Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/62afbb-b8f8-4b12-9193-1c5107cab353/1/hhkDqbuuVSwre1F0s-728XtuHww.roa
File: hhkDqbuuVSwre1F0s-728XtuHww.roa (raw, json)
Hash identifier: +d91U7AqJKBRbOxE3CCR2UvS/qqd5n0NXSWwZT/VzeU=
Subject key identifier: 86:19:03:A9:BB:AE:55:2C:2B:7B:51:74:B3:EE:F6:F1:7B:6E:1F:0C
Certificate issuer: /CN=1a7cafde3135a26bdd4179029eebf7414e9643af
Certificate serial: 018F10EEAE031DADD163CF4435D7557256A3
Authority key identifier: 1A:7C:AF:DE:31:35:A2:6B:DD:41:79:02:9E:EB:F7:41:4E:96:43:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gnyv3jE1omvdQXkCnuv3QU6WQ68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/62afbb-b8f8-4b12-9193-1c5107cab353/1/hhkDqbuuVSwre1F0s-728XtuHww.roa
Signing time: Wed 24 Apr 2024 16:27:08 +0000
ROA not before: Wed 24 Apr 2024 16:27:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50864
IP address blocks: 91.220.235.0/24 maxlen: 24
195.162.88.0/22 maxlen: 22
195.162.88.0/24 maxlen: 24
195.162.89.0/24 maxlen: 24
195.162.90.0/24 maxlen: 24
195.162.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:ee:ae:03:1d:ad:d1:63:cf:44:35:d7:55:72:56:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7cafde3135a26bdd4179029eebf7414e9643af
Validity
Not Before: Apr 24 16:27:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=861903a9bbae552c2b7b5174b3eef6f17b6e1f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b1:53:28:da:f8:12:b3:65:48:b0:03:07:3a:
69:ef:cd:2f:ff:cb:06:6e:4c:f9:5f:66:fe:52:3d:
7f:80:12:34:54:ee:3f:df:20:8e:1a:00:09:e1:47:
62:b2:c8:a5:0e:f5:48:3a:c5:fd:b7:9f:ab:b2:29:
ce:4f:a2:68:cf:94:42:17:f9:f7:d7:2d:b0:b0:a4:
36:f9:ca:45:e8:a4:14:5d:ef:36:ec:4e:76:ad:23:
af:01:28:6f:70:4f:cc:d9:48:5e:f8:8f:dc:69:39:
b7:a7:d1:b7:c9:1e:5a:e1:c5:9b:d9:ec:39:e4:16:
41:da:05:88:03:29:96:c8:40:7c:08:23:95:70:f7:
3e:ff:76:d8:83:ae:76:45:8b:21:dc:9e:a4:b2:0b:
95:1c:b5:ca:17:9f:f3:e9:17:c7:44:90:cb:e7:6d:
9b:da:59:0b:94:26:41:ae:75:6e:9a:d0:8e:1b:12:
63:9c:fa:44:de:81:01:8d:ab:7e:30:e2:2c:d2:0f:
c8:b7:ad:a0:d1:b0:57:17:cd:01:06:0b:32:9d:e5:
2f:e2:f2:c2:31:f7:dc:e0:2d:39:39:90:ad:d6:04:
d8:c7:75:de:41:7f:06:46:72:29:73:62:9a:d4:9b:
9d:71:19:8f:d3:4d:25:c3:4c:5d:4e:e4:9c:4c:ae:
12:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:19:03:A9:BB:AE:55:2C:2B:7B:51:74:B3:EE:F6:F1:7B:6E:1F:0C
X509v3 Authority Key Identifier:
keyid:1A:7C:AF:DE:31:35:A2:6B:DD:41:79:02:9E:EB:F7:41:4E:96:43:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gnyv3jE1omvdQXkCnuv3QU6WQ68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/62afbb-b8f8-4b12-9193-1c5107cab353/1/hhkDqbuuVSwre1F0s-728XtuHww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/62afbb-b8f8-4b12-9193-1c5107cab353/1/Gnyv3jE1omvdQXkCnuv3QU6WQ68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.235.0/24
