Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/HngRIQnuUt2RAQQU5SXocJRFGiM.roa
File: HngRIQnuUt2RAQQU5SXocJRFGiM.roa (raw, json)
Hash identifier: 84qk9Tw/RdDrHAWbNKTaDbsA2GVYs7UtT3ys6p3Dbnk=
Subject key identifier: 1E:78:11:21:09:EE:52:DD:91:01:04:14:E5:25:E8:70:94:45:1A:23
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018A452BAC1C3B673D1B4C82E4A7F0CAB0DA
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/HngRIQnuUt2RAQQU5SXocJRFGiM.roa
Signing time: Wed 30 Aug 2023 06:40:04 +0000
ROA not before: Wed 30 Aug 2023 06:40:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 45.147.156.0/24 maxlen: 24
45.147.159.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
45.147.158.0/24 maxlen: 24
185.112.240.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 12:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:2b:ac:1c:3b:67:3d:1b:4c:82:e4:a7:f0:ca:b0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Aug 30 06:40:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e78112109ee52dd91010414e525e87094451a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4b:c6:16:dd:d4:e7:91:6d:30:b3:10:cc:4f:
a0:83:87:cd:0e:db:43:ef:f9:4b:2c:fb:ba:57:e7:
12:ad:22:94:24:70:db:59:19:14:0b:8a:bc:26:81:
4a:48:32:94:84:5a:09:6a:65:97:f4:0a:69:6a:e7:
db:a8:fd:9a:48:0a:3f:95:eb:01:fb:d6:7e:37:31:
cb:35:6a:a6:cd:72:20:07:42:da:81:04:aa:ea:8d:
28:ae:7b:13:e8:80:02:94:aa:8c:d2:f5:a4:54:a4:
5c:c0:6a:8f:07:57:54:8c:e3:d5:ae:8f:84:c5:4d:
54:8a:77:2e:c1:fb:23:ca:a1:ba:0a:40:a3:09:05:
e2:3e:88:0e:bb:fc:2d:b0:16:2f:93:f5:9e:0a:81:
5d:96:c3:76:d7:25:43:7e:b5:bb:d3:a0:72:2f:3c:
4c:6c:f0:13:d4:ff:46:c8:fb:39:79:e8:99:5b:7c:
5d:2f:1d:53:58:c0:76:4a:af:54:96:e1:a3:94:2e:
a7:9c:07:67:c9:a8:22:c7:a2:6e:93:6b:4f:32:96:
fb:6e:ca:9e:53:10:00:09:01:8e:cb:d7:e4:41:e9:
f0:0d:9f:9e:1c:85:b6:93:fc:cf:d9:18:02:93:55:
f2:6c:3e:bc:1f:e7:71:eb:c2:a8:e0:a8:88:6b:00:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:78:11:21:09:EE:52:DD:91:01:04:14:E5:25:E8:70:94:45:1A:23
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/HngRIQnuUt2RAQQU5SXocJRFGiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.156.0/22
185.112.240.0/24
185.112.242.0/24
Signature Algorithm: sha256WithRSAEncryption
90:54:2a:58:86:52:96:37:58:a4:4d:9c:c3:5f:2a:c2:1f:39:
bc:41:2b:4a:6f:a6:df:57:9b:7c:75:10:04:7f:72:4e:c9:d8:
8f:6d:91:b6:71:df:bf:71:b1:36:05:b0:77:da:02:9f:5c:05:
cd:5a:1d:58:00:55:85:56:9c:87:29:e6:d9:4e:a3:af:f7:ac:
1a:3d:d0:61:b7:87:cd:ec:04:91:41:12:5d:48:1c:ba:21:5e:
85:fb:fc:d7:3b:ca:51:c6:99:ff:7c:3f:10:fe:28:9d:64:00:
43:c3:a9:c2:45:86:96:07:44:82:e8:c3:d0:b6:c8:c7:4a:27:
d6:31:07:56:80:c5:b0:c4:84:c8:40:91:16:a0:38:6e:db:0f:
c6:d6:72:4d:ba:f3:03:3f:68:41:8f:b3:ca:ed:07:53:43:2d:
5f:92:8b:bf:50:e3:b3:9f:93:c2:4b:d7:30:e0:3b:19:c1:12:
dd:58:fb:f4:ab:51:8a:3a:46:1d:38:7f:12:3b:ef:86:50:cf:
db:86:b4:aa:ea:3f:3c:dd:d7:45:eb:2c:53:34:9d:59:5a:74:
df:3b:a7:50:71:ea:d8:f9:bc:3e:98:40:65:59:e9:43:1f:40:
89:53:fd:49:7d:b5:da:db:d2:5c:0c:8b:03:74:24:62:20:03:
55:5c:f0:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpFK6wcO2c9G0yC5KfwyrDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwODMwMDY0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTc4MTEyMTA5ZWU1MmRkOTEwMTA0MTRlNTI1ZTg3MDk0NDUxYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUvGFt3U55FtMLMQzE+gg4fNDttD
7/lLLPu6V+cSrSKUJHDbWRkUC4q8JoFKSDKUhFoJamWX9AppaufbqP2aSAo/lesB
+9Z+NzHLNWqmzXIgB0LagQSq6o0ornsT6IAClKqM0vWkVKRcwGqPB1dUjOPVro+E
xU1UincuwfsjyqG6CkCjCQXiPogOu/wtsBYvk/WeCoFdlsN21yVDfrW706ByLzxM
bPAT1P9GyPs5eeiZW3xdLx1TWMB2Sq9UluGjlC6nnAdnyagix6Juk2tPMpb7bsqe
UxAACQGOy9fkQenwDZ+eHIW2k/zP2RgCk1XybD68H+dx68Ko4KiIawA83wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB54ESEJ7lLdkQEEFOUl6HCURRojMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvSG5nUklRbnVVdDJSQVFRVTVTWG9jSlJGR2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZOcAwQA
uXDwAwQAuXDyMA0GCSqGSIb3DQEBCwUAA4IBAQCQVCpYhlKWN1ikTZzDXyrCHzm8
QStKb6bfV5t8dRAEf3JOydiPbZG2cd+/cbE2BbB32gKfXAXNWh1YAFWFVpyHKebZ
TqOv96waPdBht4fN7ASRQRJdSBy6IV6F+/zXO8pRxpn/fD8Q/iidZABDw6nCRYaW
B0SC6MPQtsjHSifWMQdWgMWwxITIQJEWoDhu2w/G1nJNuvMDP2hBj7PK7QdTQy1f
kou/UOOzn5PCS9cw4DsZwRLdWPv0q1GKOkYdOH8SO++GUM/bhrSq6j883ddF6yxT
NJ1ZWnTfO6dQcerY+bw+mEBlWelDH0CJU/1JfbXa29JcDIsDdCRiIANVXPCl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org