Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HkjgyaAfw_GhepW1-PwowC0jKN4.roa
File: HkjgyaAfw_GhepW1-PwowC0jKN4.roa (raw, json)
Hash identifier: SD1OmD+de4ceY11ZhH/4zZ7WnY/i/Fev/5kvoTBp/6g=
Subject key identifier: 1E:48:E0:C9:A0:1F:C3:F1:A1:7A:95:B5:F8:FC:28:C0:2D:23:28:DE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018BF61A491E2381F1F5B7880D10C0E13B66
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HkjgyaAfw_GhepW1-PwowC0jKN4.roa
Signing time: Wed 22 Nov 2023 08:16:39 +0000
ROA not before: Wed 22 Nov 2023 08:16:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 193.234.87.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
194.103.24.0/22 maxlen: 24
193.181.2.0/24 maxlen: 24
194.132.60.0/24 maxlen: 24
192.71.180.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:1a:49:1e:23:81:f1:f5:b7:88:0d:10:c0:e1:3b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 22 08:16:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e48e0c9a01fc3f1a17a95b5f8fc28c02d2328de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:a2:5f:62:06:69:81:e8:99:6c:18:ae:91:
ae:22:74:ec:66:b3:61:c1:49:68:63:ba:34:47:f1:
3c:cd:07:75:8f:a3:c8:2d:e0:20:7b:d9:ee:eb:68:
cd:2e:a4:19:c9:d8:9d:83:99:fe:a0:23:fa:0e:1b:
c3:db:5e:5a:08:f8:24:6c:c8:58:12:8d:f3:4f:90:
10:8c:28:3a:cf:d4:cf:40:55:a7:1f:2c:d4:22:97:
15:b3:38:79:85:59:74:1d:b3:a8:0e:f4:fc:f0:ca:
6a:bd:a8:ce:d4:f4:e9:72:8e:42:c2:71:15:f9:67:
7c:58:d0:ca:56:47:5f:88:65:bd:8a:6a:45:8b:d1:
24:fe:81:d3:98:42:41:9a:fd:75:71:7c:9d:ef:78:
93:98:c9:5d:2d:7d:9a:b9:34:94:ba:74:f8:36:9d:
34:0a:1f:1f:cc:c2:e7:fa:60:f1:83:1f:72:5a:ed:
bc:c3:43:a2:71:c2:df:e3:81:77:ec:ec:85:bf:ad:
4e:5d:db:28:ea:ca:57:f6:09:a2:80:ce:e4:ca:14:
d8:99:ee:c7:fb:4e:1e:f6:2b:86:da:72:f2:a0:f4:
36:53:ca:1f:fc:e5:c4:a8:9c:7e:9d:46:c3:8e:d6:
6e:2a:e2:73:0c:f9:8c:5c:b5:5a:ae:c4:2e:d9:51:
fb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:48:E0:C9:A0:1F:C3:F1:A1:7A:95:B5:F8:FC:28:C0:2D:23:28:DE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HkjgyaAfw_GhepW1-PwowC0jKN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.103.24.0/22
194.132.60.0/24
Signature Algorithm: sha256WithRSAEncryption
69:45:2b:41:3d:bd:3b:11:8b:a2:1b:c6:04:51:69:0c:fe:4a:
94:52:7b:75:de:01:28:a3:7f:88:f8:1c:e6:86:63:1a:a8:e4:
5c:a5:05:7e:80:93:56:e5:06:8b:8f:18:b1:3f:5b:7b:a4:d4:
af:d9:3f:cb:f9:db:e9:6b:bc:e4:56:09:ac:3c:8f:e9:38:f7:
8b:10:49:d5:fc:fc:12:97:a8:17:26:61:d0:e3:74:35:50:ca:
e9:5d:d4:9b:d6:c5:b8:c8:93:ef:09:2b:7a:b2:9e:f4:a0:17:
37:af:c6:3a:d4:12:c2:09:24:cd:55:f6:12:26:56:82:db:17:
99:2f:03:2a:1b:4e:ec:8b:99:51:2f:8a:d4:6a:e6:92:7e:77:
a3:6d:a7:35:c1:d7:71:c9:31:d4:e4:fe:db:ff:e4:cc:56:0d:
69:c7:7b:a7:be:2e:44:3d:69:71:57:39:bb:98:93:4a:09:51:
ce:9d:3d:f9:b2:12:06:5c:e2:f9:83:94:36:9c:cb:20:e0:18:
27:44:61:12:d3:c6:c8:07:c2:23:1e:1d:df:c3:19:06:fb:3d:
af:5d:9e:03:72:42:c7:d7:66:4c:9b:c0:34:0f:61:a7:e6:5f:
66:e6:30:b5:9f:f8:aa:0b:b1:af:70:0b:da:57:03:0f:e3:ba:
67:82:83:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYv2GkkeI4Hx9beIDRDA4TtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMTIyMDgxNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ4ZTBjOWEwMWZjM2YxYTE3YTk1YjVmOGZjMjhjMDJkMjMyOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNSiX2IGaYHomWwYrpGuInTsZrNh
wUloY7o0R/E8zQd1j6PILeAge9nu62jNLqQZydidg5n+oCP6DhvD215aCPgkbMhY
Eo3zT5AQjCg6z9TPQFWnHyzUIpcVszh5hVl0HbOoDvT88MpqvajO1PTpco5CwnEV
+Wd8WNDKVkdfiGW9impFi9Ek/oHTmEJBmv11cXyd73iTmMldLX2auTSUunT4Np00
Ch8fzMLn+mDxgx9yWu28w0OiccLf44F37OyFv61OXdso6spX9gmigM7kyhTYme7H
+04e9iuG2nLyoPQ2U8of/OXEqJx+nUbDjtZuKuJzDPmMXLVarsQu2VH7tQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB5I4MmgH8PxoXqVtfj8KMAtIyjeMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSGtqZ3lhQWZ3X0doZXBXMS1Qd293QzBqS040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQCwmcYAwQA
woQ8MA0GCSqGSIb3DQEBCwUAA4IBAQBpRStBPb07EYuiG8YEUWkM/kqUUnt13gEo
o3+I+BzmhmMaqORcpQV+gJNW5QaLjxixP1t7pNSv2T/L+dvpa7zkVgmsPI/pOPeL
EEnV/PwSl6gXJmHQ43Q1UMrpXdSb1sW4yJPvCSt6sp70oBc3r8Y61BLCCSTNVfYS
JlaC2xeZLwMqG07si5lRL4rUauaSfnejbac1wddxyTHU5P7b/+TMVg1px3unvi5E
PWlxVzm7mJNKCVHOnT35shIGXOL5g5Q2nMsg4BgnRGES08bIB8IjHh3fwxkG+z2v
XZ4DckLH12ZMm8A0D2Gn5l9m5jC1n/iqC7GvcAvaVwMP47pngoOe
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:53 2024 by rpki-client on console-fra.rpki-client.org