Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/HLptWagWLXA_D7eIcSSL1iea7ho.roa
File: HLptWagWLXA_D7eIcSSL1iea7ho.roa (raw, json)
Hash identifier: giPqYB+3HJTGqwx341e0xrXuwpt36n7d8GKHUPGMD3U=
Subject key identifier: 1C:BA:6D:59:A8:16:2D:70:3F:0F:B7:88:71:24:8B:D6:27:9A:EE:1A
Certificate issuer: /CN=0ebd5f54905ee8e4d2830c6cf50f60d264201a93
Certificate serial: 018CC501206CFEAB18521E49EA0955EBE3F4
Authority key identifier: 0E:BD:5F:54:90:5E:E8:E4:D2:83:0C:6C:F5:0F:60:D2:64:20:1A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/HLptWagWLXA_D7eIcSSL1iea7ho.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48945
IP address blocks: 93.186.144.0/24 maxlen: 24
93.186.145.0/24 maxlen: 24
93.186.147.0/24 maxlen: 24
93.186.152.0/23 maxlen: 23
93.186.148.0/22 maxlen: 22
93.186.146.0/24 maxlen: 24
93.186.154.0/24 maxlen: 24
93.186.156.0/22 maxlen: 22
93.186.155.0/24 maxlen: 24
185.11.36.0/22 maxlen: 22
2a03:7e84::/30 maxlen: 30
2a03:7e80::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:20:6c:fe:ab:18:52:1e:49:ea:09:55:eb:e3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ebd5f54905ee8e4d2830c6cf50f60d264201a93
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cba6d59a8162d703f0fb78871248bd6279aee1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:78:87:5d:32:2c:fc:7b:6f:12:c1:9d:09:f0:
a4:f0:eb:93:5c:6e:dd:47:47:2b:4b:09:c8:73:aa:
88:d6:ed:8f:58:e6:05:96:c8:ce:52:ae:70:d0:13:
77:1e:76:a4:53:0b:bc:f3:a4:25:ab:ae:49:b2:7c:
53:ce:4a:cd:b3:7f:80:4e:17:90:d5:35:43:40:06:
9f:45:26:8d:77:f9:a5:64:50:ea:0d:e6:89:03:a4:
a0:65:5d:af:da:d0:19:3d:72:c8:3d:e5:e2:dc:7c:
b8:78:cb:6a:19:6c:b2:03:73:d3:a7:8d:57:92:21:
64:f0:e5:0f:a4:de:b4:de:80:78:0f:04:0b:93:0a:
ce:1b:bc:15:f9:2b:8e:88:9a:29:3c:0a:81:a9:76:
6e:61:1d:56:91:6e:49:d0:5e:3e:31:6d:26:45:80:
5e:33:9c:d1:30:ef:e2:87:83:3a:76:54:db:25:74:
06:e7:39:e1:ea:c7:9e:c4:b8:8d:8e:5c:43:77:39:
d1:80:db:32:55:01:b0:18:8c:f0:2a:d2:c5:b0:38:
11:9d:a5:ee:08:b1:54:00:aa:9f:78:fd:e1:4c:17:
3b:47:0f:2e:9a:0d:85:cc:8b:97:ff:14:c0:e1:1e:
ea:d9:eb:22:01:0f:96:2d:21:4e:ba:dd:6d:6e:13:
cf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BA:6D:59:A8:16:2D:70:3F:0F:B7:88:71:24:8B:D6:27:9A:EE:1A
X509v3 Authority Key Identifier:
keyid:0E:BD:5F:54:90:5E:E8:E4:D2:83:0C:6C:F5:0F:60:D2:64:20:1A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/HLptWagWLXA_D7eIcSSL1iea7ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.144.0/20
185.11.36.0/22
IPv6:
2a03:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
