Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Hqy0yzNB7Os0O9WLxYfGZNFTQ7A.roa
File: Hqy0yzNB7Os0O9WLxYfGZNFTQ7A.roa (raw, json)
Hash identifier: 3PKheICfxdMmH0c1VuhazlpGadKLlabGTo8dtvGxWVQ=
Subject key identifier: 1E:AC:B4:CB:33:41:EC:EB:34:3B:D5:8B:C5:87:C6:64:D1:53:43:B0
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018986FA6F473F4111C847470A17A06B26E7
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Hqy0yzNB7Os0O9WLxYfGZNFTQ7A.roa
Signing time: Mon 24 Jul 2023 08:18:26 +0000
ROA not before: Mon 24 Jul 2023 08:18:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 13:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:fa:6f:47:3f:41:11:c8:47:47:0a:17:a0:6b:26:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jul 24 08:18:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eacb4cb3341eceb343bd58bc587c664d15343b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:99:21:b0:86:0c:c1:21:92:74:80:fc:5f:e5:
43:23:45:91:93:20:a3:0e:ce:46:be:7b:af:a3:19:
61:3b:02:87:13:75:f0:c4:15:9b:76:41:e4:10:20:
25:91:86:bd:85:37:50:b8:1b:2a:3b:fa:29:d5:d2:
d4:8a:27:fe:20:35:f8:2d:f0:c2:75:76:1b:62:e3:
51:e9:7c:95:1f:b0:82:77:26:4c:e0:15:14:ce:b5:
4b:a3:f2:02:14:ab:c2:29:47:54:d0:a3:2e:2c:eb:
0b:8e:58:8f:84:53:68:46:74:e3:a2:a3:5f:86:8c:
24:0b:bd:1b:c3:f4:88:da:59:43:9b:dd:06:96:30:
25:8d:c6:b7:05:46:95:24:fe:16:09:16:4f:4a:a5:
ce:37:13:26:cc:f9:b5:81:0f:76:5a:8a:14:e4:a7:
d8:4a:7f:90:86:3f:0b:f4:6c:ce:67:d5:8b:30:0a:
bd:66:fb:f9:89:05:34:89:cc:78:98:d6:68:ec:19:
6a:09:89:57:5b:fb:52:6d:d3:cf:72:17:4b:e0:76:
71:b1:8f:b9:f2:dd:51:9d:b0:08:da:b9:56:c1:2d:
fc:b5:1f:03:bf:20:a5:9c:9e:85:ba:ba:f8:27:95:
7a:65:84:0c:13:f4:1f:5a:52:fe:35:e9:49:1c:05:
d0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AC:B4:CB:33:41:EC:EB:34:3B:D5:8B:C5:87:C6:64:D1:53:43:B0
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Hqy0yzNB7Os0O9WLxYfGZNFTQ7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.94.0/23
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
04:78:5f:90:de:b3:17:29:45:b5:a6:c0:00:d5:50:0b:d1:db:
48:d7:78:7e:c6:ec:ab:c1:1a:bb:3a:71:48:d3:70:5b:dd:93:
f4:8e:d0:59:9b:58:fd:59:f2:61:dd:f9:36:b7:21:2b:0e:aa:
06:a8:e5:3a:97:27:83:cd:90:82:79:3c:cc:85:19:74:80:2f:
26:d0:1e:cc:2b:6a:19:93:0c:5f:d0:00:b7:69:6f:f5:99:ea:
2c:c7:82:07:e5:d1:a7:6a:62:a7:26:f6:55:0e:d9:ce:78:fd:
aa:52:63:42:e5:a4:fa:ce:00:42:36:dd:fc:e4:7f:5b:f6:64:
cb:12:ef:38:00:db:05:0d:9e:d6:19:de:49:3e:2e:43:9a:68:
19:24:78:8e:0a:71:74:0d:07:6e:ec:d5:5d:01:02:17:fe:55:
ee:54:85:18:d6:09:f8:49:8c:6a:3b:0a:d7:f4:9e:93:99:2d:
1d:48:28:66:08:38:a2:65:2a:0f:9e:23:76:30:fd:7c:cb:71:
3a:dd:4d:39:c2:9e:c7:20:12:87:d7:87:8e:73:9f:51:8c:c4:
a0:2b:d5:97:73:a2:cd:86:cc:42:9a:0d:22:ef:99:4b:0d:c7:
f0:7a:89:db:a0:0b:32:87:84:3a:a3:54:cd:d3:9b:4f:d4:0e:
14:5a:55:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmG+m9HP0ERyEdHChegaybnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMwNzI0MDgxODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFjYjRjYjMzNDFlY2ViMzQzYmQ1OGJjNTg3YzY2NGQxNTM0M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZkhsIYMwSGSdID8X+VDI0WRkyCj
Ds5GvnuvoxlhOwKHE3XwxBWbdkHkECAlkYa9hTdQuBsqO/op1dLUiif+IDX4LfDC
dXYbYuNR6XyVH7CCdyZM4BUUzrVLo/ICFKvCKUdU0KMuLOsLjliPhFNoRnTjoqNf
howkC70bw/SI2llDm90GljAljca3BUaVJP4WCRZPSqXONxMmzPm1gQ92WooU5KfY
Sn+Qhj8L9GzOZ9WLMAq9Zvv5iQU0icx4mNZo7BlqCYlXW/tSbdPPchdL4HZxsY+5
8t1RnbAI2rlWwS38tR8DvyClnJ6Furr4J5V6ZYQME/QfWlL+NelJHAXQXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB6stMszQezrNDvVi8WHxmTRU0OwMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvSHF5MHl6TkI3T3MwTzlXTHhZZkdaTkZUUTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQB
LUJeAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQAEeF+Q3rMXKUW1psAA1VAL0dtI
13h+xuyrwRq7OnFI03Bb3ZP0jtBZm1j9WfJh3fk2tyErDqoGqOU6lyeDzZCCeTzM
hRl0gC8m0B7MK2oZkwxf0AC3aW/1meosx4IH5dGnamKnJvZVDtnOeP2qUmNC5aT6
zgBCNt385H9b9mTLEu84ANsFDZ7WGd5JPi5DmmgZJHiOCnF0DQdu7NVdAQIX/lXu
VIUY1gn4SYxqOwrX9J6TmS0dSChmCDiiZSoPniN2MP18y3E63U05wp7HIBKH14eO
c59RjMSgK9WXc6LNhsxCmg0i75lLDcfweonboAsyh4Q6o1TN05tP1A4UWlWy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org