Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hcYL1W3ZFnsqqiSmLLYpE60LGPA.roa
File: hcYL1W3ZFnsqqiSmLLYpE60LGPA.roa (raw, json)
Hash identifier: CNPZ1UHfT73TjTowA5dJbGudMelJH6PnA74dumiq4T8=
Subject key identifier: 85:C6:0B:D5:6D:D9:16:7B:2A:AA:24:A6:2C:B6:29:13:AD:0B:18:F0
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 01857082D50EF161ACAC2466B800FEE5382D
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hcYL1W3ZFnsqqiSmLLYpE60LGPA.roa
Signing time: Mon 02 Jan 2023 03:25:00 +0000
ROA not before: Mon 02 Jan 2023 03:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24611
IP address blocks: 89.41.248.0/21 maxlen: 24
89.37.200.0/21 maxlen: 24
80.92.64.0/19 maxlen: 24
94.177.88.0/21 maxlen: 24
31.216.144.0/21 maxlen: 24
2001:b20::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d5:0e:f1:61:ac:ac:24:66:b8:00:fe:e5:38:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jan 2 03:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85c60bd56dd9167b2aaa24a62cb62913ad0b18f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cc:d3:b7:cc:45:66:54:81:2f:52:a0:b9:4b:
5c:04:fb:64:86:a5:56:20:13:56:15:48:a1:3a:37:
77:2d:20:b3:5c:35:b0:c5:b5:e0:9b:53:2e:46:fd:
60:af:4b:cb:ff:3d:80:9a:d0:d1:fb:b4:ac:dd:0c:
1c:3b:8f:09:a4:95:68:1a:0b:65:a6:e5:b4:c5:17:
26:cb:82:6d:78:9e:3b:23:90:b6:08:d4:12:91:0d:
4c:c8:02:8f:3c:82:8b:fa:8e:d9:e6:47:d7:c1:72:
13:52:c9:f1:36:f8:ea:ae:c6:49:f6:39:a7:fd:8a:
09:cc:d4:6d:d4:6a:6a:62:1d:8d:e4:4d:7f:b9:a3:
c0:e5:70:c6:a4:3d:a2:14:03:a6:97:f5:cc:e0:e5:
b7:68:51:ef:2d:62:d0:a4:42:c3:f8:da:2f:49:f1:
2f:3e:6d:39:d9:1e:45:48:cb:61:d5:b9:6e:41:c6:
0f:99:bf:c3:ab:4a:78:fb:83:d0:4e:0a:73:d5:ad:
0a:b8:3a:b3:6d:0f:bd:09:93:7c:a4:2f:71:50:4c:
a4:2f:e3:5a:b0:0b:a2:b2:93:83:73:50:c2:40:00:
0e:7f:1b:03:8a:89:6d:45:81:d3:7f:8d:d4:81:0f:
2a:02:d5:5d:85:5b:da:39:4b:c8:05:48:a2:94:40:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C6:0B:D5:6D:D9:16:7B:2A:AA:24:A6:2C:B6:29:13:AD:0B:18:F0
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hcYL1W3ZFnsqqiSmLLYpE60LGPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
80.92.64.0/19
89.37.200.0/21
89.41.248.0/21
94.177.88.0/21
IPv6:
2001:b20::/29
Signature Algorithm: sha256WithRSAEncryption
a5:07:8d:fb:1c:95:d2:57:84:17:1c:d8:91:83:63:83:ea:3e:
32:48:04:d6:78:2d:c9:4a:9c:5f:ce:eb:e2:02:df:e5:de:d6:
63:49:6b:4d:e4:6e:27:ca:fd:df:b5:19:c4:43:9a:57:b6:ea:
2b:92:d4:3d:32:c5:0f:3d:76:13:9f:49:88:4c:1c:27:9e:68:
00:bc:84:c4:a9:b7:8c:6c:31:dc:2d:78:28:e2:9f:b9:a5:d2:
1c:e8:64:74:1d:53:7a:e5:6b:61:0a:90:0e:cb:ee:d8:70:53:
63:13:7b:10:cf:9f:5a:67:a6:ea:e6:5c:d5:ca:7b:b6:ab:62:
d8:c8:4d:6c:63:3e:fa:e2:cf:cf:fe:cd:9d:e6:62:23:b2:41:
9d:17:5f:3b:e4:fb:2c:e6:e1:15:9d:42:0d:db:d8:b6:35:0c:
c1:5b:20:b1:a1:27:0d:e1:39:f3:49:5b:f8:c5:36:47:5f:d2:
57:cd:1f:d4:9e:3b:5c:dd:c3:8d:0f:3f:c9:4a:25:f5:1d:f4:
3e:37:88:b6:ef:47:9c:aa:5f:81:7f:79:f4:6d:3f:f1:3a:a6:
0b:4e:3d:e8:5a:44:c1:00:c2:32:b5:2e:00:f7:5b:c7:a6:6b:
32:c0:f5:a3:bd:6c:c7:d5:72:31:89:58:24:d0:41:fc:24:92:
40:2a:c8:46
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwgtUO8WGsrCRmuAD+5TgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDEwZGEzNTc2MjQyMzI0Y2VmYjJjODFjMTMzOWE2YzBl
M2I0MDMwHhcNMjMwMTAyMDMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM2MGJkNTZkZDkxNjdiMmFhYTI0YTYyY2I2MjkxM2FkMGIxOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMzTt8xFZlSBL1KguUtcBPtkhqVW
IBNWFUihOjd3LSCzXDWwxbXgm1MuRv1gr0vL/z2AmtDR+7Ss3QwcO48JpJVoGgtl
puW0xRcmy4JteJ47I5C2CNQSkQ1MyAKPPIKL+o7Z5kfXwXITUsnxNvjqrsZJ9jmn
/YoJzNRt1GpqYh2N5E1/uaPA5XDGpD2iFAOml/XM4OW3aFHvLWLQpELD+NovSfEv
Pm052R5FSMth1bluQcYPmb/Dq0p4+4PQTgpz1a0KuDqzbQ+9CZN8pC9xUEykL+Na
sAuispODc1DCQAAOfxsDioltRYHTf43UgQ8qAtVdhVvaOUvIBUiilECszwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIXGC9Vt2RZ7Kqokpiy2KROtCxjwMB8GA1UdIwQY
MBaAFNEBDaNXYkIyTO+yyBwTOabA47QDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAt
YTcwNDEyZmJjODMyLzEvaGNZTDFXM1pGbnNxcWlTbUxMWXBFNjBMR1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAtYTcwNDEyZmJjODMy
LzEvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDH9iQAwQF
UFxAAwQDWSXIAwQDWSn4AwQDXrFYMA0EAgACMAcDBQMgAQsgMA0GCSqGSIb3DQEB
CwUAA4IBAQClB437HJXSV4QXHNiRg2OD6j4ySATWeC3JSpxfzuviAt/l3tZjSWtN
5G4nyv3ftRnEQ5pXtuorktQ9MsUPPXYTn0mITBwnnmgAvITEqbeMbDHcLXgo4p+5
pdIc6GR0HVN65WthCpAOy+7YcFNjE3sQz59aZ6bq5lzVynu2q2LYyE1sYz764s/P
/s2d5mIjskGdF1875Pss5uEVnUIN29i2NQzBWyCxoScN4TnzSVv4xTZHX9JXzR/U
njtc3cONDz/JSiX1HfQ+N4i270ecql+Bf3n0bT/xOqYLTj3oWkTBAMIytS4A91vH
pmsywPWjvWzH1XIxiVgk0EH8JJJAKshG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:36 2024 by rpki-client on console-fra.rpki-client.org