Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/hjFUAZ8WiCg10i_6R3EaszOP2TE.roa
File: hjFUAZ8WiCg10i_6R3EaszOP2TE.roa (raw, json)
Hash identifier: dIJl7QEvpa1neLvrTj5rO3LBYl7vIc/n8mNtmxCTeQM=
Subject key identifier: 86:31:54:01:9F:16:88:28:35:D2:2F:FA:47:71:1A:B3:33:8F:D9:31
Certificate issuer: /CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Certificate serial: 0192B4740BA83FBE126CFA98ABC52FBB88D4
Authority key identifier: 89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/hjFUAZ8WiCg10i_6R3EaszOP2TE.roa
Signing time: Tue 22 Oct 2024 13:39:16 +0000
ROA not before: Tue 22 Oct 2024 13:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61124
IP address blocks: 85.193.144.0/20 maxlen: 24
148.252.32.0/19 maxlen: 24
176.123.32.0/20 maxlen: 24
185.13.188.0/22 maxlen: 24
2a03:3ec0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:74:0b:a8:3f:be:12:6c:fa:98:ab:c5:2f:bb:88:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Validity
Not Before: Oct 22 13:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=863154019f16882835d22ffa47711ab3338fd931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:78:63:8f:59:ba:b2:a9:aa:b3:d2:8c:d6:70:
7f:0c:c2:21:fb:82:36:3c:96:96:83:1f:d2:ef:2f:
68:4e:90:7a:3f:35:5a:78:81:d1:bc:ab:05:fa:16:
10:0e:0f:cb:e4:9f:dc:76:d6:76:d2:60:b0:d0:34:
d4:65:a9:22:5e:de:5e:72:83:21:32:7c:29:b7:1e:
4d:7a:49:b4:97:bd:6e:2f:2c:e2:d8:6a:f7:86:c8:
30:f9:69:5e:69:d3:ec:12:93:22:25:fe:a7:37:32:
0b:22:38:41:9e:6d:70:66:51:df:6b:23:a0:a6:a7:
51:f7:e7:32:71:7c:2e:f4:83:e2:7f:b9:5a:c9:a7:
0d:42:f7:94:20:74:dc:91:a1:6e:f7:e3:d0:29:eb:
95:07:fb:a3:ba:0c:a7:6b:f6:89:a3:24:74:fa:19:
85:fb:44:6d:a6:55:bf:2d:cf:99:0b:61:8e:f6:84:
45:5a:e0:9c:dd:b8:1a:bb:e0:f6:6f:f9:14:85:bd:
e4:84:33:79:ec:fc:cd:4b:c1:bf:81:92:87:d4:40:
5c:69:20:47:bb:9a:e7:d6:60:55:20:20:0a:5e:dc:
91:c9:05:a4:24:7b:d5:b4:da:f4:8b:26:7c:28:b5:
86:34:f3:69:db:ff:f6:9b:1a:5d:9d:b1:fa:9b:a2:
da:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:31:54:01:9F:16:88:28:35:D2:2F:FA:47:71:1A:B3:33:8F:D9:31
X509v3 Authority Key Identifier:
keyid:89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/hjFUAZ8WiCg10i_6R3EaszOP2TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/idOpFFlzx5o-e5VTHj0N99KMSgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.144.0/20
148.252.32.0/19
176.123.32.0/20
185.13.188.0/22
IPv6:
2a03:3ec0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:98:86:77:6c:63:ad:5c:67:72:a3:52:d3:aa:89:2a:bc:8a:
5f:d7:cd:46:c8:22:26:a7:20:45:8f:51:f9:7b:d4:09:c8:d8:
90:aa:13:87:92:ea:4c:a2:93:2d:39:16:11:dc:07:84:fd:72:
d3:ee:08:4b:2c:c0:6f:0b:95:fc:eb:ce:38:15:0a:24:41:fe:
a5:52:d3:34:c5:bb:30:33:11:a1:bc:a1:65:95:f5:5e:58:04:
42:8c:1e:11:fe:f0:29:08:87:ca:43:8f:b9:85:cc:7c:78:24:
e9:0b:34:a8:51:40:98:2e:b2:80:74:f5:86:d3:08:65:4f:19:
76:9d:fb:3e:c8:1a:69:cc:be:87:b1:c7:d9:47:17:5e:1f:d2:
10:98:3f:87:4c:39:d6:21:91:9e:3e:2b:01:03:0b:fa:d6:51:
ba:a9:87:26:17:21:17:6b:78:92:9f:b5:39:ae:06:91:7c:14:
b2:3b:f9:ca:4f:79:e8:40:32:9a:89:63:b6:22:22:a8:d2:99:
6e:ba:1d:47:0b:f0:17:89:a8:3c:a6:37:8f:a8:0c:35:48:c4:
d3:13:8e:79:db:0c:62:af:eb:6d:fe:49:5e:fc:7d:ab:60:b4:
04:45:f5:88:4f:da:63:5a:3d:59:29:09:59:5a:48:f7:42:32:
91:36:98:6e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZK0dAuoP74SbPqYq8Uvu4jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDNhOTE0NTk3M2M3OWEzZTdiOTU1MzFlM2QwZGY3ZDI4
YzRhMDQwHhcNMjQxMDIyMTMzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjMxNTQwMTlmMTY4ODI4MzVkMjJmZmE0NzcxMWFiMzMzOGZkOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3hjj1m6sqmqs9KM1nB/DMIh+4I2
PJaWgx/S7y9oTpB6PzVaeIHRvKsF+hYQDg/L5J/cdtZ20mCw0DTUZakiXt5ecoMh
Mnwptx5Nekm0l71uLyzi2Gr3hsgw+WleadPsEpMiJf6nNzILIjhBnm1wZlHfayOg
pqdR9+cycXwu9IPif7layacNQveUIHTckaFu9+PQKeuVB/ujugyna/aJoyR0+hmF
+0RtplW/Lc+ZC2GO9oRFWuCc3bgau+D2b/kUhb3khDN57PzNS8G/gZKH1EBcaSBH
u5rn1mBVICAKXtyRyQWkJHvVtNr0iyZ8KLWGNPNp2//2mxpdnbH6m6LaRQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIYxVAGfFogoNdIv+kdxGrMzj9kxMB8GA1UdIwQY
MBaAFInTqRRZc8eaPnuVUx49DffSjEoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUt
N2Q0MGMxMWE5NTAwLzEvaGpGVUFaOFdpQ2cxMGlfNlIzRWFzek9QMlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUtN2Q0MGMxMWE5NTAw
LzEvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEVcGQAwQF
lPwgAwQEsHsgAwQCuQ28MA0EAgACMAcDBQAqAz7AMA0GCSqGSIb3DQEBCwUAA4IB
AQB/mIZ3bGOtXGdyo1LTqokqvIpf181GyCImpyBFj1H5e9QJyNiQqhOHkupMopMt
ORYR3AeE/XLT7ghLLMBvC5X86844FQokQf6lUtM0xbswMxGhvKFllfVeWARCjB4R
/vApCIfKQ4+5hcx8eCTpCzSoUUCYLrKAdPWG0whlTxl2nfs+yBppzL6HscfZRxde
H9IQmD+HTDnWIZGePisBAwv61lG6qYcmFyEXa3iSn7U5rgaRfBSyO/nKT3noQDKa
iWO2IiKo0pluuh1HC/AXiag8pjePqAw1SMTTE4552wxir+tt/kle/H2rYLQERfWI
T9pjWj1ZKQlZWkj3QjKRNphu
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:49:56 2025 by rpki-client