Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/hkVSYQAl3rS3uKQrcUyQYqz-Jb4.roa
File: hkVSYQAl3rS3uKQrcUyQYqz-Jb4.roa (raw, json)
Hash identifier: 1WQziYP1Of1YxLVsprt82cRzU7fwgmn2dGufyHtfPgg=
Subject key identifier: 86:45:52:61:00:25:DE:B4:B7:B8:A4:2B:71:4C:90:62:AC:FE:25:BE
Certificate issuer: /CN=8f20f70f17d8b72c3e42aee03291298b54a4ff2f
Certificate serial: 018CC6B7F5CE92D5457856AABCCCA7EC48D8
Authority key identifier: 8F:20:F7:0F:17:D8:B7:2C:3E:42:AE:E0:32:91:29:8B:54:A4:FF:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/hkVSYQAl3rS3uKQrcUyQYqz-Jb4.roa
Signing time: Mon 01 Jan 2024 20:29:53 +0000
ROA not before: Mon 01 Jan 2024 20:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205046
IP address blocks: 185.231.132.0/22 maxlen: 22
141.21.0.0/16 maxlen: 16
2a0c:7500::/29 maxlen: 29
2001:67c:2acc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f5:ce:92:d5:45:78:56:aa:bc:cc:a7:ec:48:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f20f70f17d8b72c3e42aee03291298b54a4ff2f
Validity
Not Before: Jan 1 20:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=864552610025deb4b7b8a42b714c9062acfe25be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:42:23:5c:df:e2:7c:a9:a2:67:3c:49:9f:65:
94:ca:55:2e:f0:0a:fd:80:b3:4a:1c:49:54:f2:db:
9d:39:f9:a3:fc:00:b5:55:b1:aa:35:44:d2:80:df:
b1:7c:e5:87:9f:65:f4:47:4b:a2:d2:d7:a1:6c:e8:
c8:cf:32:f1:af:d7:9c:3e:40:23:e8:db:0f:c0:27:
3e:af:75:32:e0:09:1b:c1:11:15:c8:64:f2:57:e1:
80:e1:27:b1:a6:1e:2f:61:67:45:1e:9f:f4:1c:3d:
c4:82:4d:3f:3e:09:56:fd:e0:3c:2d:f0:29:f9:89:
76:b4:cb:3f:57:9b:bf:82:e0:a8:e5:dd:70:45:a3:
5a:4d:8e:c7:ad:9f:13:bb:1a:c7:b7:60:3a:f0:f5:
4c:08:d9:26:47:79:5d:7e:a0:0c:e8:ec:ed:30:2b:
48:f7:f8:16:a6:24:22:73:98:02:68:49:0e:01:5d:
c9:8c:1a:21:dc:b5:7a:ed:75:82:81:a7:4c:48:a6:
fb:02:c3:44:90:a6:f9:8e:eb:03:18:30:39:a4:27:
d4:4d:88:b1:71:c7:48:93:38:cf:49:5e:cf:3e:8d:
5b:25:8c:ab:c4:de:54:51:11:06:4b:5b:86:40:2e:
35:7e:88:29:47:6a:22:40:35:a0:a7:46:35:ef:ba:
1c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:45:52:61:00:25:DE:B4:B7:B8:A4:2B:71:4C:90:62:AC:FE:25:BE
X509v3 Authority Key Identifier:
keyid:8F:20:F7:0F:17:D8:B7:2C:3E:42:AE:E0:32:91:29:8B:54:A4:FF:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/hkVSYQAl3rS3uKQrcUyQYqz-Jb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.21.0.0/16
185.231.132.0/22
IPv6:
2001:67c:2acc::/48
2a0c:7500::/29
Signature Algorithm: sha256WithRSAEncryption
39:c6:ea:a1:34:bf:fe:a2:a4:ee:9f:55:54:2a:6c:fd:f6:7c:
