Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/HQTkp1Zs_XLXITXjNowidMyG3W8.roa
File: HQTkp1Zs_XLXITXjNowidMyG3W8.roa (raw, json)
Hash identifier: 5EpBdUKU2WpK1K2EVeHYb0F8m4EQXkz9SxjSa/8rwiI=
Subject key identifier: 1D:04:E4:A7:56:6C:FD:72:D7:21:35:E3:36:8C:22:74:CC:86:DD:6F
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018CCB10651C805724A653E3E2BA145E0C66
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/HQTkp1Zs_XLXITXjNowidMyG3W8.roa
Signing time: Tue 02 Jan 2024 16:44:58 +0000
ROA not before: Tue 02 Jan 2024 16:44:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.206.64.0/21 maxlen: 24
82.206.72.0/21 maxlen: 24
82.206.0.0/21 maxlen: 24
82.206.8.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 15:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:10:65:1c:80:57:24:a6:53:e3:e2:ba:14:5e:0c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 2 16:44:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d04e4a7566cfd72d72135e3368c2274cc86dd6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:05:04:70:e1:99:f1:00:ab:f6:33:4b:23:10:
b3:d7:f9:84:bc:f1:f9:18:6b:3d:a5:6f:35:11:d1:
c5:6f:fa:3c:ba:a5:88:d0:e1:04:19:ca:2d:91:ae:
b3:ee:5f:f9:33:2b:65:d4:73:90:70:fd:00:51:bc:
a3:b4:66:69:21:d8:92:84:d1:e1:9e:aa:77:c5:80:
2e:b2:d5:bd:77:21:c0:9b:12:d4:8b:a4:1e:5f:89:
08:2d:34:f1:d7:84:39:54:42:a2:19:55:c6:44:a0:
92:7d:95:19:7e:2e:c6:57:06:fb:a1:53:c2:5d:e3:
6c:1b:de:33:1c:54:bf:73:df:48:4a:93:23:5b:57:
2f:ff:a7:1e:c5:ff:fa:61:20:6b:0f:c4:87:d9:91:
15:28:db:00:1b:0a:49:ae:93:0f:3d:b6:7a:f0:42:
87:bc:07:b7:96:70:dc:34:9c:cf:de:50:a1:ed:f6:
74:42:16:c1:2f:c4:45:97:6a:c4:11:cd:d2:06:8a:
3f:f4:aa:36:6c:d7:91:9f:56:eb:6b:ce:6b:fb:55:
dd:0f:10:c3:be:e6:a8:4e:00:e7:05:9e:5a:51:ba:
95:c8:77:2f:9c:ec:f3:87:57:79:54:b9:cd:c8:23:
6a:fd:20:f4:07:f3:66:cd:92:48:e4:d9:7b:0c:06:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:04:E4:A7:56:6C:FD:72:D7:21:35:E3:36:8C:22:74:CC:86:DD:6F
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/HQTkp1Zs_XLXITXjNowidMyG3W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.0.0/20
82.206.64.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:18:ee:a3:ab:2d:db:8b:19:19:8d:65:f7:92:e8:61:90:06:
e1:4c:57:5b:35:c1:c7:98:6a:23:64:6b:04:3d:7a:69:2b:a1:
82:7d:1f:e0:b7:04:e0:4d:9c:10:02:21:a1:e6:d6:74:12:6a:
18:9b:9e:01:8d:6e:4c:dc:b5:4b:6d:f2:1e:5e:ae:a2:d4:11:
8a:be:6d:40:5a:87:4f:5e:5c:e1:d0:93:5e:80:98:95:d1:8f:
95:2e:69:22:6d:a0:b1:1f:6a:17:57:b0:c0:59:f6:ce:9b:13:
eb:cb:43:e0:8e:0a:1c:5f:ec:62:2b:ec:ca:5a:ca:ed:ed:23:
43:3b:1c:00:1a:49:5f:6c:d5:94:90:45:02:16:7e:a5:5a:fe:
04:00:51:db:63:d0:c9:a4:8a:6f:58:4d:04:8c:0e:88:4c:98:
d0:cf:74:2e:19:1b:b9:f0:da:97:f5:17:43:39:5a:97:55:5f:
38:07:38:e7:39:92:f2:0d:71:d9:21:07:22:dd:ce:28:b8:31:
d5:47:f8:28:68:13:ba:87:99:4c:e7:e9:80:15:06:44:1e:be:
ef:8f:2a:1b:03:c8:27:e3:7b:fe:58:a3:4e:45:9e:37:88:ed:
36:1f:7c:68:c3:51:49:71:8b:21:c6:fd:db:ff:ce:ba:73:e3:
76:54:2f:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzLEGUcgFckplPj4roUXgxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMTAyMTY0NDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDA0ZTRhNzU2NmNmZDcyZDcyMTM1ZTMzNjhjMjI3NGNjODZkZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwUEcOGZ8QCr9jNLIxCz1/mEvPH5
GGs9pW81EdHFb/o8uqWI0OEEGcotka6z7l/5Mytl1HOQcP0AUbyjtGZpIdiShNHh
nqp3xYAustW9dyHAmxLUi6QeX4kILTTx14Q5VEKiGVXGRKCSfZUZfi7GVwb7oVPC
XeNsG94zHFS/c99ISpMjW1cv/6cexf/6YSBrD8SH2ZEVKNsAGwpJrpMPPbZ68EKH
vAe3lnDcNJzP3lCh7fZ0QhbBL8RFl2rEEc3SBoo/9Ko2bNeRn1bra85r+1XdDxDD
vuaoTgDnBZ5aUbqVyHcvnOzzh1d5VLnNyCNq/SD0B/NmzZJI5Nl7DAYUCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0E5KdWbP1y1yE14zaMInTMht1vMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvSFFUa3AxWnNfWExYSVRYak5vd2lkTXlHM1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUs4AAwQE
Us5AMA0GCSqGSIb3DQEBCwUAA4IBAQA/GO6jqy3bixkZjWX3kuhhkAbhTFdbNcHH
mGojZGsEPXppK6GCfR/gtwTgTZwQAiGh5tZ0EmoYm54BjW5M3LVLbfIeXq6i1BGK
vm1AWodPXlzh0JNegJiV0Y+VLmkibaCxH2oXV7DAWfbOmxPry0PgjgocX+xiK+zK
Wsrt7SNDOxwAGklfbNWUkEUCFn6lWv4EAFHbY9DJpIpvWE0EjA6ITJjQz3QuGRu5
8NqX9RdDOVqXVV84BzjnOZLyDXHZIQci3c4ouDHVR/goaBO6h5lM5+mAFQZEHr7v
jyobA8gn43v+WKNORZ43iO02H3xow1FJcYshxv3b/866c+N2VC8h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org