Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/HZMJEWC_fDSLPNUVUUku2u7_N5g.roa
File: HZMJEWC_fDSLPNUVUUku2u7_N5g.roa (raw, json)
Hash identifier: Lfne6cNFZzmufUuuMdKsSJSdyJwTqtS4WQglrBlpfTo=
Subject key identifier: 1D:93:09:11:60:BF:7C:34:8B:3C:D5:15:51:49:2E:DA:EE:FF:37:98
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 019041115A5B7F91C697EE6B179AD504E0A4
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/HZMJEWC_fDSLPNUVUUku2u7_N5g.roa
Signing time: Sat 22 Jun 2024 17:49:34 +0000
ROA not before: Sat 22 Jun 2024 17:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 09:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:41:11:5a:5b:7f:91:c6:97:ee:6b:17:9a:d5:04:e0:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jun 22 17:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d93091160bf7c348b3cd51551492edaeeff3798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:3d:5a:69:f5:eb:53:2e:66:52:a8:94:d4:
c0:6d:ad:fd:a8:81:9a:04:be:10:f9:73:d6:7a:22:
2c:9f:a1:bb:6f:fd:c5:a9:43:ac:46:c5:c5:3b:e0:
43:69:06:cf:88:c1:3b:e6:3a:6e:2f:59:ec:e6:a2:
06:dc:d6:a8:20:85:bd:cd:71:89:66:74:60:d0:33:
2b:06:e4:c0:70:f4:e1:36:7d:4c:5b:4e:4c:da:91:
f4:c4:cf:0b:63:b4:23:28:3c:97:16:67:62:a8:13:
9f:a5:5c:54:91:9c:ba:5d:f3:e4:d9:23:59:bf:8f:
60:f6:53:25:9b:14:03:e9:7f:42:4c:ec:5d:99:80:
71:07:2a:26:8e:99:4c:50:48:cd:c3:27:de:85:f4:
be:74:0c:96:b6:72:8b:a0:80:03:84:f1:5d:2e:1d:
9b:dd:ca:75:23:b7:63:51:ad:40:dc:01:15:22:cf:
f1:0e:ad:cb:8a:20:e2:5f:f3:4b:40:2e:18:7d:1c:
b1:69:fd:9a:67:c5:5f:d7:9a:bd:c0:4d:90:68:5f:
17:f2:7b:32:ae:eb:52:76:bb:a8:8c:c8:bb:b6:b8:
40:6a:c2:28:0b:5f:f8:15:10:3b:cd:8c:ff:8d:12:
4f:07:1f:d4:ff:67:96:6f:8f:0b:4e:ec:4f:7e:76:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:93:09:11:60:BF:7C:34:8B:3C:D5:15:51:49:2E:DA:EE:FF:37:98
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/HZMJEWC_fDSLPNUVUUku2u7_N5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
94:73:ac:52:d2:0c:00:96:a0:04:37:c3:05:c5:1a:96:94:bc:
02:20:bb:00:c7:40:59:3c:93:eb:02:92:f8:d8:76:8d:0b:d0:
67:8d:49:26:aa:ea:9f:d3:a2:03:86:d6:25:93:32:8c:42:5c:
8b:9c:69:71:b1:c0:22:d7:b2:ba:be:ca:b6:2d:a4:71:50:39:
c5:0f:2a:b2:1c:73:e1:2b:85:bf:0e:84:51:9a:47:94:76:87:
51:36:cd:02:d8:25:76:6e:47:76:01:56:6d:3e:f2:da:74:c9:
19:98:aa:d4:55:ed:50:4f:c1:7b:5f:82:f6:a9:65:72:11:be:
b6:97:da:ce:32:12:be:c4:51:11:d0:f5:9e:9d:5e:5c:83:77:
fa:1a:39:84:34:23:d8:f5:63:56:01:c5:64:d0:37:fa:48:b5:
03:10:89:22:b2:05:24:94:d9:09:5b:44:20:21:79:67:cd:6f:
96:b1:c4:f1:e6:9d:d4:f4:ff:94:b6:28:ab:cd:27:9c:86:23:
b9:04:06:f5:04:ee:a5:39:98:40:48:7e:9c:c0:be:e0:11:7e:
d5:42:15:45:d8:8e:ef:a6:e1:26:5c:4a:3c:14:4d:ab:52:ea:
a8:fb:d7:03:d1:46:bf:3b:9f:16:fe:da:49:b8:38:48:05:5f:
7d:af:ab:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZBBEVpbf5HGl+5rF5rVBOCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQwNjIyMTc0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkzMDkxMTYwYmY3YzM0OGIzY2Q1MTU1MTQ5MmVkYWVlZmYzNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2U9Wmn161MuZlKolNTAba39qIGa
BL4Q+XPWeiIsn6G7b/3FqUOsRsXFO+BDaQbPiME75jpuL1ns5qIG3NaoIIW9zXGJ
ZnRg0DMrBuTAcPThNn1MW05M2pH0xM8LY7QjKDyXFmdiqBOfpVxUkZy6XfPk2SNZ
v49g9lMlmxQD6X9CTOxdmYBxByomjplMUEjNwyfehfS+dAyWtnKLoIADhPFdLh2b
3cp1I7djUa1A3AEVIs/xDq3LiiDiX/NLQC4YfRyxaf2aZ8Vf15q9wE2QaF8X8nsy
rutSdruojMi7trhAasIoC1/4FRA7zYz/jRJPBx/U/2eWb48LTuxPfnbbZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2TCRFgv3w0izzVFVFJLtru/zeYMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvSFpNSkVXQ19mRFNMUE5VVlVVa3UydTdfTjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCUc6xS0gwAlqAE
N8MFxRqWlLwCILsAx0BZPJPrApL42HaNC9BnjUkmquqf06IDhtYlkzKMQlyLnGlx
scAi17K6vsq2LaRxUDnFDyqyHHPhK4W/DoRRmkeUdodRNs0C2CV2bkd2AVZtPvLa
dMkZmKrUVe1QT8F7X4L2qWVyEb62l9rOMhK+xFER0PWenV5cg3f6GjmENCPY9WNW
AcVk0Df6SLUDEIkisgUklNkJW0QgIXlnzW+WscTx5p3U9P+UtiirzSechiO5BAb1
BO6lOZhASH6cwL7gEX7VQhVF2I7vpuEmXEo8FE2rUuqo+9cD0Ua/O58W/tpJuDhI
BV99r6vU
-----END CERTIFICATE-----
Generated at Wed Jul 17 12:24:42 2024 by rpki-client on console-fra.rpki-client.org