Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Hhl-tTf3_6hLYinKz0s1MnFOgIg.roa
File: Hhl-tTf3_6hLYinKz0s1MnFOgIg.roa (raw, json)
Hash identifier: lVuMFhlefm77Fg0z2v0zACtUKZsfmjPvuGXN74P3je4=
Subject key identifier: 1E:19:7E:B5:37:F7:FF:A8:4B:62:29:CA:CF:4B:35:32:71:4E:80:88
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 0192773DCDA47B9E5691AD6D0C826A0589C7
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Hhl-tTf3_6hLYinKz0s1MnFOgIg.roa
Signing time: Thu 10 Oct 2024 16:23:11 +0000
ROA not before: Thu 10 Oct 2024 16:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 24
128.0.144.0/24 maxlen: 24
128.0.145.0/24 maxlen: 24
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 23
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 11 Oct 2024 07:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:77:3d:cd:a4:7b:9e:56:91:ad:6d:0c:82:6a:05:89:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Oct 10 16:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e197eb537f7ffa84b6229cacf4b3532714e8088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:e9:b8:b6:d7:c7:41:76:ee:1e:6e:b0:c8:
2d:bf:60:f2:7b:b8:1c:9d:70:a6:00:39:61:72:d3:
94:27:9a:fd:82:82:45:52:32:6d:cd:81:33:6d:87:
61:74:09:2d:53:f0:87:8f:ba:f4:bb:3e:ee:84:e0:
7d:0c:b6:6b:0b:20:3f:a4:d1:f9:47:99:46:11:8f:
ea:99:0c:3b:10:f7:fe:d0:ef:98:61:65:49:06:26:
79:69:d3:05:03:75:e0:c8:c5:02:4d:9b:3e:a6:98:
4a:70:8b:05:07:f5:20:84:f0:c7:5b:df:a7:8d:c1:
b9:a0:bf:0a:21:61:20:c4:1a:37:0a:df:9d:9c:8f:
a2:d6:c8:c7:8c:9e:58:6e:94:ad:0a:00:04:f4:1c:
87:eb:b7:9f:91:79:10:7e:dc:3c:75:cb:6b:a4:cb:
f1:4f:70:ef:c9:c2:fb:a8:fe:c8:c7:2c:b8:45:5e:
a6:fc:11:e5:04:4b:f9:66:c2:e2:85:75:38:33:39:
6e:3a:d5:69:c4:fd:c0:13:90:fe:a1:bb:e6:48:64:
a7:b0:d5:07:9c:38:b9:80:c3:38:a9:74:c0:55:f2:
66:11:d6:a5:2e:fa:38:a0:a3:91:88:f6:ed:69:9e:
23:19:75:1d:fe:f2:a1:20:dd:46:46:eb:61:f7:91:
39:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:19:7E:B5:37:F7:FF:A8:4B:62:29:CA:CF:4B:35:32:71:4E:80:88
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/Hhl-tTf3_6hLYinKz0s1MnFOgIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
cc:a1:34:d8:17:58:16:25:92:75:a3:e7:cd:83:38:c3:89:de:
76:30:05:ea:5e:f1:b2:ad:18:af:35:13:2f:f7:82:94:e4:20:
b8:04:3f:6e:96:95:7b:6f:b0:1a:18:e8:50:c2:68:f9:b4:66:
6a:55:38:f2:17:27:04:8d:9b:e7:1a:a7:1b:51:13:3e:25:43:
b5:6d:89:ad:ff:4b:4e:07:1f:6b:b5:1f:c9:95:59:fc:87:1c:
5d:96:1d:01:8d:45:33:19:d5:1d:18:2b:3b:26:57:bc:24:6d:
43:24:60:03:50:d0:64:75:c9:0a:87:d9:33:64:90:43:dc:dc:
08:f3:b7:5d:51:bb:ea:f7:74:b1:ad:10:d6:0c:e6:0f:2e:1c:
2d:9d:66:31:09:7b:41:bd:90:79:b7:e3:b4:cd:21:ab:ec:90:
5f:56:28:99:0f:ed:43:5e:c7:b6:4d:3c:87:c2:b6:49:65:ca:
dc:f2:af:52:a9:7d:c2:39:9f:5f:54:6a:ec:9e:fb:51:b6:bc:
27:33:82:fc:2f:00:54:89:64:85:6e:1d:f5:e9:ed:cc:b4:19:
36:39:81:93:50:56:5e:a0:80:fd:1f:98:a6:66:85:58:a0:c3:
2b:d6:35:a2:12:22:35:ac:fd:e5:b1:d3:99:8c:83:26:b7:f2:
56:b7:b3:91
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZJ3Pc2ke55Wka1tDIJqBYnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQxMDEwMTYyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE5N2ViNTM3ZjdmZmE4NGI2MjI5Y2FjZjRiMzUzMjcxNGU4MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2fpuLbXx0F27h5usMgtv2Dye7gc
nXCmADlhctOUJ5r9goJFUjJtzYEzbYdhdAktU/CHj7r0uz7uhOB9DLZrCyA/pNH5
R5lGEY/qmQw7EPf+0O+YYWVJBiZ5adMFA3XgyMUCTZs+pphKcIsFB/UghPDHW9+n
jcG5oL8KIWEgxBo3Ct+dnI+i1sjHjJ5YbpStCgAE9ByH67efkXkQftw8dctrpMvx
T3DvycL7qP7Ixyy4RV6m/BHlBEv5ZsLihXU4MzluOtVpxP3AE5D+obvmSGSnsNUH
nDi5gMM4qXTAVfJmEdalLvo4oKORiPbtaZ4jGXUd/vKhIN1GRuth95E52QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFB4ZfrU39/+oS2Ipys9LNTJxToCIMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvSGhsLXRUZjNfNmhMWWluS3owczFNbkZPZ0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzKE02BdYFiWSdaPnzYM4w4nedjAF6l7xsq0YrzUT
L/eClOQguAQ/bpaVe2+wGhjoUMJo+bRmalU48hcnBI2b5xqnG1ETPiVDtW2Jrf9L
Tgcfa7UfyZVZ/IccXZYdAY1FMxnVHRgrOyZXvCRtQyRgA1DQZHXJCofZM2SQQ9zc
CPO3XVG76vd0sa0Q1gzmDy4cLZ1mMQl7Qb2QebfjtM0hq+yQX1YomQ/tQ17Htk08
h8K2SWXK3PKvUql9wjmfX1Rq7J77Uba8JzOC/C8AVIlkhW4d9entzLQZNjmBk1BW
XqCA/R+YpmaFWKDDK9Y1ohIiNaz95bHTmYyDJrfyVrezkQ==
-----END CERTIFICATE-----
Generated at Fri Oct 11 09:41:01 2024 by rpki-client on console-ams.rpki-client.org