35:3a:ce:ca:70:56:89:45:c1:7a:96:af:eb:f7:c5:25:fe:4f:
05:e5:a5:d5:62:66:96:54:59:e0:14:76:33:d4:aa:29:93:05:
64:ac:dd:bb:a2:59:04:0d:22:f8:bc:7e:97:24:21:0e:b9:40:
e1:9d:82:d8:1a:ea:98:c0:51:48:14:b1:91:53:e6:af:a5:36:
28:68:e4:6c:cf:89:2d:ce:ad:db:9e:7e:61:d9:a5:aa:9c:61:
23:b4:10:1a:62:ef:8f:b3:05:b1:70:39:94:cf:97:dc:f5:02:
b9:01:76:15:68:9a:da:52:46:3d:99:cd:ab:77:74:04:6d:4a:
2a:0b:3c:dd:42:ef:0d:72:2b:0c:bb:cc:da:22:4f:67:14:e9:
da:22:5c:ee:b3:18:b1:1b:11:61:e3:4d:38:9d:cf:0b:e1:a1:
2c:26:b2:89:53:f6:02:2a:c4:62:d1:a2:b4:f2:c4:4b:35:b8:
99:5c:4c:cc:9c:8b:17:76:ba:aa:65:a6:ac:0d:f2:5b:bd:5f:
05:fd:2e:1b:c2:97:81:06:0a:f1:e7:4e:f9:ad:80:92:58:29:
4b:34:fb:b3:b5:a2:41:e2:c4:88:40:1f:2d:7f:6e:6f:2d:3a:
36:53:1d:9a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGt/XOktVFeFaqvMyn7EjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjBmNzBmMTdkOGI3MmMzZTQyYWVlMDMyOTEyOThiNTRh
NGZmMmYwHhcNMjQwMTAxMjAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ1NTI2MTAwMjVkZWI0YjdiOGE0MmI3MTRjOTA2MmFjZmUyNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0IjXN/ifKmiZzxJn2WUylUu8Ar9
gLNKHElU8tudOfmj/AC1VbGqNUTSgN+xfOWHn2X0R0ui0tehbOjIzzLxr9ecPkAj
6NsPwCc+r3Uy4AkbwREVyGTyV+GA4Sexph4vYWdFHp/0HD3Egk0/PglW/eA8LfAp
+Yl2tMs/V5u/guCo5d1wRaNaTY7HrZ8TuxrHt2A68PVMCNkmR3ldfqAM6OztMCtI
9/gWpiQic5gCaEkOAV3JjBoh3LV67XWCgadMSKb7AsNEkKb5jusDGDA5pCfUTYix
ccdIkzjPSV7PPo1bJYyrxN5UUREGS1uGQC41fogpR2oiQDWgp0Y177ocGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIZFUmEAJd60t7ikK3FMkGKs/iW+MB8GA1UdIwQY
MBaAFI8g9w8X2LcsPkKu4DKRKYtUpP8vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlEM0R4Zll0eXctUXE3Z01wRXBpMVNrX3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy80MmMwYzAtZGU2ZC00OWI2LWI0NTAt
Yzk2YThkYTJjNTg5LzEvaGtWU1lRQWwzclMzdUtRcmNVeVFZcXotSmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy80MmMwYzAtZGU2ZC00OWI2LWI0NTAtYzk2YThkYTJjNTg5
LzEvanlEM0R4Zll0eXctUXE3Z01wRXBpMVNrX3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzARBAIAATALAwMAjRUDBAK5
54QwFgQCAAIwEAMHACABBnwqzAMFAyoMdQAwDQYJKoZIhvcNAQELBQADggEBADnG
6qE0v/6ipO6fVVQqbP32fDU6zspwVolFwXqWr+v3xSX+TwXlpdViZpZUWeAUdjPU
qimTBWSs3buiWQQNIvi8fpckIQ65QOGdgtga6pjAUUgUsZFT5q+lNiho5GzPiS3O
rduefmHZpaqcYSO0EBpi74+zBbFwOZTPl9z1ArkBdhVomtpSRj2Zzat3dARtSioL
PN1C7w1yKwy7zNoiT2cU6doiXO6zGLEbEWHjTTidzwvhoSwmsolT9gIqxGLRorTy
xEs1uJlcTMycixd2uqplpqwN8lu9XwX9LhvCl4EGCvHnTvmtgJJYKUs0+7O1okHi
xIhAHy1/bm8tOjZTHZo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:14 2025 by rpki-client