Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/HZNf-pJ9N9WYdpk78WGZjS3616M.roa
File: HZNf-pJ9N9WYdpk78WGZjS3616M.roa (raw, json)
Hash identifier: pntC0X3QkYsKSqAyzcFLtAG7WCHXWVLwXkEpxREh2p8=
Subject key identifier: 1D:93:5F:FA:92:7D:37:D5:98:76:99:3B:F1:61:99:8D:2D:FA:D7:A3
Certificate issuer: /CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
Certificate serial: 0189BAF61B6B1CF0F2643C8D41947BB8890E
Authority key identifier: 76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/HZNf-pJ9N9WYdpk78WGZjS3616M.roa
Signing time: Thu 03 Aug 2023 10:33:58 +0000
ROA not before: Thu 03 Aug 2023 10:33:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.162.3.0/24 maxlen: 24
46.162.0.0/24 maxlen: 24
46.162.10.0/23 maxlen: 24
46.162.10.0/24 maxlen: 24
46.162.11.0/24 maxlen: 24
46.162.18.0/24 maxlen: 24
46.162.23.0/24 maxlen: 24
46.162.26.0/24 maxlen: 24
46.162.50.0/24 maxlen: 24
46.162.48.0/24 maxlen: 24
46.162.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Aug 2023 05:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:f6:1b:6b:1c:f0:f2:64:3c:8d:41:94:7b:b8:89:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
Validity
Not Before: Aug 3 10:33:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d935ffa927d37d59876993bf161998d2dfad7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:1f:a4:73:12:e9:b3:42:b5:7f:b5:a9:ea:
b1:e2:c5:7d:f0:cf:e6:ef:ee:fb:06:9e:da:17:01:
a6:57:5d:0f:a7:c3:8c:34:1a:7a:63:6a:22:b4:ce:
da:d0:da:a7:ed:77:bf:fe:0c:2a:d3:a6:66:57:e1:
22:83:1f:88:74:68:c7:e9:d1:0b:e9:a1:64:f4:07:
cf:b2:fa:a6:26:62:e7:d0:2a:2a:16:f7:0a:57:32:
67:a6:52:e3:dd:fd:30:11:d0:76:61:82:d1:3a:f1:
b6:7e:9e:53:be:9e:e2:ac:31:61:15:8d:89:84:aa:
b3:ec:f7:a1:7d:e5:eb:87:41:fd:c3:b7:d6:93:08:
95:53:bd:3e:34:b8:ba:af:b7:c1:e7:a6:ee:75:80:
31:72:60:cb:67:47:b8:af:f9:91:10:a7:10:1a:42:
80:d2:21:dc:3f:39:7c:f6:d7:7e:39:bc:86:59:08:
f9:27:32:30:64:49:f8:20:0e:8c:5a:0e:8a:07:af:
a5:b2:c0:6e:af:ff:01:ef:41:57:13:b1:9d:1a:d6:
b6:30:97:d1:bd:ff:8c:cc:1f:ea:76:b3:7a:02:23:
db:29:1c:6b:85:a0:54:d6:e8:bb:48:f4:67:90:b4:
b2:ca:11:d8:51:ed:df:4b:90:d8:ab:51:51:fa:25:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:93:5F:FA:92:7D:37:D5:98:76:99:3B:F1:61:99:8D:2D:FA:D7:A3
X509v3 Authority Key Identifier:
keyid:76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/HZNf-pJ9N9WYdpk78WGZjS3616M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/dkL9PzNs5u6Z5h-pdwSabGqSPko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.162.0.0/24
46.162.3.0/24
46.162.10.0/23
46.162.18.0/24
