Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/hbBcgw3GbdwwpJfoXNS8OBv7PzM.roa
File: hbBcgw3GbdwwpJfoXNS8OBv7PzM.roa (raw, json)
Hash identifier: kG2k4SJjCFeEHToZ16ugxXJTaGVAN8GZ9KANEt1oJRY=
Subject key identifier: 85:B0:5C:83:0D:C6:6D:DC:30:A4:97:E8:5C:D4:BC:38:1B:FB:3F:33
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018B94B583CF10E2C382C533720B61CD7C0D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/hbBcgw3GbdwwpJfoXNS8OBv7PzM.roa
Signing time: Fri 03 Nov 2023 10:23:25 +0000
ROA not before: Fri 03 Nov 2023 10:23:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203446
IP address blocks: 45.90.97.0/24 maxlen: 24
45.90.96.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
2.56.246.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.145.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:b5:83:cf:10:e2:c3:82:c5:33:72:0b:61:cd:7c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Nov 3 10:23:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85b05c830dc66ddc30a497e85cd4bc381bfb3f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5f:42:91:7a:c8:25:68:35:d1:a1:b8:20:ee:
0f:16:7e:51:8e:ad:76:3f:6b:5c:3e:c3:81:1a:40:
63:d3:ec:87:60:00:bb:cd:d7:d1:c3:2c:9f:d3:93:
4e:52:f1:e8:72:2d:70:a2:69:d1:0d:5e:24:c9:47:
dd:34:f8:a7:08:ae:cb:17:4b:08:89:91:3e:14:90:
6c:f2:24:0d:2f:df:bf:62:a5:74:83:64:a3:9b:72:
9f:cb:72:2e:51:58:0b:57:b9:8e:76:6d:2d:4f:72:
06:30:94:64:f4:77:b6:ba:fc:4a:f6:39:43:8e:af:
c6:d0:2a:46:3a:ef:6d:30:fe:fa:82:5c:3d:0a:32:
9e:d0:c8:88:59:f4:fe:e6:09:ef:c2:db:04:85:6d:
76:a2:02:70:af:6d:49:a4:bb:a0:c3:d1:bc:25:2b:
7c:5e:30:78:52:6c:e8:ac:9e:93:92:f5:e6:84:da:
6a:e7:3d:f8:85:e8:c5:df:6a:86:38:0a:48:40:37:
e6:f0:4e:86:d1:6d:d5:1a:5e:25:a3:66:a7:ad:49:
1b:f7:c2:82:49:3f:a5:ab:fc:93:81:7e:b8:b1:d7:
17:fb:1a:4c:de:55:51:fd:08:8f:79:79:80:39:64:
d6:81:db:78:de:ef:36:b9:08:f3:eb:cd:da:e0:7d:
98:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B0:5C:83:0D:C6:6D:DC:30:A4:97:E8:5C:D4:BC:38:1B:FB:3F:33
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/hbBcgw3GbdwwpJfoXNS8OBv7PzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.96.0/23
45.131.65.0/24
45.134.39.0/24
45.145.226.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
50:89:22:ad:08:f1:99:b2:5a:1b:20:3e:64:b9:b6:8e:ed:fd:
46:0c:44:42:ad:49:4c:92:61:7c:61:37:56:fc:20:70:66:b9:
76:76:07:e0:e8:6c:62:34:e6:6a:43:29:de:ce:b4:de:2d:99:
19:82:6a:18:3d:75:74:04:4b:17:a1:d3:6c:ae:e9:e4:f9:70:
6c:6b:49:68:36:49:73:45:99:50:0d:95:9a:4b:9d:e6:d6:ab:
5a:07:68:f6:5f:19:7d:bd:96:1d:16:2c:43:8a:f7:3d:33:f2:
06:8e:4b:66:5b:d3:91:c6:4b:4e:72:3e:e9:df:a8:ad:da:a4:
9b:27:16:0f:d7:1b:f1:fc:09:6b:a1:88:e6:ee:bc:90:af:cf:
81:8e:0f:8c:24:e2:8d:10:cf:3a:ca:6b:f4:d0:80:d2:9c:a0:
15:fc:8f:dd:9e:d8:3b:06:2d:c5:1e:20:ad:2f:2b:99:6b:80:
6d:ae:ba:34:5a:58:1b:e5:9d:a1:66:36:a1:d0:88:4c:64:5f:
bd:80:d2:18:17:5a:3c:89:9e:80:d8:bd:0a:26:6d:fe:13:12:
50:a2:c6:fa:d3:f9:78:63:1f:b0:ba:df:74:5f:11:5a:aa:89:
a5:00:95:06:e7:7d:88:91:3b:f9:1f:7b:89:ef:7c:57:df:27:
13:4d:28:51
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYuUtYPPEOLDgsUzcgthzXwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMTAzMTAyMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWIwNWM4MzBkYzY2ZGRjMzBhNDk3ZTg1Y2Q0YmMzODFiZmIzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl9CkXrIJWg10aG4IO4PFn5Rjq12
P2tcPsOBGkBj0+yHYAC7zdfRwyyf05NOUvHoci1womnRDV4kyUfdNPinCK7LF0sI
iZE+FJBs8iQNL9+/YqV0g2Sjm3Kfy3IuUVgLV7mOdm0tT3IGMJRk9He2uvxK9jlD
jq/G0CpGOu9tMP76glw9CjKe0MiIWfT+5gnvwtsEhW12ogJwr21JpLugw9G8JSt8
XjB4UmzorJ6TkvXmhNpq5z34hejF32qGOApIQDfm8E6G0W3VGl4lo2anrUkb98KC
ST+lq/yTgX64sdcX+xpM3lVR/QiPeXmAOWTWgdt43u82uQjz683a4H2YiQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIWwXIMNxm3cMKSX6FzUvDgb+z8zMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvaGJCY2d3M0diZHd3cEpmb1hOUzhPQnY3UHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjj2AwQA
LQ3iAwQALUOLAwQBLVpgAwQALYNBAwQALYYnAwQALZHiAwQAuXUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBQiSKtCPGZslobID5kubaO7f1GDERCrUlMkmF8YTdW/CBwZrl2
dgfg6GxiNOZqQynezrTeLZkZgmoYPXV0BEsXodNsrunk+XBsa0loNklzRZlQDZWa
S53m1qtaB2j2Xxl9vZYdFixDivc9M/IGjktmW9ORxktOcj7p36it2qSbJxYP1xvx
/AlroYjm7ryQr8+Bjg+MJOKNEM86ymv00IDSnKAV/I/dntg7Bi3FHiCtLyuZa4Bt
rro0Wlgb5Z2hZjah0IhMZF+9gNIYF1o8iZ6A2L0KJm3+ExJQosb60/l4Yx+wut90
XxFaqomlAJUG532IkTv5H3uJ73xX3ycTTShR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org