195.162.88.0/22
Signature Algorithm: sha256WithRSAEncryption
37:b0:42:04:b5:51:de:6c:e0:73:6d:90:0c:97:ea:2d:bf:c8:
7c:5b:57:3d:20:f2:22:87:0c:c0:c7:8e:26:c4:ec:93:7b:e8:
57:be:46:0e:e4:65:5d:c2:7c:d8:d4:d9:38:16:6d:dc:a9:af:
61:0b:3e:b4:9c:58:31:bf:10:7e:5b:ad:cd:2b:11:b1:aa:d9:
b7:57:07:7f:3f:ce:f4:ef:bc:fb:f3:5b:3e:b1:d3:f3:cb:e5:
8b:51:e3:ae:26:6a:f8:8b:5c:92:8c:5f:b6:0f:f9:33:66:1f:
1c:eb:c4:b7:c6:a1:55:af:dd:0e:ba:3c:bc:f4:09:ad:19:08:
8d:9d:29:b0:69:00:02:f5:8e:8c:70:8a:58:b2:52:30:00:4b:
7a:26:f1:fe:db:09:7a:88:7c:02:7e:99:f1:10:17:20:bd:78:
55:17:47:5e:f6:fb:ee:9f:eb:a9:ff:b3:5b:a5:3b:a0:c6:de:
c9:83:1a:68:38:1d:27:91:f1:dc:49:b0:8d:a6:69:1a:06:f6:
a4:0f:05:64:cb:88:1a:1f:f8:07:2e:56:6e:65:30:ed:6d:99:
51:88:cf:44:3d:66:61:b7:87:13:a4:7f:02:d2:57:ec:f5:09:
a2:22:05:19:4e:62:37:d5:0b:7f:5a:e8:a5:8e:45:82:bd:ac:
da:57:7a:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8Q7q4DHa3RY89ENddVclajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2NhZmRlMzEzNWEyNmJkZDQxNzkwMjllZWJmNzQxNGU5
NjQzYWYwHhcNMjQwNDI0MTYyNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE5MDNhOWJiYWU1NTJjMmI3YjUxNzRiM2VlZjZmMTdiNmUxZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrFTKNr4ErNlSLADBzpp780v/8sG
bkz5X2b+Uj1/gBI0VO4/3yCOGgAJ4UdissilDvVIOsX9t5+rsinOT6Joz5RCF/n3
1y2wsKQ2+cpF6KQUXe827E52rSOvAShvcE/M2Uhe+I/caTm3p9G3yR5a4cWb2ew5
5BZB2gWIAymWyEB8CCOVcPc+/3bYg652RYsh3J6ksguVHLXKF5/z6RfHRJDL522b
2lkLlCZBrnVumtCOGxJjnPpE3oEBjat+MOIs0g/It62g0bBXF80BBgsyneUv4vLC
Mffc4C05OZCt1gTYx3XeQX8GRnIpc2Ka1JudcRmP000lw0xdTuScTK4SewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYZA6m7rlUsK3tRdLPu9vF7bh8MMB8GA1UdIwQY
MBaAFBp8r94xNaJr3UF5Ap7r90FOlkOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR255djNqRTFvbXZkUVhrQ251djNRVTZXUTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82MmFmYmItYjhmOC00YjEyLTkxOTMt
MWM1MTA3Y2FiMzUzLzEvaGhrRHFidXVWU3dyZTFGMHMtNzI4WHR1SHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82MmFmYmItYjhmOC00YjEyLTkxOTMtMWM1MTA3Y2FiMzUz
LzEvR255djNqRTFvbXZkUVhrQ251djNRVTZXUTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9zrAwQC
w6JYMA0GCSqGSIb3DQEBCwUAA4IBAQA3sEIEtVHebOBzbZAMl+otv8h8W1c9IPIi
hwzAx44mxOyTe+hXvkYO5GVdwnzY1Nk4Fm3cqa9hCz60nFgxvxB+W63NKxGxqtm3
Vwd/P87077z781s+sdPzy+WLUeOuJmr4i1ySjF+2D/kzZh8c68S3xqFVr90Oujy8
9AmtGQiNnSmwaQAC9Y6McIpYslIwAEt6JvH+2wl6iHwCfpnxEBcgvXhVF0de9vvu
n+up/7NbpTugxt7JgxpoOB0nkfHcSbCNpmkaBvakDwVky4gaH/gHLlZuZTDtbZlR
iM9EPWZht4cTpH8C0lfs9QmiIgUZTmI31Qt/WuiljkWCvazaV3qm
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:44:33 2025 by rpki-client