Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/HFBL_bFA5H6VgjP21HSyeLHEdR0.roa
File: HFBL_bFA5H6VgjP21HSyeLHEdR0.roa (raw, json)
Hash identifier: G0RTwklSLkkdehITtoomLAw+Q+58BDzAmpzEKVqpEto=
Subject key identifier: 1C:50:4B:FD:B1:40:E4:7E:95:82:33:F6:D4:74:B2:78:B1:C4:75:1D
Certificate issuer: /CN=9d46542726668436fa93e757feef4d45e24cd6e3
Certificate serial: 018570FBD2AFC171457C33D3CEE5B1EF7E66
Authority key identifier: 9D:46:54:27:26:66:84:36:FA:93:E7:57:FE:EF:4D:45:E2:4C:D6:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nUZUJyZmhDb6k-dX_u9NReJM1uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/HFBL_bFA5H6VgjP21HSyeLHEdR0.roa
Signing time: Mon 02 Jan 2023 05:37:09 +0000
ROA not before: Mon 02 Jan 2023 05:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47196
IP address blocks: 195.22.149.0/24 maxlen: 24
195.22.152.0/24 maxlen: 24
195.22.148.0/24 maxlen: 24
195.22.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d2:af:c1:71:45:7c:33:d3:ce:e5:b1:ef:7e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d46542726668436fa93e757feef4d45e24cd6e3
Validity
Not Before: Jan 2 05:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c504bfdb140e47e958233f6d474b278b1c4751d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b0:c7:b5:3b:17:0a:4a:f1:a8:58:16:74:90:
8d:2d:37:85:bf:8b:46:b7:a6:a2:63:47:de:be:5e:
e0:1d:7b:5e:a3:4e:a8:27:92:68:de:28:06:3d:03:
42:f4:7f:84:6a:fa:36:d8:61:0b:cb:74:38:5a:d5:
f0:78:8b:7e:11:22:6f:e5:83:ac:db:a0:be:a2:14:
7b:eb:bc:44:73:05:67:3f:e3:cf:04:91:53:62:49:
dd:b0:5d:24:5d:aa:f6:d3:06:61:c2:e0:a4:17:ad:
ad:6c:62:3d:e5:3c:85:2b:41:90:02:08:f3:11:90:
89:36:38:d5:f7:f9:a0:40:69:dc:80:e7:10:f1:21:
4c:c9:9d:46:d1:16:98:00:0d:a3:dc:fb:2e:25:db:
94:a2:c5:9c:1b:ba:f9:9b:5c:d6:b7:f8:5b:0f:11:
1d:31:70:0b:75:da:bd:8f:1a:68:75:19:97:fe:0f:
e1:c0:f5:49:28:8a:a0:71:cf:01:b2:ea:ee:04:54:
ee:5a:c9:0e:48:16:13:60:ff:ab:05:0d:44:b8:c7:
1b:81:57:b4:d8:22:50:fd:cf:f2:1f:5e:8d:ca:01:
a1:54:30:41:ce:32:97:fd:68:a6:cc:22:8e:59:88:
5b:e6:cf:74:0f:0b:29:d7:81:1e:bc:4b:c6:60:60:
57:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:50:4B:FD:B1:40:E4:7E:95:82:33:F6:D4:74:B2:78:B1:C4:75:1D
X509v3 Authority Key Identifier:
keyid:9D:46:54:27:26:66:84:36:FA:93:E7:57:FE:EF:4D:45:E2:4C:D6:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUZUJyZmhDb6k-dX_u9NReJM1uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/HFBL_bFA5H6VgjP21HSyeLHEdR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58005a-5233-4844-b024-29e35ae912da/1/nUZUJyZmhDb6k-dX_u9NReJM1uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.148.0/23
