Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hwDR0k7EvQ9DmcV5YTjfz_5j5r8.roa
File: hwDR0k7EvQ9DmcV5YTjfz_5j5r8.roa (raw, json)
Hash identifier: FzkO0UmscOtS+HW9qCkCXTzOfTx8IsI3Y9uyNskbxRQ=
Subject key identifier: 87:00:D1:D2:4E:C4:BD:0F:43:99:C5:79:61:38:DF:CF:FE:63:E6:BF
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018E62E7D8B34A49BA71C6EB18AE26C743FA
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hwDR0k7EvQ9DmcV5YTjfz_5j5r8.roa
Signing time: Thu 21 Mar 2024 21:25:45 +0000
ROA not before: Thu 21 Mar 2024 21:25:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12325
IP address blocks: 89.46.128.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
128.0.1.0/24 maxlen: 24
185.18.224.0/23 maxlen: 24
188.208.110.0/24 maxlen: 24
188.215.40.0/22 maxlen: 24
188.240.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 07:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:e7:d8:b3:4a:49:ba:71:c6:eb:18:ae:26:c7:43:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 21 21:25:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8700d1d24ec4bd0f4399c5796138dfcffe63e6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:83:20:d8:67:bd:17:10:9b:3a:15:7d:1a:
ea:ad:80:a6:0b:39:68:61:d4:58:4c:ca:93:3d:59:
f3:d4:3a:1e:46:ca:a6:ad:69:b1:37:a4:dc:71:a1:
56:ec:3e:1b:6d:10:d9:8b:b2:9e:0d:79:45:2c:4a:
26:d4:ad:87:da:8c:db:18:88:19:bc:5d:aa:88:f8:
a5:ad:37:af:d7:73:5a:02:b9:32:db:47:e5:b6:9f:
f9:66:87:af:26:b1:87:9a:8b:41:7e:46:c0:a9:62:
eb:5a:33:bf:a0:64:ae:4d:57:05:3e:7d:d6:47:b9:
1a:7a:15:81:4d:f3:e4:8f:da:75:bb:77:43:bc:f7:
0c:f7:c7:cc:28:25:38:6a:43:9f:dd:3c:94:ea:2e:
39:4e:f1:30:3e:81:e4:91:95:f5:e6:3d:b8:13:fa:
e7:5d:de:c6:c8:d0:55:92:ff:a8:dc:e1:39:c7:fe:
f0:50:1f:c8:f1:b9:19:83:c8:d8:4b:2b:e7:d2:b8:
3a:03:32:68:e8:c3:fe:7a:8e:c5:f3:96:87:4a:06:
68:0d:6b:eb:51:4b:e1:f3:5c:52:80:bf:75:91:45:
4c:dc:a1:31:4d:aa:ca:f8:22:89:1e:81:d3:8c:21:
04:6e:87:7b:44:ab:8d:af:d2:43:ce:d6:1e:b4:86:
0d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:00:D1:D2:4E:C4:BD:0F:43:99:C5:79:61:38:DF:CF:FE:63:E6:BF
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/hwDR0k7EvQ9DmcV5YTjfz_5j5r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.128.0/22
89.46.232.0/21
128.0.1.0/24
185.18.224.0/23
188.208.110.0/24
188.215.40.0/22
188.240.81.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e1:a0:90:f1:c5:d7:ed:4e:46:e7:1a:b1:26:cd:91:27:b9:
90:76:6e:f6:c2:ab:99:1f:8c:d5:06:c2:4f:96:9b:2a:3c:42:
45:79:ae:44:5c:5b:15:48:8d:b6:41:60:77:ed:d2:ce:2e:c6:
24:0e:39:7e:88:54:91:a9:f1:45:26:15:ce:a8:55:86:1c:b6:
eb:06:c8:86:e8:35:ef:61:a5:53:f5:6b:13:57:fd:04:ac:ad:
df:6b:b4:be:23:ce:12:10:27:79:d6:7b:1f:2b:fe:3a:62:83:
11:bc:08:9d:55:44:1d:fe:3c:6b:b0:f6:d1:e9:20:d4:e5:fa:
ca:24:b2:5b:1e:9b:c9:f7:18:ce:ae:a8:ba:f2:b5:23:49:23:
12:ce:fa:bd:93:d4:d7:fe:59:77:e2:4a:ee:39:b8:f0:e9:45:
f5:df:c6:d3:aa:3f:66:70:9c:d1:39:e3:56:67:b7:a6:9f:36:
eb:7d:d7:24:c8:d3:07:cf:2b:9d:cd:34:63:26:47:02:27:14:
e4:f8:fc:e9:3d:f5:21:07:62:93:77:fd:45:01:0e:41:0c:db:
e7:15:74:49:9c:e5:3c:be:79:3b:3f:5a:f8:aa:8b:fc:dd:a1:
13:cc:43:cb:57:05:80:6b:4e:9a:e1:66:6b:57:d0:2b:14:83:
87:56:dc:a4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY5i59izSkm6ccbrGK4mx0P6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMzIxMjEyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAwZDFkMjRlYzRiZDBmNDM5OWM1Nzk2MTM4ZGZjZmZlNjNlNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixCDINhnvRcQmzoVfRrqrYCmCzlo
YdRYTMqTPVnz1DoeRsqmrWmxN6TccaFW7D4bbRDZi7KeDXlFLEom1K2H2ozbGIgZ
vF2qiPilrTev13NaArky20fltp/5ZoevJrGHmotBfkbAqWLrWjO/oGSuTVcFPn3W
R7kaehWBTfPkj9p1u3dDvPcM98fMKCU4akOf3TyU6i45TvEwPoHkkZX15j24E/rn
Xd7GyNBVkv+o3OE5x/7wUB/I8bkZg8jYSyvn0rg6AzJo6MP+eo7F85aHSgZoDWvr
UUvh81xSgL91kUVM3KExTarK+CKJHoHTjCEEbod7RKuNr9JDztYetIYNKwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIcA0dJOxL0PQ5nFeWE438/+Y+a/MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2h3RFIwazdFdlE5RG1jVjVZVGpmel81ajVyOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAJZLoAD
BANZLugDBACAAAEDBAG5EuADBAC80G4DBAK81ygDBAC88FEwDQYJKoZIhvcNAQEL
BQADggEBAE7hoJDxxdftTkbnGrEmzZEnuZB2bvbCq5kfjNUGwk+Wmyo8QkV5rkRc
WxVIjbZBYHft0s4uxiQOOX6IVJGp8UUmFc6oVYYctusGyIboNe9hpVP1axNX/QSs
rd9rtL4jzhIQJ3nWex8r/jpigxG8CJ1VRB3+PGuw9tHpINTl+sokslsem8n3GM6u
qLrytSNJIxLO+r2T1Nf+WXfiSu45uPDpRfXfxtOqP2ZwnNE541Znt6afNut91yTI
0wfPK53NNGMmRwInFOT4/Ok99SEHYpN3/UUBDkEM2+cVdEmc5Ty+eTs/Wviqi/zd
oRPMQ8tXBYBrTprhZmtX0CsUg4dW3KQ=
-----END CERTIFICATE-----
Generated at Fri Mar 22 10:08:29 2024 by rpki-client on console-fra.rpki-client.org