Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hQFhZOGWpvUxkIHdnZ0Itvn5Dao.roa
File: hQFhZOGWpvUxkIHdnZ0Itvn5Dao.roa (raw, json)
Hash identifier: O+8m+scHsy0kI/tw6e+l8XoDWHLnpIeagX4loY1NAV8=
Subject key identifier: 85:01:61:64:E1:96:A6:F5:31:90:81:DD:9D:9D:08:B6:F9:F9:0D:AA
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018E7B271EA4204C02114C40739D5C92E4C0
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hQFhZOGWpvUxkIHdnZ0Itvn5Dao.roa
Signing time: Tue 26 Mar 2024 14:25:44 +0000
ROA not before: Tue 26 Mar 2024 14:25:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11325
IP address blocks: 2.57.248.0/22 maxlen: 22
45.80.96.0/22 maxlen: 22
45.85.128.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Apr 2024 19:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:27:1e:a4:20:4c:02:11:4c:40:73:9d:5c:92:e4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Mar 26 14:25:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85016164e196a6f5319081dd9d9d08b6f9f90daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:96:45:88:fb:73:e1:dc:ba:2e:af:e2:ea:4b:
ce:5e:71:38:52:3f:ff:ca:a1:16:7f:49:a7:27:d1:
3c:07:ef:b7:bc:b6:3c:06:82:1d:42:c0:5a:30:2e:
48:93:95:52:51:f0:23:c5:85:49:85:8b:0b:6d:70:
66:70:67:28:74:93:a6:44:f0:5b:81:44:9b:50:35:
38:54:c1:27:9d:fc:78:03:5d:fd:24:53:3c:31:13:
ac:15:25:55:81:a3:75:c0:b4:05:0b:1c:73:2b:08:
84:2f:22:cb:a7:c2:1d:5b:9f:c7:69:02:d5:1c:a3:
38:91:da:e3:e8:92:18:7d:80:c4:8c:38:09:cb:43:
97:8a:33:7d:b7:ab:64:5b:df:f6:cf:36:5d:0a:32:
0d:1b:56:94:3c:94:c1:a1:0d:e3:74:71:54:2e:d9:
1e:b4:c8:01:ea:75:77:f0:f9:e1:93:84:c7:e0:dc:
e5:8b:fd:65:a3:ce:03:9f:23:92:5a:e1:f2:c8:45:
03:9a:ba:6b:d2:f0:06:a2:c8:8b:4a:34:86:8a:a2:
13:6d:8c:f1:1b:32:be:a1:2e:35:a1:d6:11:e7:34:
bf:18:a1:c5:b8:78:88:ea:7e:e3:04:96:68:d0:b4:
d3:33:05:30:6e:c4:ce:f7:57:ef:0e:ac:96:49:c3:
cb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:01:61:64:E1:96:A6:F5:31:90:81:DD:9D:9D:08:B6:F9:F9:0D:AA
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hQFhZOGWpvUxkIHdnZ0Itvn5Dao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.248.0/22
45.80.96.0/22
45.85.128.0/23
171.22.62.0/23
Signature Algorithm: sha256WithRSAEncryption
89:06:66:b2:70:c1:08:cd:95:a0:1f:ee:02:36:68:49:08:75:
33:7f:74:11:3b:3e:83:8d:46:25:c2:f0:13:62:a6:4d:de:5f:
b2:e8:85:c7:6d:fa:9c:44:58:bc:db:b6:58:1a:8e:f4:de:de:
26:7b:01:ca:10:e4:eb:31:1e:04:23:0c:48:e1:be:f1:90:72:
83:d1:b9:55:c5:a7:15:27:7d:b2:b8:d3:68:0f:5a:2d:0b:a5:
a2:d7:19:ef:11:ba:10:dc:89:3d:94:43:c0:5f:3f:22:02:a7:
ac:3f:71:d2:0d:4d:ac:34:62:f9:bc:74:32:66:3b:76:4c:d8:
97:d3:d0:c1:67:03:e3:05:50:1c:d3:ec:2b:72:9b:2b:dc:12:
ad:e8:dc:ad:64:af:2a:3b:5c:70:70:06:56:f0:7b:13:30:d6:
b2:b8:51:30:22:0d:5e:51:4e:87:57:2d:29:08:ab:ab:55:38:
6e:89:6c:d2:7e:c2:7b:dd:b8:43:67:9d:5d:c3:c7:73:0e:f0:
98:61:36:45:e4:60:04:2b:30:a1:38:ed:6c:32:ba:3a:66:2e:
8f:c0:1e:43:d7:af:22:fb:81:0a:df:67:cd:8e:4a:39:48:20:
1d:98:c7:0d:26:51:49:6d:98:b8:8b:f6:ea:32:6b:23:09:f1:
9e:19:85:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY57Jx6kIEwCEUxAc51ckuTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMzI2MTQyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTAxNjE2NGUxOTZhNmY1MzE5MDgxZGQ5ZDlkMDhiNmY5ZjkwZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5ZFiPtz4dy6Lq/i6kvOXnE4Uj//
yqEWf0mnJ9E8B++3vLY8BoIdQsBaMC5Ik5VSUfAjxYVJhYsLbXBmcGcodJOmRPBb
gUSbUDU4VMEnnfx4A139JFM8MROsFSVVgaN1wLQFCxxzKwiELyLLp8IdW5/HaQLV
HKM4kdrj6JIYfYDEjDgJy0OXijN9t6tkW9/2zzZdCjING1aUPJTBoQ3jdHFULtke
tMgB6nV38Pnhk4TH4Nzli/1lo84DnyOSWuHyyEUDmrpr0vAGosiLSjSGiqITbYzx
GzK+oS41odYR5zS/GKHFuHiI6n7jBJZo0LTTMwUwbsTO91fvDqyWScPLkwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIUBYWThlqb1MZCB3Z2dCLb5+Q2qMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFFGaFpPR1dwdlV4a0lIZG5aMEl0dm41RGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjn4AwQC
LVBgAwQBLVWAAwQBqxY+MA0GCSqGSIb3DQEBCwUAA4IBAQCJBmaycMEIzZWgH+4C
NmhJCHUzf3QROz6DjUYlwvATYqZN3l+y6IXHbfqcRFi827ZYGo703t4mewHKEOTr
MR4EIwxI4b7xkHKD0blVxacVJ32yuNNoD1otC6Wi1xnvEboQ3Ik9lEPAXz8iAqes
P3HSDU2sNGL5vHQyZjt2TNiX09DBZwPjBVAc0+wrcpsr3BKt6NytZK8qO1xwcAZW
8HsTMNayuFEwIg1eUU6HVy0pCKurVThuiWzSfsJ73bhDZ51dw8dzDvCYYTZF5GAE
KzChOO1sMro6Zi6PwB5D168i+4EK32fNjko5SCAdmMcNJlFJbZi4i/bqMmsjCfGe
GYWt
-----END CERTIFICATE-----
Generated at Tue Apr 2 23:02:44 2024 by rpki-client on console-ams.rpki-client.org