Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/HONgbGAj1FlMNTvBPZdASy-Beis.roa
File: HONgbGAj1FlMNTvBPZdASy-Beis.roa (raw, json)
Hash identifier: otqZ2UEmJvMm6Otqe5wCx7ipJNmkrENme6/rilMqjuE=
Subject key identifier: 1C:E3:60:6C:60:23:D4:59:4C:35:3B:C1:3D:97:40:4B:2F:81:7A:2B
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01914A20F60DE1E2A4C7EC4CC7F1DF4AC7FB
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/HONgbGAj1FlMNTvBPZdASy-Beis.roa
Signing time: Tue 13 Aug 2024 05:05:59 +0000
ROA not before: Tue 13 Aug 2024 05:05:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
46.21.29.0/24 maxlen: 24
77.220.64.0/19 maxlen: 19
185.155.184.0/23 maxlen: 24
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
2a02:210::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Aug 2024 14:13:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:20:f6:0d:e1:e2:a4:c7:ec:4c:c7:f1:df:4a:c7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Aug 13 05:05:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ce3606c6023d4594c353bc13d97404b2f817a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bf:0b:16:67:f9:2a:e1:37:5a:6a:15:69:a4:
ee:f9:5e:f9:ec:3c:40:97:6d:24:a3:a9:ea:b7:cd:
f5:fe:e2:12:d7:a1:a6:20:32:61:1b:81:c2:73:40:
64:09:43:f1:a2:d9:a7:81:6a:c2:bc:d8:dd:09:2e:
9b:44:5e:46:f9:07:5c:3b:89:4b:1d:ff:53:eb:65:
7c:c5:56:94:2a:4f:4e:5b:32:bc:e5:4d:75:2f:bf:
08:7c:d6:12:ae:92:d7:08:3d:49:6c:c2:57:4a:14:
2d:83:1c:28:35:dc:8a:6b:35:ab:a8:c6:7d:8e:ec:
e2:e0:4b:06:4f:e7:07:7e:24:cd:9d:bb:03:ef:65:
e9:7e:57:82:68:4d:11:a4:41:c0:e1:10:3d:67:24:
55:df:d1:97:b0:6b:ef:26:bf:2c:54:0a:34:4c:8c:
b5:05:25:35:fc:9e:7d:e1:90:66:6d:93:ef:bc:14:
6b:81:f6:a0:0e:fe:9e:f6:65:41:ee:45:90:a0:8c:
27:23:7c:f7:1f:27:3f:e7:cf:96:97:38:f5:af:83:
a6:87:e2:d2:4f:c1:a7:63:0a:df:b1:23:d0:b2:85:
7b:0e:59:76:2a:d8:99:20:cb:29:c3:0c:b8:0e:7d:
7e:0a:c8:6a:11:df:36:74:f5:1a:98:7d:33:fe:15:
93:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E3:60:6C:60:23:D4:59:4C:35:3B:C1:3D:97:40:4B:2F:81:7A:2B
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/HONgbGAj1FlMNTvBPZdASy-Beis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.29.0/24
77.220.64.0/19
185.155.184.0/23
193.221.216.0/23
193.222.104.0/23
IPv6:
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
68:66:76:22:fd:40:55:4e:51:1b:5d:d2:e3:a1:b1:1e:cd:5e:
e0:41:cd:68:f3:1c:d5:e9:c4:6a:89:84:8a:01:7e:61:2d:38:
4d:e2:a2:12:80:11:77:e3:bc:33:79:eb:e3:69:72:ad:b6:60:
e6:d5:59:68:29:43:dc:2a:f1:23:10:2d:6f:db:f2:14:32:a7:
20:71:be:a8:4b:2e:d8:dc:22:22:60:7d:b6:f2:37:f1:7b:1d:
3c:47:43:aa:93:57:ce:1b:97:1d:49:44:47:1b:f7:8c:98:46:
19:d2:7e:af:9a:aa:2f:af:8a:d8:83:81:43:3b:a2:f9:fa:f8:
ad:5c:c5:5a:6e:c2:d8:af:fe:fc:b8:c5:9b:c0:98:cd:6a:f8:
d8:86:4e:db:6d:4c:07:39:4c:db:67:32:b3:bd:26:af:b3:c8:
11:0e:4c:8a:42:06:00:52:fb:00:45:75:91:3b:03:10:0d:be:
e8:6f:bf:ce:e3:fd:64:d2:0f:88:87:05:c7:61:93:d0:eb:83:
59:38:0b:5a:0d:c4:75:81:fb:aa:80:55:86:29:b8:26:bb:81:
00:31:44:74:0a:0d:2f:f7:ce:c6:95:39:4f:e8:f7:6c:99:50:
29:cf:45:ea:cd:dd:ed:a9:7e:a3:79:c7:17:84:9a:c8:62:30:
1b:60:36:15
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZFKIPYN4eKkx+xMx/HfSsf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwODEzMDUwNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2UzNjA2YzYwMjNkNDU5NGMzNTNiYzEzZDk3NDA0YjJmODE3YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb8LFmf5KuE3WmoVaaTu+V757DxA
l20ko6nqt831/uIS16GmIDJhG4HCc0BkCUPxotmngWrCvNjdCS6bRF5G+QdcO4lL
Hf9T62V8xVaUKk9OWzK85U11L78IfNYSrpLXCD1JbMJXShQtgxwoNdyKazWrqMZ9
juzi4EsGT+cHfiTNnbsD72XpfleCaE0RpEHA4RA9ZyRV39GXsGvvJr8sVAo0TIy1
BSU1/J594ZBmbZPvvBRrgfagDv6e9mVB7kWQoIwnI3z3Hyc/58+Wlzj1r4Omh+LS
T8GnYwrfsSPQsoV7Dll2KtiZIMspwwy4Dn1+CshqEd82dPUamH0z/hWTgQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBzjYGxgI9RZTDU7wT2XQEsvgXorMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvSE9OZ2JHQWoxRmxNTlR2QlBaZEFTeS1CZWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEHywgAwQA
LhUdAwQFTdxAAwQBuZu4AwQBwd3YAwQBwd5oMBQEAgACMA4DBQAqAgIQAwUDKg/o
gDANBgkqhkiG9w0BAQsFAAOCAQEAaGZ2Iv1AVU5RG13S46GxHs1e4EHNaPMc1enE
aomEigF+YS04TeKiEoARd+O8M3nr42lyrbZg5tVZaClD3CrxIxAtb9vyFDKnIHG+
qEsu2NwiImB9tvI38XsdPEdDqpNXzhuXHUlERxv3jJhGGdJ+r5qqL6+K2IOBQzui
+fr4rVzFWm7C2K/+/LjFm8CYzWr42IZO221MBzlM22cys70mr7PIEQ5MikIGAFL7
AEV1kTsDEA2+6G+/zuP9ZNIPiIcFx2GT0OuDWTgLWg3EdYH7qoBVhim4JruBADFE
dAoNL/fOxpU5T+j3bJlQKc9F6s3d7al+o3nHF4SayGIwG2A2FQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:45 2025 by rpki-client