Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbnOagyR6HHt0lQnEp5QIaIbD9k.roa
File: HbnOagyR6HHt0lQnEp5QIaIbD9k.roa (raw, json)
Hash identifier: h5jolxZq6rBhgTYsRYrkpOEIKbLJ9UfmemA87qzxBkg=
Subject key identifier: 1D:B9:CE:6A:0C:91:E8:71:ED:D2:54:27:12:9E:50:21:A2:1B:0F:D9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01937C6800B7C1814095C0EEE3149166F780
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbnOagyR6HHt0lQnEp5QIaIbD9k.roa
Signing time: Sat 30 Nov 2024 09:30:10 +0000
ROA not before: Sat 30 Nov 2024 09:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 11:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7c:68:00:b7:c1:81:40:95:c0:ee:e3:14:91:66:f7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 30 09:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db9ce6a0c91e871edd25427129e5021a21b0fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:90:a0:f0:b2:b9:5b:f1:b0:65:de:a0:5c:
05:21:1c:de:f8:97:af:d3:b0:8b:03:f2:3e:db:3d:
c7:19:8a:96:1b:bb:c2:03:55:7a:c7:7e:5c:96:97:
31:91:49:25:ef:a8:eb:a7:f3:04:95:60:c6:9f:fa:
b8:6b:d8:80:2c:68:32:ff:bd:4b:51:95:70:9b:1c:
f2:96:76:01:a2:74:3c:70:c1:48:e2:58:70:52:18:
68:93:69:ef:15:c9:1c:f5:3a:d5:3b:3d:30:32:ba:
ed:69:8e:7b:1d:08:49:ef:f6:a3:1a:ab:0e:03:08:
d4:be:1e:05:48:e3:11:ed:bc:75:3a:53:0f:5f:39:
e4:53:34:a9:3f:23:a4:e1:e8:ab:7b:d4:08:bc:bf:
e0:65:53:00:92:96:e2:e3:80:2f:50:dd:16:e9:e4:
61:ed:c3:0d:5f:10:28:0d:69:68:53:62:b4:0d:d4:
a9:29:89:df:27:ed:bd:57:aa:67:4a:81:62:34:bc:
a9:0d:12:95:68:94:d3:7b:1f:7e:35:df:79:f0:d4:
a4:c6:25:cc:fb:4e:06:62:e2:16:6e:1a:32:b7:56:
03:c2:c5:ff:44:6f:ac:6e:ef:1b:00:f2:3b:79:35:
7e:dc:a8:db:0a:4e:a7:5f:12:88:ad:13:32:b9:25:
03:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B9:CE:6A:0C:91:E8:71:ED:D2:54:27:12:9E:50:21:A2:1B:0F:D9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbnOagyR6HHt0lQnEp5QIaIbD9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
45.149.235.0/24
83.143.113.0/24
87.120.88.0/24
109.206.242.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:5d:01:17:61:57:86:d0:15:3f:e8:59:8c:3b:f3:be:58:b0:
fa:be:f9:4f:82:bb:db:e2:f0:de:d7:42:ac:12:50:62:ff:d3:
01:f7:54:b0:14:75:be:65:e2:d6:34:37:9a:b2:1d:d5:75:d7:
b6:97:1e:a0:d1:54:7d:83:35:31:3d:48:ac:a5:20:db:0d:d2:
b3:e0:f4:bb:e2:ab:bf:cf:63:c4:d3:ed:f0:81:50:2a:b4:8e:
a0:e4:0f:fa:eb:c1:ee:18:62:e3:f3:dd:53:a7:f0:2c:de:dc:
72:d9:57:67:15:79:68:ea:26:74:b2:20:d5:18:d3:90:8f:2b:
57:8f:fb:9c:4c:52:fb:89:8f:fd:a2:92:1a:0e:20:ce:be:9f:
25:9b:4e:a9:f4:f4:b7:03:f4:79:ee:a8:92:39:ac:a5:f8:d4:
16:0c:de:bf:0e:48:d9:06:a4:49:77:94:22:51:ca:b0:2f:bf:
24:72:36:18:91:9d:0b:bb:97:79:4a:62:a7:cc:c5:f5:1f:ed:
45:9d:43:91:b9:c5:5d:b3:ec:d0:82:4f:79:28:7e:c7:fa:fa:
26:d6:4f:80:23:f0:e6:2e:4b:85:65:9a:11:8f:68:3e:2a:47:
19:1a:5f:ab:2d:9d:25:ad:e3:03:b5:4e:fa:02:21:3b:4d:01:
f1:1d:b9:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZN8aAC3wYFAlcDu4xSRZveAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTMwMDkzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI5Y2U2YTBjOTFlODcxZWRkMjU0MjcxMjllNTAyMWEyMWIwZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzWQoPCyuVvxsGXeoFwFIRze+Jev
07CLA/I+2z3HGYqWG7vCA1V6x35clpcxkUkl76jrp/MElWDGn/q4a9iALGgy/71L
UZVwmxzylnYBonQ8cMFI4lhwUhhok2nvFckc9TrVOz0wMrrtaY57HQhJ7/ajGqsO
AwjUvh4FSOMR7bx1OlMPXznkUzSpPyOk4eire9QIvL/gZVMAkpbi44AvUN0W6eRh
7cMNXxAoDWloU2K0DdSpKYnfJ+29V6pnSoFiNLypDRKVaJTTex9+Nd958NSkxiXM
+04GYuIWbhoyt1YDwsX/RG+sbu8bAPI7eTV+3KjbCk6nXxKIrRMyuSUD/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB25zmoMkehx7dJUJxKeUCGiGw/ZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGJuT2FneVI2SEh0MGxRbkVwNVFJYUliRDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVRYAwQA
LVn0AwQALVvBAwQALZXrAwQAU49xAwQAV3hYAwQAbc7yMA0GCSqGSIb3DQEBCwUA
A4IBAQCqXQEXYVeG0BU/6FmMO/O+WLD6vvlPgrvb4vDe10KsElBi/9MB91SwFHW+
ZeLWNDeash3Vdde2lx6g0VR9gzUxPUispSDbDdKz4PS74qu/z2PE0+3wgVAqtI6g
5A/668HuGGLj891Tp/As3txy2VdnFXlo6iZ0siDVGNOQjytXj/ucTFL7iY/9opIa
DiDOvp8lm06p9PS3A/R57qiSOayl+NQWDN6/DkjZBqRJd5QiUcqwL78kcjYYkZ0L
u5d5SmKnzMX1H+1FnUORucVds+zQgk95KH7H+vom1k+AI/DmLkuFZZoRj2g+KkcZ
Gl+rLZ0lreMDtU76AiE7TQHxHbl8
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:26:28 2025 by rpki-client