Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/HrbimVxpIwHA2F0n3GabqoFA8bQ.roa
File: HrbimVxpIwHA2F0n3GabqoFA8bQ.roa (raw, json)
Hash identifier: /R1gF3cowz0CeH17n9N04uqgBUGXqtl+7RRC3EhWgYk=
Subject key identifier: 1E:B6:E2:99:5C:69:23:01:C0:D8:5D:27:DC:66:9B:AA:81:40:F1:B4
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 019097B22A85EAEE4A4B9FF713C006D1822C
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/HrbimVxpIwHA2F0n3GabqoFA8bQ.roa
Signing time: Tue 09 Jul 2024 13:32:34 +0000
ROA not before: Tue 09 Jul 2024 13:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 195.24.232.0/24 maxlen: 24
2a12:2500::/32 maxlen: 32
2a12:2501::/32 maxlen: 32
2a12:2502::/32 maxlen: 32
2a12:2503::/32 maxlen: 32
2a12:2504::/32 maxlen: 32
2a12:2505::/32 maxlen: 32
2a12:2506::/32 maxlen: 32
2a12:2507::/32 maxlen: 32
2a12:2700::/32 maxlen: 32
2a12:2701::/32 maxlen: 32
2a12:2702::/32 maxlen: 32
2a12:2703::/32 maxlen: 32
2a12:2704::/32 maxlen: 32
2a12:2705::/32 maxlen: 32
2a12:2706::/32 maxlen: 32
2a12:2707::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Aug 2024 00:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:b2:2a:85:ea:ee:4a:4b:9f:f7:13:c0:06:d1:82:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jul 9 13:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eb6e2995c692301c0d85d27dc669baa8140f1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b7:a5:ca:a4:19:c5:1a:be:df:5d:c2:23:af:
26:7b:55:48:93:7e:1a:4e:b9:d0:dc:ce:19:87:78:
c2:6c:ed:d4:51:57:ee:bc:8b:1b:17:81:19:65:bc:
dd:ad:ef:0f:d8:59:07:27:8c:22:fd:14:3a:57:13:
9b:d4:1a:fa:ba:0f:6a:8a:58:a8:03:7f:78:78:2f:
3a:12:4d:4c:ff:8b:8b:29:d8:a0:be:9e:21:78:dc:
ee:25:64:01:a2:f8:cd:36:b6:c3:e8:ea:13:4f:c7:
42:83:80:7e:45:ae:9e:27:c3:09:8b:45:c5:86:ca:
8e:6f:6f:b2:38:da:66:9e:7f:5a:74:e3:45:b2:01:
bb:ec:1d:ae:f8:96:9a:e1:98:9f:36:cb:3c:57:39:
24:65:24:a7:87:a8:0c:58:01:80:83:37:c1:5f:d2:
04:db:c6:5f:8a:b0:c0:2a:05:5d:46:12:51:56:9e:
39:ac:ae:97:e4:98:0b:77:bb:09:ad:6e:ab:41:8c:
79:9e:89:0a:72:65:97:64:ea:87:36:8e:92:38:7a:
3c:a1:5b:27:98:b1:81:1b:17:7a:72:1d:6c:f9:e7:
e4:ac:6c:83:d0:a5:de:28:27:d9:10:25:b1:f8:09:
e2:aa:26:b6:ae:b7:aa:ed:ba:a9:c6:e2:0f:57:2b:
a9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B6:E2:99:5C:69:23:01:C0:D8:5D:27:DC:66:9B:AA:81:40:F1:B4
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/HrbimVxpIwHA2F0n3GabqoFA8bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.232.0/24
IPv6:
2a12:2500::/29
2a12:2700::/29
Signature Algorithm: sha256WithRSAEncryption
32:21:f8:92:49:57:69:5d:e4:53:ad:e7:ce:8f:1c:73:ca:d6:
8c:99:fd:aa:21:d3:e4:e8:01:04:4c:b3:30:42:d4:c0:6f:43:
de:4b:1d:e8:9e:b3:9d:c1:f3:f8:f1:c2:7c:1b:ac:eb:7c:65:
a8:df:4b:ad:05:84:b3:d1:d3:8a:f3:44:ca:37:d6:dd:77:b8:
39:0c:f0:38:48:4d:88:f4:77:0d:32:ba:bc:3e:1e:2e:c0:58:
91:42:e6:e8:72:61:d9:71:2f:ec:ce:32:50:4a:ef:eb:f4:a5:
87:dd:7f:92:78:a3:89:bb:e6:ac:5e:57:09:e5:9d:7d:8e:f3:
c8:0d:ae:d5:4a:3b:68:7b:2c:d2:b3:a3:07:f9:0c:d7:59:45:
47:58:58:6d:fb:94:58:db:d0:0f:1e:83:53:16:ec:48:e7:9e:
92:cf:87:33:a0:02:ae:80:44:ae:15:56:0b:c7:22:78:cd:ac:
0b:21:f1:68:b2:63:81:33:84:1b:e4:63:c1:f6:7a:a2:d5:1b:
a5:45:39:fd:8b:71:ec:d4:bd:63:a3:de:ba:53:1e:2d:60:b7:
41:52:87:a0:2b:2d:27:e4:8b:a3:f7:f0:ad:ba:90:97:6a:28:
c7:6d:50:80:9e:ce:9c:dd:ff:ea:b5:74:f6:d1:01:16:7e:20:
ac:44:97:ae
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZCXsiqF6u5KS5/3E8AG0YIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwNzA5MTMzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWI2ZTI5OTVjNjkyMzAxYzBkODVkMjdkYzY2OWJhYTgxNDBmMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17elyqQZxRq+313CI68me1VIk34a
TrnQ3M4Zh3jCbO3UUVfuvIsbF4EZZbzdre8P2FkHJ4wi/RQ6VxOb1Br6ug9qilio
A394eC86Ek1M/4uLKdigvp4heNzuJWQBovjNNrbD6OoTT8dCg4B+Ra6eJ8MJi0XF
hsqOb2+yONpmnn9adONFsgG77B2u+Jaa4ZifNss8VzkkZSSnh6gMWAGAgzfBX9IE
28ZfirDAKgVdRhJRVp45rK6X5JgLd7sJrW6rQYx5nokKcmWXZOqHNo6SOHo8oVsn
mLGBGxd6ch1s+efkrGyD0KXeKCfZECWx+Aniqia2rreq7bqpxuIPVyupMQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB624plcaSMBwNhdJ9xmm6qBQPG0MB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvSHJiaW1WeHBJd0hBMkYwbjNHYWJxb0ZBOGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwxjoMBQE
AgACMA4DBQMqEiUAAwUDKhInADANBgkqhkiG9w0BAQsFAAOCAQEAMiH4kklXaV3k
U63nzo8cc8rWjJn9qiHT5OgBBEyzMELUwG9D3ksd6J6zncHz+PHCfBus63xlqN9L
rQWEs9HTivNEyjfW3Xe4OQzwOEhNiPR3DTK6vD4eLsBYkULm6HJh2XEv7M4yUErv
6/Slh91/knijibvmrF5XCeWdfY7zyA2u1Uo7aHss0rOjB/kM11lFR1hYbfuUWNvQ
Dx6DUxbsSOeeks+HM6ACroBErhVWC8cieM2sCyHxaLJjgTOEG+RjwfZ6otUbpUU5
/Ytx7NS9Y6PeulMeLWC3QVKHoCstJ+SLo/fwrbqQl2oox21QgJ7OnN3/6rV09tEB
Fn4grESXrg==
Generated at Thu Aug 29 04:21:01 2024 by rpki-client on console-ams.rpki-client.org