Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/hg_XXQeI0CcNUIWnUMGmSj67gAc.roa
File: hg_XXQeI0CcNUIWnUMGmSj67gAc.roa (raw, json)
Hash identifier: 7cxFQkvKg068rJQPVXgKuD1/w2nB3+OQs31B/5Y9Zjc=
Subject key identifier: 86:0F:D7:5D:07:88:D0:27:0D:50:85:A7:50:C1:A6:4A:3E:BB:80:07
Certificate issuer: /CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Certificate serial: 0186A75351827BF439D46A4D7896ED3EEE69
Authority key identifier: 1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/hg_XXQeI0CcNUIWnUMGmSj67gAc.roa
Signing time: Fri 03 Mar 2023 11:55:00 +0000
ROA not before: Fri 03 Mar 2023 11:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201579
IP address blocks: 193.138.195.0/24 maxlen: 24
185.91.69.0/24 maxlen: 24
91.237.124.0/24 maxlen: 24
2a13:2480::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:53:51:82:7b:f4:39:d4:6a:4d:78:96:ed:3e:ee:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Validity
Not Before: Mar 3 11:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=860fd75d0788d0270d5085a750c1a64a3ebb8007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:35:29:15:cc:83:f3:30:3a:63:3b:4c:4a:c5:
01:37:f3:9f:ce:b7:dc:82:49:00:81:1c:ba:e6:25:
e7:a5:e6:38:20:79:21:b1:7c:52:23:48:9f:56:32:
99:de:a8:4e:b7:e3:73:79:c6:ca:00:a6:2c:f6:35:
c1:9b:83:72:4d:10:d6:8e:3a:7d:1a:f7:ac:12:f9:
81:d9:ec:3a:6b:db:75:61:de:fb:1a:23:cf:b5:bd:
25:6e:2b:f3:03:4c:a6:82:55:0a:6d:fc:f4:80:16:
ff:3e:6f:13:80:b3:db:e3:1c:9c:97:d6:03:ff:7d:
6a:fa:b6:20:7a:7b:be:a7:00:e1:4a:9d:08:97:0d:
8e:f9:fc:9c:3e:55:fd:95:c0:be:2f:32:78:b3:45:
6d:84:5b:75:8c:ba:ec:9a:d5:f6:db:c7:13:62:1e:
df:79:a9:db:cf:0a:e7:8c:90:0f:e1:ed:0b:5d:0f:
be:1c:59:e8:77:98:8e:f4:dc:19:b0:b9:56:40:2a:
a5:b0:85:57:d1:ba:e6:b1:28:06:7e:69:e5:22:a2:
b7:cd:bb:2d:a1:22:0f:84:a7:72:a6:cb:9f:56:10:
70:18:1e:09:04:ac:8e:33:f8:81:d4:3b:9d:42:ad:
66:9a:7d:a7:0e:55:e8:fb:bd:34:c6:00:80:62:40:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0F:D7:5D:07:88:D0:27:0D:50:85:A7:50:C1:A6:4A:3E:BB:80:07
X509v3 Authority Key Identifier:
keyid:1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/hg_XXQeI0CcNUIWnUMGmSj67gAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.124.0/24
185.91.69.0/24
193.138.195.0/24
IPv6:
2a13:2480::/29
Signature Algorithm: sha256WithRSAEncryption
6a:62:7f:49:1b:f5:ee:59:dd:c9:29:72:32:95:54:17:09:9e:
e5:ef:66:41:40:fa:7f:8b:fe:87:69:8a:81:d4:2c:90:a2:f0:
b8:5c:f6:09:15:70:fd:12:5c:6f:d4:4a:53:90:80:b0:53:ef:
d8:75:78:3d:05:0d:94:b5:91:f1:f3:b3:81:76:29:d1:0d:2a:
fb:5d:e9:37:67:28:25:fa:66:35:de:66:b3:7d:bb:1e:6a:f9:
ca:22:25:45:b6:3c:28:b3:9b:c0:1c:73:0b:37:5f:5b:e9:53:
9b:75:4a:83:ed:fe:33:a4:dc:fd:ab:3d:c9:c1:6d:dc:54:fc:
90:36:c5:ae:8f:5c:6a:8c:72:76:b7:49:10:f5:fd:5f:a3:c6:
bb:12:18:4c:7e:00:9d:db:72:b2:e6:92:35:c1:60:f4:f8:20:
cb:eb:2f:b2:c6:7c:bd:8c:a7:bf:a8:31:bd:38:70:39:3d:18:
e6:5c:6d:25:06:59:80:00:a2:32:59:50:68:76:ea:a5:29:f4:
45:0f:4c:b8:f9:b2:da:f3:9d:01:32:fa:c7:2f:96:5c:21:0e:
2a:cb:72:26:e9:15:16:64:6c:3e:50:16:76:39:41:ae:b8:30:
17:b6:9b:ee:c5:cc:86:17:80:ca:e8:21:1b:ae:e0:8c:e1:a7:
89:3d:71:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYanU1GCe/Q51GpNeJbtPu5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZTM2ZmNmYjA0N2I4YzY1M2ZmYTMyN2ZjMmNhNTExNjll
OTQ3YTQwHhcNMjMwMzAzMTE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBmZDc1ZDA3ODhkMDI3MGQ1MDg1YTc1MGMxYTY0YTNlYmI4MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTUpFcyD8zA6YztMSsUBN/Ofzrfc
gkkAgRy65iXnpeY4IHkhsXxSI0ifVjKZ3qhOt+NzecbKAKYs9jXBm4NyTRDWjjp9
GvesEvmB2ew6a9t1Yd77GiPPtb0lbivzA0ymglUKbfz0gBb/Pm8TgLPb4xycl9YD
/31q+rYgenu+pwDhSp0Ilw2O+fycPlX9lcC+LzJ4s0VthFt1jLrsmtX228cTYh7f
eanbzwrnjJAP4e0LXQ++HFnod5iO9NwZsLlWQCqlsIVX0brmsSgGfmnlIqK3zbst
oSIPhKdypsufVhBwGB4JBKyOM/iB1DudQq1mmn2nDlXo+700xgCAYkBhEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIYP110HiNAnDVCFp1DBpko+u4AHMB8GA1UdIwQY
MBaAFBvjb8+wR7jGU/+jJ/wspRFp6UekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMt
ZTBjOTY2YzE1ZDVmLzEvaGdfWFhRZUkwQ2NOVUlXblVNR21TajY3Z0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMtZTBjOTY2YzE1ZDVm
LzEvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+18AwQA
uVtFAwQAwYrDMA0EAgACMAcDBQMqEySAMA0GCSqGSIb3DQEBCwUAA4IBAQBqYn9J
G/XuWd3JKXIylVQXCZ7l72ZBQPp/i/6HaYqB1CyQovC4XPYJFXD9Elxv1EpTkICw
U+/YdXg9BQ2UtZHx87OBdinRDSr7Xek3Zygl+mY13mazfbseavnKIiVFtjwos5vA
HHMLN19b6VObdUqD7f4zpNz9qz3JwW3cVPyQNsWuj1xqjHJ2t0kQ9f1fo8a7EhhM
fgCd23Ky5pI1wWD0+CDL6y+yxny9jKe/qDG9OHA5PRjmXG0lBlmAAKIyWVBoduql
KfRFD0y4+bLa850BMvrHL5ZcIQ4qy3Im6RUWZGw+UBZ2OUGuuDAXtpvuxcyGF4DK
6CEbruCM4aeJPXEb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org