Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/HynENNbBXAN7cnh973vfUwdRN3Y.roa
File: HynENNbBXAN7cnh973vfUwdRN3Y.roa (raw, json)
Hash identifier: kdvlCuJPqTUKX3TOFDZqKmq6grmAO909xcke4MKCcvY=
Subject key identifier: 1F:29:C4:34:D6:C1:5C:03:7B:72:78:7D:EF:7B:DF:53:07:51:37:76
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 018BBD75840D9258B5D2B6A658CD8AE99EC2
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/HynENNbBXAN7cnh973vfUwdRN3Y.roa
Signing time: Sat 11 Nov 2023 08:17:57 +0000
ROA not before: Sat 11 Nov 2023 08:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44922
IP address blocks: 93.89.16.0/24 maxlen: 24
93.89.17.0/24 maxlen: 24
93.89.21.0/24 maxlen: 24
93.89.22.0/24 maxlen: 24
93.89.20.0/24 maxlen: 24
93.89.18.0/24 maxlen: 24
93.89.19.0/24 maxlen: 24
93.89.25.0/24 maxlen: 24
93.89.26.0/24 maxlen: 24
93.89.28.0/24 maxlen: 24
93.89.29.0/24 maxlen: 24
93.89.27.0/24 maxlen: 24
93.89.30.0/24 maxlen: 24
93.89.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 22:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:75:84:0d:92:58:b5:d2:b6:a6:58:cd:8a:e9:9e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Nov 11 08:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f29c434d6c15c037b72787def7bdf5307513776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:ed:51:12:69:95:93:c3:50:83:59:7c:c1:
fa:e2:c4:4e:a7:21:b9:7e:fe:58:61:9d:c1:1b:92:
52:66:e2:6b:47:b1:34:d5:dd:c3:44:a0:9c:b7:ed:
1a:ad:34:50:8c:46:ee:f4:68:09:81:7e:33:5c:8b:
44:8b:ca:a8:4a:b1:29:7d:04:01:e9:c4:11:cc:a4:
48:4f:37:19:58:bc:f4:68:e6:86:a9:3b:5c:c9:e0:
46:0f:18:46:0c:9f:a0:b1:ac:62:d9:fa:1c:05:e9:
5c:c0:46:99:ae:bc:fa:ef:6f:24:05:85:b2:58:44:
a3:b0:ee:db:ac:6a:ab:c9:7d:c0:1c:44:22:ac:20:
8e:f7:8d:52:cc:a2:9f:f5:88:0f:4d:19:12:d0:05:
62:49:2c:67:da:0c:c5:fa:af:33:a6:ca:aa:38:7a:
1a:c7:a6:cf:0c:03:e4:e9:c7:bd:ae:02:8b:f5:76:
fb:22:7f:4e:7d:22:7e:3b:19:fd:b9:d8:e6:5d:40:
b0:bb:f7:d8:9c:8f:54:49:5d:fd:a3:36:bd:86:bf:
6b:eb:c9:53:bb:9b:e6:5d:33:a3:fe:7a:eb:da:fa:
7d:82:43:d0:7e:ea:fc:3c:3f:7d:22:b8:56:88:75:
62:6c:1c:9f:0a:09:89:88:0e:1a:c8:70:78:c4:c3:
ff:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:29:C4:34:D6:C1:5C:03:7B:72:78:7D:EF:7B:DF:53:07:51:37:76
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/HynENNbBXAN7cnh973vfUwdRN3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.16.0-93.89.22.255
93.89.25.0-93.89.31.255
Signature Algorithm: sha256WithRSAEncryption
72:70:c6:2f:93:c9:f6:2f:fd:b0:a4:0c:18:90:8c:5b:34:9a:
10:b1:ac:0c:29:bc:0f:db:46:43:91:2f:9d:44:4d:73:a2:8a:
91:59:ad:27:8f:8e:ba:f9:48:38:89:d4:9d:ed:f6:45:b2:af:
6d:c2:64:0e:e5:8c:cc:9f:35:7c:7d:a8:34:a3:34:79:08:bf:
7b:db:ba:ea:d8:17:e5:48:96:e8:db:1a:41:77:0d:a3:ba:b4:
8a:28:85:74:85:cd:ac:8b:88:da:5e:c0:89:c3:b7:26:ae:f1:
90:de:8c:de:03:e9:cf:9a:59:13:84:64:0d:b7:9c:2c:62:bd:
63:6a:44:ad:4a:b0:31:c1:df:5d:2e:4f:c1:0d:9e:51:6c:59:
e6:0c:68:37:bf:1b:42:60:51:b8:b1:01:65:b7:5f:12:00:9c:
83:af:c7:89:b5:20:dd:88:f6:0e:a8:9b:85:46:7e:bf:bd:42:
c0:fa:c9:0e:87:42:0b:20:77:b0:dc:49:65:4e:c5:1a:d7:7b:
7c:57:e5:62:a6:2a:8f:a5:c7:44:d8:38:05:b3:12:41:ff:0d:
ab:b0:cf:a0:85:98:e7:84:22:57:10:01:74:7e:79:37:7c:8e:
07:38:91:75:f1:74:77:a6:cf:62:ee:3f:d0:44:ac:63:28:93:
b9:6f:8f:0b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYu9dYQNkli10ramWM2K6Z7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMxMTExMDgxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI5YzQzNGQ2YzE1YzAzN2I3Mjc4N2RlZjdiZGY1MzA3NTEzNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYXtURJplZPDUINZfMH64sROpyG5
fv5YYZ3BG5JSZuJrR7E01d3DRKCct+0arTRQjEbu9GgJgX4zXItEi8qoSrEpfQQB
6cQRzKRITzcZWLz0aOaGqTtcyeBGDxhGDJ+gsaxi2focBelcwEaZrrz6728kBYWy
WESjsO7brGqryX3AHEQirCCO941SzKKf9YgPTRkS0AViSSxn2gzF+q8zpsqqOHoa
x6bPDAPk6ce9rgKL9Xb7In9OfSJ+Oxn9udjmXUCwu/fYnI9USV39oza9hr9r68lT
u5vmXTOj/nrr2vp9gkPQfur8PD99IrhWiHVibByfCgmJiA4ayHB4xMP/zQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB8pxDTWwVwDe3J4fe9731MHUTd2MB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvSHluRU5OYkJYQU43Y25oOTczdmZVd2RSTjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBARdWRAD
BABdWRYwDAMEAF1ZGQMEBV1ZADANBgkqhkiG9w0BAQsFAAOCAQEAcnDGL5PJ9i/9
sKQMGJCMWzSaELGsDCm8D9tGQ5EvnURNc6KKkVmtJ4+OuvlIOInUne32RbKvbcJk
DuWMzJ81fH2oNKM0eQi/e9u66tgX5UiW6NsaQXcNo7q0iiiFdIXNrIuI2l7AicO3
Jq7xkN6M3gPpz5pZE4RkDbecLGK9Y2pErUqwMcHfXS5PwQ2eUWxZ5gxoN78bQmBR
uLEBZbdfEgCcg6/HibUg3Yj2DqibhUZ+v71CwPrJDodCCyB3sNxJZU7FGtd7fFfl
YqYqj6XHRNg4BbMSQf8Nq7DPoIWY54QiVxABdH55N3yOBziRdfF0d6bPYu4/0ESs
YyiTuW+PCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org