Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Hv4PqIXxZNmVHFftrRdlq-v9AA8.roa
File: Hv4PqIXxZNmVHFftrRdlq-v9AA8.roa (raw, json)
Hash identifier: VdZUrPPhR4xPDiLy2xXQBerFCLi0gbCPl7pi8RvGJSs=
Subject key identifier: 1E:FE:0F:A8:85:F1:64:D9:95:1C:57:ED:AD:17:65:AB:EB:FD:00:0F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E3C5FF5960478BB9F569DB04532798F55
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Hv4PqIXxZNmVHFftrRdlq-v9AA8.roa
Signing time: Thu 14 Mar 2024 09:51:45 +0000
ROA not before: Thu 14 Mar 2024 09:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 85.254.62.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 13:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:5f:f5:96:04:78:bb:9f:56:9d:b0:45:32:79:8f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 14 09:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1efe0fa885f164d9951c57edad1765abebfd000f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c6:56:b4:8b:a2:4d:3b:e3:b8:72:cf:22:f0:
eb:d0:34:5e:46:5d:fa:05:0f:45:5e:87:bb:f2:47:
4b:99:7d:c6:1f:5b:86:bc:82:f9:67:fd:39:01:37:
ef:e2:4f:ac:91:79:5d:cb:b8:77:67:93:5d:91:78:
8b:d7:4b:da:0a:83:ea:8d:ef:55:32:06:f6:05:30:
49:3f:cb:d0:78:00:d3:0f:9d:bf:80:59:98:e8:65:
f9:22:67:b5:4b:75:5c:0e:c5:81:61:ad:08:f6:af:
20:5c:b4:da:e4:61:a6:06:f3:3c:68:04:c2:a0:84:
34:b3:7d:4b:1e:20:df:ca:a2:3f:06:b7:a1:56:af:
b6:3d:bb:b2:1d:f4:12:cc:bc:63:30:47:12:ff:07:
5b:2a:18:3a:7f:5f:4b:ea:d2:ff:41:fd:42:03:de:
97:bc:5f:ca:50:dc:45:f1:c4:51:58:f2:4d:92:3c:
e0:be:2e:bf:c8:8f:e8:44:cf:5d:1c:2b:87:35:f0:
7e:ae:1b:c6:44:30:23:0b:9e:ac:f4:9a:54:f8:3f:
d5:42:aa:e4:30:61:a8:cf:24:4b:51:6c:32:04:05:
ff:b2:7c:91:c3:da:a0:1a:ae:f7:46:66:ed:1c:f3:
92:c6:99:ac:36:71:96:4b:33:51:98:a0:b9:43:fa:
01:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FE:0F:A8:85:F1:64:D9:95:1C:57:ED:AD:17:65:AB:EB:FD:00:0F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Hv4PqIXxZNmVHFftrRdlq-v9AA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.62.0/24
85.254.104.0/22
85.254.116.0/24
85.254.122.0/24
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:02:d6:66:1b:cb:b6:69:c6:1c:36:f6:2c:ed:ca:22:a6:78:
3a:f1:ef:60:57:cd:e8:af:f4:a5:ce:4d:23:e0:43:f3:61:97:
44:d6:75:de:2f:a7:8a:61:0e:40:b7:c0:47:a2:7e:16:25:f5:
2d:ce:43:50:2d:af:8d:77:a6:b0:ac:e9:9e:76:2b:cd:00:e1:
70:72:04:ea:8c:ed:7c:cc:62:8b:6f:67:ed:a9:d9:19:d7:5f:
20:35:a1:34:0f:47:28:97:35:4e:f7:22:32:50:77:e6:73:97:
4a:37:44:c0:fd:75:68:9d:77:10:fb:f7:6f:e5:13:43:4b:35:
2a:05:3b:c9:11:e6:d2:10:bb:e0:e9:05:5a:c9:b0:d4:b5:09:
00:87:52:85:3d:05:64:b7:82:99:b1:9a:d6:cc:d3:0a:b9:49:
82:37:a8:44:2c:f8:66:ac:53:0e:14:78:16:79:62:46:d2:aa:
5e:26:9e:dd:6d:d4:46:c9:b0:b8:87:51:44:bf:ec:0b:e7:e5:
2a:91:27:e1:64:6f:4f:33:1c:f6:0e:7f:0d:5d:fa:a4:ad:39:
51:66:c5:49:95:7c:58:d7:f1:4b:b7:67:b3:a3:df:5d:fe:62:
8b:7c:90:ee:4c:7f:d0:07:de:29:ec:ce:10:45:d9:b8:c1:52:
c7:be:b4:c9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY48X/WWBHi7n1adsEUyeY9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzE0MDk1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZlMGZhODg1ZjE2NGQ5OTUxYzU3ZWRhZDE3NjVhYmViZmQwMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8ZWtIuiTTvjuHLPIvDr0DReRl36
BQ9FXoe78kdLmX3GH1uGvIL5Z/05ATfv4k+skXldy7h3Z5NdkXiL10vaCoPqje9V
Mgb2BTBJP8vQeADTD52/gFmY6GX5Ime1S3VcDsWBYa0I9q8gXLTa5GGmBvM8aATC
oIQ0s31LHiDfyqI/BrehVq+2PbuyHfQSzLxjMEcS/wdbKhg6f19L6tL/Qf1CA96X
vF/KUNxF8cRRWPJNkjzgvi6/yI/oRM9dHCuHNfB+rhvGRDAjC56s9JpU+D/VQqrk
MGGozyRLUWwyBAX/snyRw9qgGq73RmbtHPOSxpmsNnGWSzNRmKC5Q/oBSwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB7+D6iF8WTZlRxX7a0XZavr/QAPMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSHY0UHFJWHhaTm1WSEZmdHJSZGxxLXY5QUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVf4+AwQC
Vf5oAwQAVf50AwQAVf56AwQAn5R9AwQAn5SKAwQAn5SWAwQAn5TeMA0GCSqGSIb3
DQEBCwUAA4IBAQCeAtZmG8u2acYcNvYs7coipng68e9gV83or/Slzk0j4EPzYZdE
1nXeL6eKYQ5At8BHon4WJfUtzkNQLa+Nd6awrOmedivNAOFwcgTqjO18zGKLb2ft
qdkZ118gNaE0D0colzVO9yIyUHfmc5dKN0TA/XVonXcQ+/dv5RNDSzUqBTvJEebS
ELvg6QVaybDUtQkAh1KFPQVkt4KZsZrWzNMKuUmCN6hELPhmrFMOFHgWeWJG0qpe
Jp7dbdRGybC4h1FEv+wL5+UqkSfhZG9PMxz2Dn8NXfqkrTlRZsVJlXxY1/FLt2ez
o99d/mKLfJDuTH/QB94p7M4QRdm4wVLHvrTJ
-----END CERTIFICATE-----
Generated at Mon Mar 18 17:05:22 2024 by rpki-client on console-fra.rpki-client.org