Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa
File: HQth4cuDD4kHbbDU8qxN_TImFKc.roa (raw, json)
Hash identifier: phQSlkmMv7SVANw8/yWQNMKeDOdQMTWA8hD3D0s4aEI=
Subject key identifier: 1D:0B:61:E1:CB:83:0F:89:07:6D:B0:D4:F2:AC:4D:FD:32:26:14:A7
Certificate issuer: /CN=3ed42a0487705606015e5a30da1e70f407e59e99
Certificate serial: 01856E8B1A5BE909398491E2A7ABAB6DD896
Authority key identifier: 3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa
Signing time: Sun 01 Jan 2023 18:14:48 +0000
ROA not before: Sun 01 Jan 2023 18:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2848
IP address blocks: 93.180.0.0/18 maxlen: 18
188.44.32.0/19 maxlen: 19
89.249.160.0/20 maxlen: 20
2a00:f480::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:1a:5b:e9:09:39:84:91:e2:a7:ab:ab:6d:d8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ed42a0487705606015e5a30da1e70f407e59e99
Validity
Not Before: Jan 1 18:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0b61e1cb830f89076db0d4f2ac4dfd322614a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:ef:6a:ce:f1:41:94:97:9b:21:15:84:cf:
0a:6a:eb:31:f4:77:ee:2b:0b:8d:38:16:87:a3:13:
c9:9c:86:db:f3:1c:e8:3e:20:69:22:e7:fa:6f:ba:
11:c0:cf:c4:0e:94:6e:d5:48:d3:a2:64:cb:3f:d3:
48:cd:5b:02:e5:66:05:44:46:24:13:2f:e9:2a:0d:
b6:22:86:f9:44:a0:de:f6:0f:f1:c7:6f:c5:f0:52:
bb:10:0e:70:c1:d3:33:aa:52:bb:69:bc:0c:f2:b6:
2b:49:a5:36:ed:92:82:0c:73:8c:4f:44:9c:6f:38:
09:0a:57:ee:3b:9d:e5:a4:7e:27:bf:1d:6a:62:56:
0b:02:45:91:95:31:60:23:52:be:ac:4c:6b:8c:9e:
63:8e:4d:51:3e:cb:b2:7a:08:f3:f8:f4:22:f0:d4:
79:fb:0f:25:00:24:fb:b5:e6:54:c1:a9:2e:b3:88:
32:92:d1:28:d3:ab:a1:e1:ce:ca:57:e9:6b:9c:f3:
8d:cc:29:e1:0d:e0:37:53:c3:76:74:2a:13:65:73:
21:84:ea:00:15:29:72:6d:86:3e:cf:71:e1:98:de:
e0:dd:3b:98:ae:39:4f:3e:14:bd:ef:dd:3f:8f:d0:
8e:16:75:2a:91:b3:22:01:79:26:59:43:3e:69:a4:
b3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0B:61:E1:CB:83:0F:89:07:6D:B0:D4:F2:AC:4D:FD:32:26:14:A7
X509v3 Authority Key Identifier:
keyid:3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/PtQqBIdwVgYBXlow2h5w9Aflnpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.160.0/20
93.180.0.0/18
188.44.32.0/19
IPv6:
2a00:f480::/32
Signature Algorithm: sha256WithRSAEncryption
5b:c2:e8:13:59:25:71:8f:a7:72:f7:b3:39:b4:5d:6e:1a:56:
06:cf:e2:92:f7:8b:40:d8:3e:98:82:94:2f:ed:52:13:a5:ee:
87:fa:6c:99:8a:44:62:1f:f9:90:2e:be:71:6d:82:85:5d:d7:
1e:59:4c:6e:78:a0:2d:f6:31:55:49:27:f6:ff:75:98:99:1b:
94:87:14:98:bc:0a:1b:01:4f:8b:9e:b1:f0:3b:be:98:55:28:
70:c3:b0:f7:b1:ab:85:f5:2a:60:a7:8b:93:cf:f2:f1:17:72:
99:d1:ac:81:61:1c:25:bc:12:bc:70:42:1d:46:40:30:84:73:
ac:5b:ec:34:c7:74:45:34:ca:3b:95:98:b8:7d:e9:ce:3a:76:
eb:1d:ea:b7:bd:b5:e1:52:b5:9e:a0:5d:2c:72:a6:34:71:03:
ba:29:4b:d7:76:12:6b:9e:06:b6:8f:16:fb:66:5a:33:04:59:
4d:84:33:17:82:c2:89:b5:cd:74:c4:e4:2b:b4:08:7f:27:d1:
57:31:bc:ca:c0:8d:8e:1b:a8:cb:f1:45:07:5c:6d:bc:e4:c6:
5b:57:8b:59:62:a9:2a:62:e5:4c:02:aa:e8:3e:80:33:21:83:
5e:4d:2d:d9:b4:a0:43:d3:48:8e:5f:fa:81:51:ff:35:a5:5f:
08:b2:c8:3a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuixpb6Qk5hJHip6urbdiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDQyYTA0ODc3MDU2MDYwMTVlNWEzMGRhMWU3MGY0MDdl
NTllOTkwHhcNMjMwMTAxMTgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBiNjFlMWNiODMwZjg5MDc2ZGIwZDRmMmFjNGRmZDMyMjYxNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPTvas7xQZSXmyEVhM8Kausx9Hfu
KwuNOBaHoxPJnIbb8xzoPiBpIuf6b7oRwM/EDpRu1UjTomTLP9NIzVsC5WYFREYk
Ey/pKg22Iob5RKDe9g/xx2/F8FK7EA5wwdMzqlK7abwM8rYrSaU27ZKCDHOMT0Sc
bzgJClfuO53lpH4nvx1qYlYLAkWRlTFgI1K+rExrjJ5jjk1RPsuyegjz+PQi8NR5
+w8lACT7teZUwakus4gyktEo06uh4c7KV+lrnPONzCnhDeA3U8N2dCoTZXMhhOoA
FSlybYY+z3HhmN7g3TuYrjlPPhS9790/j9COFnUqkbMiAXkmWUM+aaSzJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB0LYeHLgw+JB22w1PKsTf0yJhSnMB8GA1UdIwQY
MBaAFD7UKgSHcFYGAV5aMNoecPQH5Z6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEt
ODI2MjUzOWRlNDZmLzEvSFF0aDRjdURENGtIYmJEVThxeE5fVEltRktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEtODI2MjUzOWRlNDZm
LzEvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEWfmgAwQG
XbQAAwQFvCwgMA0EAgACMAcDBQAqAPSAMA0GCSqGSIb3DQEBCwUAA4IBAQBbwugT
WSVxj6dy97M5tF1uGlYGz+KS94tA2D6YgpQv7VITpe6H+myZikRiH/mQLr5xbYKF
XdceWUxueKAt9jFVSSf2/3WYmRuUhxSYvAobAU+LnrHwO76YVShww7D3sauF9Spg
p4uTz/LxF3KZ0ayBYRwlvBK8cEIdRkAwhHOsW+w0x3RFNMo7lZi4fenOOnbrHeq3
vbXhUrWeoF0scqY0cQO6KUvXdhJrnga2jxb7ZlozBFlNhDMXgsKJtc10xOQrtAh/
J9FXMbzKwI2OG6jL8UUHXG285MZbV4tZYqkqYuVMAqroPoAzIYNeTS3ZtKBD00iO
X/qBUf81pV8Issg6
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:44 2024 by rpki-client on console-ams.rpki-client.org