Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/HJGCHYAOXmcDlNEXyYuUWw2JRB4.roa
File: HJGCHYAOXmcDlNEXyYuUWw2JRB4.roa (raw, json)
Hash identifier: 80Onn9nAZVrQB3YB6Wmb4vx79f7CdChC+0E7Z5pzwDs=
Subject key identifier: 1C:91:82:1D:80:0E:5E:67:03:94:D1:17:C9:8B:94:5B:0D:89:44:1E
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018DD5682490A27E0BE9385FCC1D380A97DE
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/HJGCHYAOXmcDlNEXyYuUWw2JRB4.roa
Signing time: Fri 23 Feb 2024 09:59:48 +0000
ROA not before: Fri 23 Feb 2024 09:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 77.246.222.0/24 maxlen: 24
88.80.134.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 07:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:68:24:90:a2:7e:0b:e9:38:5f:cc:1d:38:0a:97:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Feb 23 09:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c91821d800e5e670394d117c98b945b0d89441e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:79:66:22:72:4a:7a:45:ab:1c:b9:40:96:
ae:31:db:a9:e3:8d:e4:d0:58:9c:ad:92:cb:de:21:
6d:57:6f:3e:94:cb:72:45:e8:2e:f9:62:84:c6:b6:
dd:11:28:8f:a0:57:51:61:d6:77:b6:ba:32:a2:21:
ba:5a:ad:49:4a:66:3d:60:8b:da:52:07:87:f7:6a:
6a:aa:ca:ad:a3:a9:c1:6b:2d:65:05:a4:62:73:eb:
14:73:10:22:11:a0:0c:59:66:32:31:10:77:cd:3b:
72:12:09:d4:40:61:49:3d:9e:f7:ed:c1:85:7b:35:
38:17:f2:ce:b2:4b:c7:e2:54:d8:2a:37:83:22:96:
9d:9a:81:00:40:d9:bc:d3:e5:77:fe:ad:a7:28:d1:
ff:f0:36:ed:1a:0b:e4:87:5c:ad:f8:30:ff:53:a3:
de:78:17:90:ad:dd:0a:36:68:f4:80:17:51:67:c1:
00:46:b1:ba:4a:70:2f:30:f8:69:5c:bf:bb:b6:cc:
c9:9c:01:09:af:b2:40:8c:29:95:40:e2:a2:fe:41:
1c:a0:21:79:a7:0d:eb:80:87:54:27:67:30:66:9b:
a6:b4:10:2a:43:79:ba:06:af:1b:28:89:a6:60:02:
bc:72:ec:a5:d7:3e:e8:cf:43:4c:3f:a1:8a:41:ab:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:91:82:1D:80:0E:5E:67:03:94:D1:17:C9:8B:94:5B:0D:89:44:1E
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/HJGCHYAOXmcDlNEXyYuUWw2JRB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.222.0/24
88.80.134.0/23
Signature Algorithm: sha256WithRSAEncryption
55:12:4e:a4:e5:de:b4:25:c8:68:4f:6f:5c:da:03:cb:98:dd:
7b:73:f0:94:1a:4c:1e:a1:7c:59:83:b1:a8:99:34:5c:ce:96:
3c:c8:11:7a:57:63:ee:92:a1:63:4d:74:88:68:53:f5:83:a8:
9f:98:e8:8e:06:3c:65:41:63:7d:d4:dc:66:71:b4:e2:b9:cb:
17:d0:67:af:94:df:1d:9f:f8:69:80:5d:9e:ab:ff:41:f1:39:
ac:6d:d5:06:dd:0e:20:16:ee:60:5d:97:3d:a1:c3:e9:f2:a8:
4a:79:cf:d9:55:22:1b:e7:ad:6e:a9:08:96:ef:36:4d:c0:52:
6d:89:5e:f2:58:a3:a6:73:69:9c:cb:b8:81:9a:51:25:44:67:
1b:4c:53:7b:75:cf:d4:70:43:a4:83:62:ff:89:31:d4:4b:c2:
68:19:d0:d6:10:1b:dc:b1:32:20:67:2d:57:9b:57:57:6f:bb:
a8:25:81:f3:26:08:88:12:53:86:72:22:21:d6:e6:6f:df:dc:
3e:ee:a6:e8:2d:0e:dc:0f:17:68:dc:58:1e:25:8b:94:dd:99:
c0:a1:e2:61:1a:f4:ec:f1:3e:07:1a:7b:c5:f8:aa:ad:46:d8:
2f:fc:91:de:d6:a5:40:66:79:36:37:51:08:e2:08:45:a9:40:
80:5e:c1:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3VaCSQon4L6ThfzB04CpfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMjIzMDk1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzkxODIxZDgwMGU1ZTY3MDM5NGQxMTdjOThiOTQ1YjBkODk0NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8p5ZiJySnpFqxy5QJauMdup443k
0FicrZLL3iFtV28+lMtyRegu+WKExrbdESiPoFdRYdZ3troyoiG6Wq1JSmY9YIva
UgeH92pqqsqto6nBay1lBaRic+sUcxAiEaAMWWYyMRB3zTtyEgnUQGFJPZ737cGF
ezU4F/LOskvH4lTYKjeDIpadmoEAQNm80+V3/q2nKNH/8DbtGgvkh1yt+DD/U6Pe
eBeQrd0KNmj0gBdRZ8EARrG6SnAvMPhpXL+7tszJnAEJr7JAjCmVQOKi/kEcoCF5
pw3rgIdUJ2cwZpumtBAqQ3m6Bq8bKImmYAK8cuyl1z7oz0NMP6GKQatYJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFByRgh2ADl5nA5TRF8mLlFsNiUQeMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvSEpHQ0hZQU9YbWNEbE5FWHlZdVVXdzJKUkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbeAwQB
WFCGMA0GCSqGSIb3DQEBCwUAA4IBAQBVEk6k5d60JchoT29c2gPLmN17c/CUGkwe
oXxZg7GomTRczpY8yBF6V2PukqFjTXSIaFP1g6ifmOiOBjxlQWN91NxmcbTiucsX
0GevlN8dn/hpgF2eq/9B8TmsbdUG3Q4gFu5gXZc9ocPp8qhKec/ZVSIb561uqQiW
7zZNwFJtiV7yWKOmc2mcy7iBmlElRGcbTFN7dc/UcEOkg2L/iTHUS8JoGdDWEBvc
sTIgZy1Xm1dXb7uoJYHzJgiIElOGciIh1uZv39w+7qboLQ7cDxdo3FgeJYuU3ZnA
oeJhGvTs8T4HGnvF+KqtRtgv/JHe1qVAZnk2N1EI4ghFqUCAXsFK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org