3e:2a:76:fb:26:1b:60:87:d4:8d:56:f4:c9:c4:17:af:8a:e5:
51:cb:07:45:e2:b0:d6:32:a1:4e:7b:16:4f:19:3e:00:2e:00:
13:81:ab:0b:ee:79:a1:46:04:45:3e:e2:45:18:d2:c1:3b:64:
6b:9d:4b:b8:ad:88:fb:80:bc:78:61:c6:73:79:91:58:53:8c:
20:86:c4:58:3e:94:86:f5:cc:47:e0:a1:cb:8e:bd:34:65:2b:
a8:07:b3:dd:2a:63:48:9f:87:ca:89:db:0a:01:53:c2:40:a0:
14:d7:6d:c1:3b:c9:40:a1:1b:78:a8:6e:76:2d:43:93:f7:e1:
9f:32:5b:2b:e0:e0:8f:30:06:da:3f:5b:f1:9a:38:00:87:55:
4e:e3:71:c8:3d:74:1a:08:59:e2:47:09:bf:7b:f4:e8:80:44:
3c:d6:0b:7f:e4:3b:82:5e:8c:f2:c5:91:ef:6c:d1:45:28:d0:
d2:98:79:a9:74:e4:06:e4:a3:0e:1e:d5:13:52:e2:44:a9:17:
ac:4a:31:c1:73:bc:61:50:43:58:e6:ad:03:2a:8d:ed:ba:64:
9b:f2:23:4b:83:89:d6:14:e8:d2:44:1c:7e:09:9e:a7:7c:20:
f5:fd:dd:29:74:4f:83:6d:12:79:30:be:ef:47:c3:d3:5c:0f:
eb:dc:99:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFASBs/qsYUh5J6glV6+P0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYmQ1ZjU0OTA1ZWU4ZTRkMjgzMGM2Y2Y1MGY2MGQyNjQy
MDFhOTMwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JhNmQ1OWE4MTYyZDcwM2YwZmI3ODg3MTI0OGJkNjI3OWFlZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHiHXTIs/HtvEsGdCfCk8OuTXG7d
R0crSwnIc6qI1u2PWOYFlsjOUq5w0BN3HnakUwu886Qlq65JsnxTzkrNs3+ATheQ
1TVDQAafRSaNd/mlZFDqDeaJA6SgZV2v2tAZPXLIPeXi3Hy4eMtqGWyyA3PTp41X
kiFk8OUPpN603oB4DwQLkwrOG7wV+SuOiJopPAqBqXZuYR1WkW5J0F4+MW0mRYBe
M5zRMO/ih4M6dlTbJXQG5znh6seexLiNjlxDdznRgNsyVQGwGIzwKtLFsDgRnaXu
CLFUAKqfeP3hTBc7Rw8umg2FzIuX/xTA4R7q2esiAQ+WLSFOut1tbhPPmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBy6bVmoFi1wPw+3iHEki9Ynmu4aMB8GA1UdIwQY
MBaAFA69X1SQXujk0oMMbPUPYNJkIBqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHIxZlZKQmU2T1RTZ3d4czlROWcwbVFnR3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iNTkzOWItZGFhNy00ZjQ3LTk4NzMt
NjRhMjdlOTc3ZmQ5LzEvSExwdFdhZ1dMWEFfRDdlSWNTU0wxaWVhN2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iNTkzOWItZGFhNy00ZjQ3LTk4NzMtNjRhMjdlOTc3ZmQ5
LzEvRHIxZlZKQmU2T1RTZ3d4czlROWcwbVFnR3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXbqQAwQC
uQskMA0EAgACMAcDBQMqA36AMA0GCSqGSIb3DQEBCwUAA4IBAQA+Knb7Jhtgh9SN
VvTJxBeviuVRywdF4rDWMqFOexZPGT4ALgATgasL7nmhRgRFPuJFGNLBO2RrnUu4
rYj7gLx4YcZzeZFYU4wghsRYPpSG9cxH4KHLjr00ZSuoB7PdKmNIn4fKidsKAVPC
QKAU123BO8lAoRt4qG52LUOT9+GfMlsr4OCPMAbaP1vxmjgAh1VO43HIPXQaCFni
Rwm/e/TogEQ81gt/5DuCXozyxZHvbNFFKNDSmHmpdOQG5KMOHtUTUuJEqResSjHB
c7xhUENY5q0DKo3tumSb8iNLg4nWFOjSRBx+CZ6nfCD1/d0pdE+DbRJ5ML7vR8PT
XA/r3Jlu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:17 2025 by rpki-client