Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/hYvsOjqiVYVMbYdouXjTVt8sGnE.roa
File: hYvsOjqiVYVMbYdouXjTVt8sGnE.roa (raw, json)
Hash identifier: FYz9XWeCz3COwQATNoYe1AtawuQvQzRJgEO5TIOiE9Y=
Subject key identifier: 85:8B:EC:3A:3A:A2:55:85:4C:6D:87:68:B9:78:D3:56:DF:2C:1A:71
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018E60CC9962A377DC396628F564C325D05B
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/hYvsOjqiVYVMbYdouXjTVt8sGnE.roa
Signing time: Thu 21 Mar 2024 11:36:45 +0000
ROA not before: Thu 21 Mar 2024 11:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.100.0/24 maxlen: 24
5.182.101.0/24 maxlen: 24
45.14.72.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
85.8.190.0/23 maxlen: 23
85.209.216.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
139.28.137.0/24 maxlen: 24
139.28.138.0/23 maxlen: 23
141.98.240.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
194.124.52.0/22 maxlen: 22
195.206.108.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 20:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:cc:99:62:a3:77:dc:39:66:28:f5:64:c3:25:d0:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Mar 21 11:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=858bec3a3aa255854c6d8768b978d356df2c1a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:08:ff:30:39:11:9b:45:b3:62:9b:11:22:6c:
a9:a8:98:75:c9:66:81:6d:af:dd:2d:32:ad:80:7f:
d6:4f:e3:a1:38:fc:3b:bc:c4:4d:ce:b8:8a:9b:d2:
9e:81:77:b2:66:a7:43:78:45:0b:cb:9f:74:c8:fd:
a8:f0:d3:ae:01:49:1b:c8:8d:f8:54:7a:58:c9:1e:
57:44:92:29:ab:d1:7a:ec:43:4e:ec:7c:a8:b7:65:
eb:21:d3:c6:51:c4:f1:9c:0c:f3:c6:33:96:39:d2:
b2:5e:6a:2f:18:fe:d1:97:c5:22:32:fc:e4:ab:ca:
c0:c2:83:fc:5e:be:f6:b8:95:0f:2f:b5:8e:1c:e1:
0c:8d:32:3d:1e:fe:c3:e1:8f:a3:ae:1d:92:f9:b4:
a6:54:9d:e8:de:1f:c3:50:a9:3b:a8:72:f2:c2:b0:
7e:1e:58:9c:56:e6:0a:c3:40:f7:11:7e:48:7f:6f:
e0:69:90:ff:a7:98:b1:36:3b:0a:7b:12:6f:c2:a0:
35:91:65:27:07:8d:eb:de:aa:68:b0:03:52:8d:f8:
07:3f:ec:ac:17:c3:88:7f:cc:58:93:c1:91:3c:85:
32:b5:b3:a5:da:a4:0d:99:c9:6f:17:65:c8:b4:7f:
48:ec:40:2b:97:ad:b8:a1:47:9e:e0:17:1c:5b:3e:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8B:EC:3A:3A:A2:55:85:4C:6D:87:68:B9:78:D3:56:DF:2C:1A:71
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/hYvsOjqiVYVMbYdouXjTVt8sGnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/23
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/23
139.28.137.0-139.28.139.255
141.98.240.0/22
193.31.72.0/23
193.31.75.0/24
194.5.0.0/22
194.124.52.0/22
195.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:1d:7d:15:cf:e0:31:f5:c4:ab:6e:f1:c6:7f:3d:b0:36:04:
20:60:3c:10:b4:be:c3:e5:ff:b9:d9:1a:d5:7c:86:07:e6:08:
e3:cb:50:af:ee:de:13:9a:2d:ec:9d:11:75:88:76:75:1a:e7:
8a:7e:85:e2:63:07:97:5a:44:5a:41:ca:64:c0:1c:e8:52:e9:
7f:32:13:cc:0f:9b:1d:de:cc:36:9f:d5:fd:20:ae:c4:64:36:
91:a9:2e:d0:cf:9d:e0:7c:94:09:ca:26:44:c3:27:b2:38:56:
76:d8:a1:a2:01:e5:8c:b0:f6:f3:da:47:77:5d:e4:1c:5f:f7:
df:d8:ba:25:64:fb:91:a3:96:d1:2e:05:e3:1f:17:68:ec:88:
a9:5d:ad:a0:c0:ad:84:ee:95:48:dc:49:02:07:9b:a3:aa:f6:
6c:3e:09:b8:87:ae:3a:07:c6:1a:ae:d5:22:93:5d:51:d2:e3:
8f:ca:5a:97:22:94:2d:13:f7:09:7e:58:ed:61:57:68:23:e7:
6c:ef:97:98:77:5e:43:d0:2e:14:18:5d:18:7b:70:2c:c1:c4:
94:3a:6f:09:76:2a:83:c6:91:b3:6d:08:45:9b:c4:fa:22:35:
28:7e:fb:5c:20:b0:ac:ac:9b:fd:fb:0c:55:88:25:e1:10:b9:
da:5e:4d:53
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY5gzJlio3fcOWYo9WTDJdBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwMzIxMTEzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThiZWMzYTNhYTI1NTg1NGM2ZDg3NjhiOTc4ZDM1NmRmMmMxYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQj/MDkRm0WzYpsRImypqJh1yWaB
ba/dLTKtgH/WT+OhOPw7vMRNzriKm9KegXeyZqdDeEULy590yP2o8NOuAUkbyI34
VHpYyR5XRJIpq9F67ENO7Hyot2XrIdPGUcTxnAzzxjOWOdKyXmovGP7Rl8UiMvzk
q8rAwoP8Xr72uJUPL7WOHOEMjTI9Hv7D4Y+jrh2S+bSmVJ3o3h/DUKk7qHLywrB+
HlicVuYKw0D3EX5If2/gaZD/p5ixNjsKexJvwqA1kWUnB43r3qposANSjfgHP+ys
F8OIf8xYk8GRPIUytbOl2qQNmclvF2XItH9I7EArl624oUee4BccWz6n5wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFIWL7Do6olWFTG2HaLl401bfLBpxMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvaFl2c09qcWlWWVZNYllkb3VYalRWdDhzR25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAQW2ZAME
AC0OSAMEAS1ULAMEAC1ULwMEAS2dSgMEAlUIvAMEAFXR2AMEAVXR2gMEAljaZAME
AVx3tDAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQAwR9LAwQCwgUAAwQCwnw0
AwQBw85sMA0GCSqGSIb3DQEBCwUAA4IBAQC4HX0Vz+Ax9cSrbvHGfz2wNgQgYDwQ
tL7D5f+52RrVfIYH5gjjy1Cv7t4Tmi3snRF1iHZ1GueKfoXiYweXWkRaQcpkwBzo
Uul/MhPMD5sd3sw2n9X9IK7EZDaRqS7Qz53gfJQJyiZEwyeyOFZ22KGiAeWMsPbz
2kd3XeQcX/ff2LolZPuRo5bRLgXjHxdo7IipXa2gwK2E7pVI3EkCB5ujqvZsPgm4
h646B8YartUik11R0uOPylqXIpQtE/cJfljtYVdoI+ds75eYd15D0C4UGF0Ye3As
wcSUOm8JdiqDxpGzbQhFm8T6IjUofvtcILCsrJv9+wxViCXhELnaXk1T
-----END CERTIFICATE-----
Generated at Wed Apr 3 23:24:08 2024 by rpki-client on console-ams.rpki-client.org