Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/BlKhre1Ec2qnQHFPrNib7EYuHvM.roa
File: BlKhre1Ec2qnQHFPrNib7EYuHvM.roa (raw, json)
Hash identifier: pdFIGLeKwbumoIE91pW8CoFku5lnEPsZEEYl9hQz2rQ=
Subject key identifier: 06:52:A1:AD:ED:44:73:6A:A7:40:71:4F:AC:D8:9B:EC:46:2E:1E:F3
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 0193D601CC79424121CF1367E840E6EA9441
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/BlKhre1Ec2qnQHFPrNib7EYuHvM.roa
Signing time: Tue 17 Dec 2024 19:04:22 +0000
ROA not before: Tue 17 Dec 2024 19:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7979
IP address blocks: 45.84.44.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:01:cc:79:42:41:21:cf:13:67:e8:40:e6:ea:94:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Dec 17 19:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0652a1aded44736aa740714facd89bec462e1ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9e:70:64:1e:da:15:a7:ed:c6:e4:03:6a:8e:
02:0d:60:25:bd:06:15:24:c5:b0:91:01:a9:d9:38:
e0:37:4b:82:3b:b0:01:44:10:c3:6b:8d:5d:3d:15:
2c:30:89:83:64:be:8e:e8:d1:16:a7:62:01:c1:cc:
ea:e4:7a:19:5a:67:95:e5:e8:45:dd:16:e3:4c:05:
09:45:df:ae:e5:e6:16:69:dc:b0:a2:20:a2:45:b4:
0f:ea:10:2d:ea:a4:61:e9:4e:41:13:92:63:df:5b:
b1:f6:ec:2f:42:80:32:fe:c6:0b:ce:ee:2d:e1:78:
11:40:65:2c:8a:92:98:28:a3:1c:99:cc:09:a8:f4:
ec:71:a3:e4:12:70:7f:c5:38:62:77:27:4b:ef:98:
52:57:37:4f:3f:9e:c8:97:b1:8d:d6:34:07:85:57:
ee:94:e7:f5:cf:4c:79:5e:c2:fd:30:84:e4:e8:0a:
bf:ce:3c:73:ca:24:e8:e5:1a:bb:3c:6e:f6:1e:c5:
c9:1a:53:6a:ff:5d:39:72:0e:58:7c:d5:4f:22:6b:
b9:9e:5b:0a:5d:50:9c:95:06:4d:ab:44:e1:8b:f1:
53:73:f4:97:f4:65:c0:18:3c:ec:bd:0a:3d:ff:d2:
30:9d:35:a5:97:a5:c1:85:7c:12:02:c4:90:5a:73:
bc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:52:A1:AD:ED:44:73:6A:A7:40:71:4F:AC:D8:9B:EC:46:2E:1E:F3
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/BlKhre1Ec2qnQHFPrNib7EYuHvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.44.0/24
194.5.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:44:33:be:26:5c:0d:f7:38:ad:2b:6e:b1:a7:88:f2:91:18:
d2:a2:87:41:d5:af:29:a5:18:5a:1c:d8:2e:18:1d:a2:f0:c9:
e7:a5:d5:8c:68:33:f2:cb:5f:fa:d7:de:b6:0b:91:30:41:8e:
e7:72:ee:fb:08:9b:93:16:ca:87:e6:e9:6d:cd:13:71:78:be:
b8:1a:6b:77:6b:c0:99:39:98:60:10:d4:c1:48:31:75:8f:f3:
ec:ee:02:19:e1:f1:12:fa:07:cc:5b:58:46:87:84:c1:4b:5a:
a3:61:eb:50:1f:3a:55:e3:80:96:f2:c6:08:fd:31:da:ce:0f:
d0:97:2e:40:f6:6d:82:f0:8b:3a:6b:12:f3:4c:c2:d8:42:9c:
fd:b7:c9:90:bd:0a:b8:8d:72:3c:d9:43:71:65:56:fa:3c:b8:
af:0f:94:51:2c:5c:cf:a5:82:a5:9e:44:b6:09:08:67:c3:5d:
a5:30:6b:99:e4:47:3a:31:8e:bf:1a:73:25:1f:b8:fb:2c:67:
94:c9:68:cd:ce:18:82:f0:f3:00:6e:bb:bb:63:2c:6d:71:64:
7e:fc:3f:ee:00:bc:16:de:c4:5d:76:85:5e:7b:da:2a:3f:f2:
1c:c1:5c:1c:5f:08:b5:a1:e6:86:16:d8:b5:66:3c:fc:0f:c1:
d2:6d:82:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPWAcx5QkEhzxNn6EDm6pRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQxMjE3MTkwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjUyYTFhZGVkNDQ3MzZhYTc0MDcxNGZhY2Q4OWJlYzQ2MmUxZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ5wZB7aFaftxuQDao4CDWAlvQYV
JMWwkQGp2TjgN0uCO7ABRBDDa41dPRUsMImDZL6O6NEWp2IBwczq5HoZWmeV5ehF
3RbjTAUJRd+u5eYWadywoiCiRbQP6hAt6qRh6U5BE5Jj31ux9uwvQoAy/sYLzu4t
4XgRQGUsipKYKKMcmcwJqPTscaPkEnB/xThidydL75hSVzdPP57Il7GN1jQHhVfu
lOf1z0x5XsL9MITk6Aq/zjxzyiTo5Rq7PG72HsXJGlNq/105cg5YfNVPImu5nlsK
XVCclQZNq0Thi/FTc/SX9GXAGDzsvQo9/9IwnTWll6XBhXwSAsSQWnO8fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZSoa3tRHNqp0BxT6zYm+xGLh7zMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvQmxLaHJlMUVjMnFuUUhGUHJOaWI3RVl1SHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVQsAwQC
wgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAcRDO+JlwN9zitK26xp4jykRjSoodB1a8p
pRhaHNguGB2i8MnnpdWMaDPyy1/61962C5EwQY7ncu77CJuTFsqH5ultzRNxeL64
Gmt3a8CZOZhgENTBSDF1j/Ps7gIZ4fES+gfMW1hGh4TBS1qjYetQHzpV44CW8sYI
/THazg/Qly5A9m2C8Is6axLzTMLYQpz9t8mQvQq4jXI82UNxZVb6PLivD5RRLFzP
pYKlnkS2CQhnw12lMGuZ5Ec6MY6/GnMlH7j7LGeUyWjNzhiC8PMAbru7YyxtcWR+
/D/uALwW3sRddoVee9oqP/IcwVwcXwi1oeaGFti1Zjz8D8HSbYKo
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:39:07 2025 by rpki-client