46.162.23.0/24
46.162.26.0/24
46.162.48.0/24
46.162.50.0/24
46.162.52.0/23
Signature Algorithm: sha256WithRSAEncryption
93:25:98:ed:05:85:c7:38:bb:aa:ce:05:04:5f:4c:95:8b:68:
a9:2c:b9:6f:09:0e:8e:2c:ca:fd:1b:d4:be:fa:44:40:f2:c9:
83:4d:82:0e:65:b8:0f:49:e2:d2:b5:74:ae:b7:29:f4:5a:17:
e7:ca:04:8b:b7:4b:a6:75:96:e6:74:75:c9:ee:09:53:05:43:
24:2a:9e:9f:ab:27:29:f0:2e:95:50:86:e6:49:c5:87:eb:fb:
24:6f:fb:d1:73:df:41:58:1b:90:ee:4a:cd:2b:97:81:23:e9:
6b:dd:1c:f9:55:9c:0b:16:a8:df:3d:38:ba:eb:0a:8e:27:99:
16:75:d7:21:fc:53:0d:f1:c9:7d:1a:9f:ea:44:62:66:6a:5a:
35:65:9c:b2:85:f8:a0:3d:c1:ac:b3:93:3f:8f:db:97:2f:48:
79:fc:bc:7f:c5:a5:ad:9a:fa:6b:42:68:73:d0:f8:b9:47:89:
6f:06:3d:7e:7a:5d:0b:3d:0c:36:cc:49:8d:75:f9:33:a5:93:
e2:a5:81:f2:54:05:71:d5:4c:a9:40:e3:ff:46:22:a2:c3:81:
86:c7:97:8f:e9:17:19:29:80:6a:ee:0d:b1:59:3d:73:36:d1:
b1:2d:33:6c:86:95:d5:96:0c:f6:47:19:0a:34:1a:22:e3:26:
2f:56:8c:0a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYm69htrHPDyZDyNQZR7uIkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDJmZDNmMzM2Y2U2ZWU5OWU2MWZhOTc3MDQ5YTZjNmE5
MjNlNGEwHhcNMjMwODAzMTAzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkzNWZmYTkyN2QzN2Q1OTg3Njk5M2JmMTYxOTk4ZDJkZmFkN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiIfpHMS6bNCtX+1qeqx4sV98M/m
7+77Bp7aFwGmV10Pp8OMNBp6Y2oitM7a0Nqn7Xe//gwq06ZmV+Eigx+IdGjH6dEL
6aFk9AfPsvqmJmLn0CoqFvcKVzJnplLj3f0wEdB2YYLROvG2fp5Tvp7irDFhFY2J
hKqz7PehfeXrh0H9w7fWkwiVU70+NLi6r7fB56budYAxcmDLZ0e4r/mREKcQGkKA
0iHcPzl89td+ObyGWQj5JzIwZEn4IA6MWg6KB6+lssBur/8B70FXE7GdGta2MJfR
vf+MzB/qdrN6AiPbKRxrhaBU1ui7SPRnkLSyyhHYUe3fS5DYq1FR+iVr3wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB2TX/qSfTfVmHaZO/FhmY0t+tejMB8GA1UdIwQY
MBaAFHZC/T8zbObumeYfqXcEmmxqkj5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAt
NjJjNDNhYzdjMDJmLzEvSFpOZi1wSjlOOVdZZHBrNzhXR1pqUzM2MTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAtNjJjNDNhYzdjMDJm
LzEvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALqIAAwQA
LqIDAwQBLqIKAwQALqISAwQALqIXAwQALqIaAwQALqIwAwQALqIyAwQBLqI0MA0G
CSqGSIb3DQEBCwUAA4IBAQCTJZjtBYXHOLuqzgUEX0yVi2ipLLlvCQ6OLMr9G9S+
+kRA8smDTYIOZbgPSeLStXSutyn0WhfnygSLt0umdZbmdHXJ7glTBUMkKp6fqycp
8C6VUIbmScWH6/skb/vRc99BWBuQ7krNK5eBI+lr3Rz5VZwLFqjfPTi66wqOJ5kW
ddch/FMN8cl9Gp/qRGJmalo1ZZyyhfigPcGss5M/j9uXL0h5/Lx/xaWtmvprQmhz
0Pi5R4lvBj1+el0LPQw2zEmNdfkzpZPipYHyVAVx1UypQOP/RiKiw4GGx5eP6RcZ
KYBq7g2xWT1zNtGxLTNshpXVlgz2RxkKNBoi4yYvVowK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:52 2024 by rpki-client on console-fra.rpki-client.org