:9e:77:42:00:77:10:45:9f:26:ad:44:5e:a4:c2:7c:
90:05:36:76:4d:cc:bd:91:2e:9c:72:06:92:d2:29:eb:a0:ba:
3b:ed:44:a5:7d:76:0a:56:1c:c2:7f:9a:72:b6:57:c2:13:d5:
f8:51:cd:85
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYiBdHC3w+xLQY6f8b6pRMvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjAzMTMzMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE3ZGYxYTQwYzkzYzZjYzc5NjQzZDkwNjM0ZWEwZjNkZDViYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaBmkejS5bLkIFC64sdfVf9pAdb4
12GkW8guDk5PfZxZnc4Yoq1Bfe6Ig5oiaJmnOOGhV1koo87LXdhbUkkGDuexl9ZA
391S8fDr7VfX1L57IKE0/QOUMzKs46CdWs10ooP6WXAax7e+l4Hn+k28ckUcystg
+NgZum+qBWALGAnWwHWui1FiYJNQL1qWC1RTrdm5HLhdXaqSuiJzQfYjPNe0cTIE
/vdPGBNPKjxq+qDKFTDf/f7k+vDbeUZn9uZSRwfMDCfzK9i1elJj4aV9tE1Kdn8V
PaaciokAfmzFdaiqb1PaaZnMqa+2tvGy5VPZEd0ON0R2TspPRMb1qfBFTQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFB6n3xpAyTxsx5ZD2QY06g891bs7MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSHFmZkdrREpQR3pIbGtQWkJqVHFEejNWdXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATVFYAwQA
VmszMAwDBABZI4EDBAJZI4ADBABcciADBABexqsDBACw37wDBAC81msDBAC88Ykw
DQYJKoZIhvcNAQELBQADggEBAHdl9DOxU4Acmex4RpSxeoFAADnWMXU4fPA0xWKX
QvcXeU4zRILrIKzDjW2+t0qZdDhmbIdITZtS3udAVz5rQl/XNa6oXCyKqKfP8IxU
LeiDcbHRZ607yIRg7JpMRjw7yayuPIo8wdFtHfq1VRbliAJRbOpGIN6NWLF3zVOJ
8bQlzBdJEtFZMBOfss6zBZFoohUinB5ZD08rA0Mx50VTTWlQqgQBwretkrC/D7Ys
u/dMcgEht0ZZ8OuSKZLljZ1k59+fzUW/nYr4gZ53QgB3EEWfJq1EXqTCfJAFNnZN
zL2RLpxyBpLSKeugujvtRKV9dgpWHMJ/mnK2V8IT1fhRzYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org