195.22.152.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:e4:19:1d:45:c1:c5:46:e5:14:88:49:5e:3a:86:a8:5f:65:
71:eb:47:57:a0:7f:b4:1e:55:4e:42:85:9a:1b:9e:b1:f2:fb:
a0:28:db:0b:44:92:d0:13:44:c4:03:0f:22:00:b8:ca:d0:a3:
8b:ab:72:e4:eb:f2:6f:6e:dc:37:13:0f:b7:ad:15:87:7e:ba:
19:bf:e9:3d:86:d8:67:b4:9e:cc:49:ab:d9:22:89:ee:47:fd:
5e:0a:ef:bd:61:8d:8b:7f:f5:8f:d3:0c:86:ef:c4:32:53:3c:
c5:a1:57:3b:83:ed:32:30:c4:a6:af:fd:aa:8f:07:f6:89:c5:
eb:20:02:b1:63:51:71:df:00:24:77:46:35:86:ca:65:1c:67:
a6:39:9f:d8:76:04:26:e8:0c:b8:7d:41:fd:6b:e2:f0:a5:a5:
2f:6d:98:88:ac:f9:3e:ba:24:25:6b:42:c0:74:73:3b:80:35:
5b:b0:b1:76:44:d3:9d:9c:13:51:d0:ea:77:0e:fb:d6:48:74:
a5:ea:fd:57:3e:a8:ba:20:f3:e6:0e:70:d4:e5:38:ff:8d:1c:
2a:05:99:42:8e:88:81:18:7d:48:73:5b:f9:b6:41:38:75:cc:
33:0c:46:fd:17:9e:1b:af:1e:55:f0:d9:e6:c4:ae:1a:e6:53:
6a:89:4f:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw+9KvwXFFfDPTzuWx735mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDY1NDI3MjY2Njg0MzZmYTkzZTc1N2ZlZWY0ZDQ1ZTI0
Y2Q2ZTMwHhcNMjMwMTAyMDUzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUwNGJmZGIxNDBlNDdlOTU4MjMzZjZkNDc0YjI3OGIxYzQ3NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrDHtTsXCkrxqFgWdJCNLTeFv4tG
t6aiY0fevl7gHXteo06oJ5Jo3igGPQNC9H+Eavo22GELy3Q4WtXweIt+ESJv5YOs
26C+ohR767xEcwVnP+PPBJFTYkndsF0kXar20wZhwuCkF62tbGI95TyFK0GQAgjz
EZCJNjjV9/mgQGncgOcQ8SFMyZ1G0RaYAA2j3PsuJduUosWcG7r5m1zWt/hbDxEd
MXALddq9jxpodRmX/g/hwPVJKIqgcc8BsuruBFTuWskOSBYTYP+rBQ1EuMcbgVe0
2CJQ/c/yH16NygGhVDBBzjKX/WimzCKOWYhb5s90Dwsp14EevEvGYGBXlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBxQS/2xQOR+lYIz9tR0snixxHUdMB8GA1UdIwQY
MBaAFJ1GVCcmZoQ2+pPnV/7vTUXiTNbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVaVUp5Wm1oRGI2ay1kWF91OU5SZUpNMXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81ODAwNWEtNTIzMy00ODQ0LWIwMjQt
MjllMzVhZTkxMmRhLzEvSEZCTF9iRkE1SDZWZ2pQMjFIU3llTEhFZFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81ODAwNWEtNTIzMy00ODQ0LWIwMjQtMjllMzVhZTkxMmRh
LzEvblVaVUp5Wm1oRGI2ay1kWF91OU5SZUpNMXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwxaUAwQB
wxaYMA0GCSqGSIb3DQEBCwUAA4IBAQAL5BkdRcHFRuUUiEleOoaoX2Vx60dXoH+0
HlVOQoWaG56x8vugKNsLRJLQE0TEAw8iALjK0KOLq3Lk6/Jvbtw3Ew+3rRWHfroZ
v+k9hthntJ7MSavZIonuR/1eCu+9YY2Lf/WP0wyG78QyUzzFoVc7g+0yMMSmr/2q
jwf2icXrIAKxY1Fx3wAkd0Y1hsplHGemOZ/YdgQm6Ay4fUH9a+LwpaUvbZiIrPk+
uiQla0LAdHM7gDVbsLF2RNOdnBNR0Op3DvvWSHSl6v1XPqi6IPPmDnDU5Tj/jRwq
BZlCjoiBGH1Ic1v5tkE4dcwzDEb9F54brx5V8NnmxK4a5lNqiU+q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:04 2024 by rpki-client on console-ams.rpki-client.org