Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/HjO4MPYDyveqDm184OfAMrfkDi8.roa
File: HjO4MPYDyveqDm184OfAMrfkDi8.roa (raw, json)
Hash identifier: YHF+IPecSSiX5UvuVERIat1WHmTPUiYkyYq96016P5A=
Subject key identifier: 1E:33:B8:30:F6:03:CA:F7:AA:0E:6D:7C:E0:E7:C0:32:B7:E4:0E:2F
Certificate issuer: /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial: 0185708CAE4C0BF6ED78E664C14DDE9ADC88
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/HjO4MPYDyveqDm184OfAMrfkDi8.roa
Signing time: Mon 02 Jan 2023 03:35:45 +0000
ROA not before: Mon 02 Jan 2023 03:35:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20902
IP address blocks: 80.88.64.0/20 maxlen: 24
194.0.184.0/24 maxlen: 24
46.229.0.0/20 maxlen: 24
109.239.160.0/20 maxlen: 24
80.73.96.0/19 maxlen: 24
2001:67c:2088::/48 maxlen: 48
2a00:1230::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Jan 2023 02:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:ae:4c:0b:f6:ed:78:e6:64:c1:4d:de:9a:dc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Validity
Not Before: Jan 2 03:35:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e33b830f603caf7aa0e6d7ce0e7c032b7e40e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:01:cf:8e:76:5c:c4:a0:06:e8:ce:23:b4:74:
a4:6a:56:53:cd:e8:2d:47:99:33:50:fc:67:7f:f2:
77:04:bd:bb:37:a4:85:e9:73:55:b8:0c:ab:11:09:
fb:65:58:d3:35:61:90:4d:28:1a:6f:34:d6:1d:86:
a3:4c:9d:53:f6:2e:bf:75:9b:85:22:4b:52:a3:eb:
65:03:52:2e:a0:a9:4f:8f:3c:7f:fa:c1:99:d3:7d:
6c:8e:25:6a:e1:de:e8:38:42:1f:93:15:2c:f9:71:
15:fe:95:0e:3a:d3:ff:a6:bb:5f:27:8a:25:9b:52:
97:32:08:34:ed:86:d7:ca:40:31:1a:2c:10:08:bf:
29:88:fe:07:ee:fb:69:c8:a6:fb:2b:5b:b5:f7:14:
25:81:96:cd:f9:ab:08:b8:1d:a9:87:4a:0b:2b:1c:
f2:f6:1d:8d:81:1d:1f:78:52:30:e4:24:88:e1:d8:
ba:ad:3c:35:1d:f1:6b:89:be:ae:aa:0e:68:94:b8:
66:f6:80:66:e8:b2:29:60:28:9a:a6:f9:a5:d3:3e:
e8:52:39:e0:3c:4e:27:fa:fe:05:fe:ca:8c:34:68:
71:ea:d5:bd:f9:8d:4c:0f:b9:27:c6:66:db:89:87:
35:3a:5a:f0:ee:7c:5f:1b:e3:2b:9c:37:d0:d4:52:
1a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:33:B8:30:F6:03:CA:F7:AA:0E:6D:7C:E0:E7:C0:32:B7:E4:0E:2F
X509v3 Authority Key Identifier:
keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/HjO4MPYDyveqDm184OfAMrfkDi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.0.0/20
80.73.96.0/19
80.88.64.0/20
109.239.160.0/20
194.0.184.0/24
IPv6:
2001:67c:2088::/48
2a00:1230::/29
Signature Algorithm: sha256WithRSAEncryption
