Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/hNScD9XV87jP8BGCYTt0mRo6i8Y.roa
File: hNScD9XV87jP8BGCYTt0mRo6i8Y.roa (raw, json)
Hash identifier: Nm2ZqL3QdkC8N/qxaDoodWEFJDG1x0rO38c0QJ4RVwU=
Subject key identifier: 84:D4:9C:0F:D5:D5:F3:B8:CF:F0:11:82:61:3B:74:99:1A:3A:8B:C6
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018D7902FD8368C7C05E9502180081405DAC
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/hNScD9XV87jP8BGCYTt0mRo6i8Y.roa
Signing time: Mon 05 Feb 2024 11:24:15 +0000
ROA not before: Mon 05 Feb 2024 11:24:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 45.139.8.0/24 maxlen: 24
91.243.119.0/24 maxlen: 24
185.217.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 13:15:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:02:fd:83:68:c7:c0:5e:95:02:18:00:81:40:5d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Feb 5 11:24:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84d49c0fd5d5f3b8cff01182613b74991a3a8bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:98:96:c9:aa:92:94:c4:ba:72:6e:47:79:6a:
69:59:14:6a:3f:cf:96:3c:51:fd:2c:36:0a:98:91:
99:6f:e2:98:53:f6:4d:14:76:a2:67:d3:15:4e:90:
d6:3b:cd:05:95:e6:e3:a1:ad:0b:f4:1a:94:a3:3c:
8a:d9:4a:2d:ac:08:8c:10:b4:f0:da:80:4f:c3:2e:
67:2f:ec:ff:a1:bc:98:31:0d:36:04:50:f6:f3:8b:
dc:96:54:82:68:d2:7d:c1:12:da:27:ee:0c:2e:94:
3c:bc:bd:83:93:ce:77:9c:ed:fb:60:d3:c8:d8:4e:
ec:cd:06:72:77:20:14:1f:95:5f:d2:dc:2f:69:50:
ad:48:b6:3e:be:d8:7a:42:b1:03:36:ff:20:6c:57:
5d:13:61:34:40:86:a9:bc:f3:31:2f:25:a6:1d:d4:
5a:20:b0:f0:33:49:e5:e3:42:77:53:d9:09:46:b3:
5d:76:d8:f7:db:cb:a3:f8:8c:b2:90:8b:f8:70:dd:
f4:fa:1d:86:29:0d:b8:d0:24:32:05:6e:ea:74:f5:
9c:f9:cd:6e:37:f7:e0:62:aa:fb:54:d9:93:ec:6e:
18:61:bd:b1:f8:ea:21:b5:55:cd:ae:61:be:f2:57:
72:e3:09:c7:91:32:7e:94:4c:b8:34:e3:50:19:b8:
72:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D4:9C:0F:D5:D5:F3:B8:CF:F0:11:82:61:3B:74:99:1A:3A:8B:C6
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/hNScD9XV87jP8BGCYTt0mRo6i8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/24
91.243.119.0/24
185.217.39.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b9:13:94:35:ee:0c:40:b7:ef:e5:d8:1e:0a:6a:a6:e5:d1:
73:2b:43:1f:77:9d:72:25:5f:5d:9b:99:cc:16:15:39:ba:70:
04:27:ae:b8:0c:fd:a7:93:04:ed:44:a1:60:2e:93:61:54:a6:
a3:4c:6f:c7:14:74:05:b0:55:a9:73:cc:ed:8a:df:34:30:0d:
c9:ea:17:23:a2:04:1d:44:20:79:84:b7:93:90:7a:ac:88:11:
16:f6:89:cd:4e:d1:68:69:7e:f3:1f:af:57:fe:f5:6d:9f:20:
bb:85:f7:c0:80:a7:06:72:24:2e:69:82:8a:d2:fe:95:18:18:
72:97:f3:79:2b:a4:b6:b7:77:20:bf:f6:77:1f:96:c8:16:87:
86:86:34:be:23:f8:c3:1b:1d:b1:48:47:fe:73:fb:42:1f:75:
a2:f4:0e:0f:0f:b6:33:c0:f5:22:72:9e:1d:c3:4d:aa:7a:37:
ca:32:5c:40:0c:a4:68:04:dd:df:a2:8e:fd:99:98:91:ab:43:
92:35:1c:a4:3d:40:c7:92:21:bb:6e:77:80:09:b7:ca:81:00:
e7:45:1b:83:8f:be:3c:6d:77:70:87:b8:e4:c7:4e:da:c5:d9:
c1:4f:8a:ab:64:49:a9:4c:4d:f0:02:e8:c5:b5:97:01:08:7b:
33:ee:ba:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY15Av2DaMfAXpUCGACBQF2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjA1MTEyNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ0OWMwZmQ1ZDVmM2I4Y2ZmMDExODI2MTNiNzQ5OTFhM2E4YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJiWyaqSlMS6cm5HeWppWRRqP8+W
PFH9LDYKmJGZb+KYU/ZNFHaiZ9MVTpDWO80Flebjoa0L9BqUozyK2UotrAiMELTw
2oBPwy5nL+z/obyYMQ02BFD284vcllSCaNJ9wRLaJ+4MLpQ8vL2Dk853nO37YNPI
2E7szQZydyAUH5Vf0twvaVCtSLY+vth6QrEDNv8gbFddE2E0QIapvPMxLyWmHdRa
ILDwM0nl40J3U9kJRrNddtj328uj+IyykIv4cN30+h2GKQ240CQyBW7qdPWc+c1u
N/fgYqr7VNmT7G4YYb2x+OohtVXNrmG+8ldy4wnHkTJ+lEy4NONQGbhyLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITUnA/V1fO4z/ARgmE7dJkaOovGMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvaE5TY0Q5WFY4N2pQOEJHQ1lUdDBtUm82aThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYsIAwQA
W/N3AwQAudknMA0GCSqGSIb3DQEBCwUAA4IBAQBguROUNe4MQLfv5dgeCmqm5dFz
K0Mfd51yJV9dm5nMFhU5unAEJ664DP2nkwTtRKFgLpNhVKajTG/HFHQFsFWpc8zt
it80MA3J6hcjogQdRCB5hLeTkHqsiBEW9onNTtFoaX7zH69X/vVtnyC7hffAgKcG
ciQuaYKK0v6VGBhyl/N5K6S2t3cgv/Z3H5bIFoeGhjS+I/jDGx2xSEf+c/tCH3Wi
9A4PD7YzwPUicp4dw02qejfKMlxADKRoBN3foo79mZiRq0OSNRykPUDHkiG7bneA
CbfKgQDnRRuDj748bXdwh7jkx07axdnBT4qrZEmpTE3wAujFtZcBCHsz7rrA
-----END CERTIFICATE-----
Generated at Mon Feb 5 17:16:53 2024 by rpki-client on console-ams.rpki-client.org