97:d2:9e:bb:2e:dd:a0:d1:c8:5d:28:fb:2c:d5:47:00:03:2f:
10:36:61:c6:82:30:e9:69:b4:a5:21:fd:e5:9a:62:a5:50:80:
25:43:fc:0c:0c:29:2a:a5:18:b9:39:22:21:e0:3a:6c:27:4d:
24:a0:5b:94:14:85:f3:15:d9:85:a5:7b:f2:bb:93:c7:10:ed:
bf:c1:f4:4a:aa:d8:33:03:21:05:46:3f:cc:75:7c:ad:9b:c1:
aa:12:41:dd:80:5e:4e:7f:f4:06:b7:1c:5d:9d:77:8c:c5:b0:
54:69:c2:2e:fa:e2:3c:21:40:95:4e:b7:89:ce:21:fd:6e:a6:
18:71:f2:52:14:7d:48:92:74:45:da:89:0a:c2:b2:ec:bd:45:
06:23:1f:7c:43:6c:ad:be:1f:e9:8f:63:6f:8c:40:86:7e:e5:
74:b5:21:94:7a:2a:72:88:2a:f4:dd:84:76:77:9f:d1:62:1a:
8d:bb:74:94:0b:a2:9e:23:af:16:11:a5:7c:d6:a3:9c:24:3e:
1a:47:27:8b:9a:df:71:40:03:a4:01:b7:5b:95:a7:01:76:b7:
f5:56:d6:87:2f:15:9a:a8:f1:e1:a6:c6:39:3b:09:0d:3c:b7:
de:97:e9:36:ae:44:a1:2a:cc:64:9f:94:5e:2d:44:e0:fa:67:
11:3f:6a:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVwjK5MC/bteOZkwU3emtyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTVjOTBjYTkyODMxM2JjNzBkMjY4M2JiMGY2NGQ2MzJi
MjczYTEwHhcNMjMwMTAyMDMzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTMzYjgzMGY2MDNjYWY3YWEwZTZkN2NlMGU3YzAzMmI3ZTQwZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAHPjnZcxKAG6M4jtHSkalZTzegt
R5kzUPxnf/J3BL27N6SF6XNVuAyrEQn7ZVjTNWGQTSgabzTWHYajTJ1T9i6/dZuF
IktSo+tlA1IuoKlPjzx/+sGZ031sjiVq4d7oOEIfkxUs+XEV/pUOOtP/prtfJ4ol
m1KXMgg07YbXykAxGiwQCL8piP4H7vtpyKb7K1u19xQlgZbN+asIuB2ph0oLKxzy
9h2NgR0feFIw5CSI4di6rTw1HfFrib6uqg5olLhm9oBm6LIpYCiapvml0z7oUjng
PE4n+v4F/sqMNGhx6tW9+Y1MD7knxmbbiYc1Olrw7nxfG+MrnDfQ1FIaCQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB4zuDD2A8r3qg5tfODnwDK35A4vMB8GA1UdIwQY
MBaAFFKlyQypKDE7xw0mg7sPZNYysnOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUt
MTNlZDYzM2Y5MjJhLzEvSGpPNE1QWUR5dmVxRG0xODRPZkFNcmZrRGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUtMTNlZDYzM2Y5MjJh
LzEvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQELuUAAwQF
UElgAwQEUFhAAwQEbe+gAwQAwgC4MBYEAgACMBADBwAgAQZ8IIgDBQMqABIwMA0G
CSqGSIb3DQEBCwUAA4IBAQCX0p67Lt2g0chdKPss1UcAAy8QNmHGgjDpabSlIf3l
mmKlUIAlQ/wMDCkqpRi5OSIh4DpsJ00koFuUFIXzFdmFpXvyu5PHEO2/wfRKqtgz
AyEFRj/MdXytm8GqEkHdgF5Of/QGtxxdnXeMxbBUacIu+uI8IUCVTreJziH9bqYY
cfJSFH1IknRF2okKwrLsvUUGIx98Q2ytvh/pj2NvjECGfuV0tSGUeipyiCr03YR2
d5/RYhqNu3SUC6KeI68WEaV81qOcJD4aRyeLmt9xQAOkAbdblacBdrf1VtaHLxWa
qPHhpsY5OwkNPLfel+k2rkShKsxkn5ReLUTg+mcRP2rF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:59 2024 by rpki-client on console-ams.rpki-client.org