Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/H2pSEuEVd0xgtd_cMvAQdextK08.roa
File: H2pSEuEVd0xgtd_cMvAQdextK08.roa (raw, json)
Hash identifier: kZKMtptUXfejjSHB8Bq7/ytQoty88l+u153J80bPL5s=
Subject key identifier: 1F:6A:52:12:E1:15:77:4C:60:B5:DF:DC:32:F0:10:75:EC:6D:2B:4F
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018B4CEA2A1405375A922607C95095971EAD
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/H2pSEuEVd0xgtd_cMvAQdextK08.roa
Signing time: Fri 20 Oct 2023 11:48:16 +0000
ROA not before: Fri 20 Oct 2023 11:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.254.150.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
5.172.32.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
109.111.242.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 20 Oct 2023 11:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:ea:2a:14:05:37:5a:92:26:07:c9:50:95:97:1e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Oct 20 11:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f6a5212e115774c60b5dfdc32f01075ec6d2b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1d:6c:a0:07:ba:a0:7a:e4:c1:95:34:40:de:
20:c1:60:00:68:38:ca:49:77:d0:74:08:bc:e8:81:
69:59:55:60:32:ca:19:13:df:a8:8f:39:97:7d:cb:
a1:e2:5e:26:23:12:30:99:13:40:2d:a9:40:d7:19:
fe:3d:ca:a0:52:e3:e0:51:31:5d:38:92:1a:04:cd:
f7:dc:8c:39:32:df:c2:82:2f:e7:6e:c3:29:ad:57:
10:00:d8:20:31:b3:d7:cf:55:87:53:fe:2c:57:2b:
44:fd:26:50:e6:73:de:01:1a:27:45:32:b1:c6:4a:
3d:ce:0c:c6:bc:76:c8:bf:53:e6:8a:c6:5a:fb:80:
7e:79:98:3d:f4:57:b3:88:1e:c8:d5:72:3d:8e:bf:
73:8a:c8:2f:95:d2:a0:ee:b8:1d:d1:f2:79:71:1b:
40:94:24:76:bc:3d:30:ed:6b:3a:c5:58:aa:2a:f0:
fc:13:d9:ce:7a:a4:bc:7f:60:82:d0:7a:24:0d:08:
be:f0:aa:0f:40:2e:9d:df:b1:3b:ff:08:05:bf:7b:
fe:1e:cb:18:c9:3f:61:f8:4a:71:fd:c3:a0:5f:15:
a2:9b:69:ac:93:67:9e:37:b6:48:2a:4f:3f:47:48:
b9:41:95:46:b0:68:de:9d:13:79:c2:b4:c3:33:0c:
6f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6A:52:12:E1:15:77:4C:60:B5:DF:DC:32:F0:10:75:EC:6D:2B:4F
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/H2pSEuEVd0xgtd_cMvAQdextK08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.150.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
88:35:93:3d:32:10:a8:11:56:43:6c:21:ff:52:84:58:10:32:
fa:b0:cf:f7:b8:ff:2c:7e:20:b7:4d:5e:dd:1b:e6:8e:12:d2:
66:07:2f:33:be:0c:0a:a9:75:0a:7c:d3:34:8a:d5:0c:3b:16:
8a:f5:43:52:05:a0:f3:40:ee:c3:34:6c:4f:fc:50:db:0e:43:
33:8a:e8:ba:e1:50:e3:8a:82:74:ba:83:cf:e4:c4:da:53:48:
bc:9a:6d:7b:a6:20:f8:24:fb:6a:32:4e:29:ca:a2:57:6b:ef:
1e:14:48:f1:80:05:45:96:18:5f:94:9e:18:fe:62:6e:15:26:
15:47:cb:e2:4b:97:ca:41:2b:de:f8:24:d5:fd:08:24:46:58:
d9:e8:e5:6f:6c:ce:d2:12:3b:f1:ac:a3:66:20:5c:05:de:e7:
e8:30:aa:9e:50:91:b5:d9:95:d4:74:49:66:11:d8:2d:5d:c5:
85:e2:2b:78:8c:7c:ce:7a:1b:00:e7:c3:ea:2b:86:76:e2:64:
ef:30:50:87:9d:95:2a:49:ea:b8:de:1d:2e:45:22:1f:4e:6e:
b4:e3:64:97:65:e3:78:43:f9:3c:61:77:77:c2:1d:4d:f9:61:
a9:ac:69:f3:11:f1:72:de:fa:da:73:4a:70:c6:27:e7:64:5b:
ad:31:4a:10
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYtM6ioUBTdakiYHyVCVlx6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMxMDIwMTE0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZhNTIxMmUxMTU3NzRjNjBiNWRmZGMzMmYwMTA3NWVjNmQyYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB1soAe6oHrkwZU0QN4gwWAAaDjK
SXfQdAi86IFpWVVgMsoZE9+ojzmXfcuh4l4mIxIwmRNALalA1xn+PcqgUuPgUTFd
OJIaBM333Iw5Mt/Cgi/nbsMprVcQANggMbPXz1WHU/4sVytE/SZQ5nPeARonRTKx
xko9zgzGvHbIv1PmisZa+4B+eZg99FeziB7I1XI9jr9zisgvldKg7rgd0fJ5cRtA
lCR2vD0w7Ws6xViqKvD8E9nOeqS8f2CC0HokDQi+8KoPQC6d37E7/wgFv3v+HssY
yT9h+Epx/cOgXxWim2msk2eeN7ZIKk8/R0i5QZVGsGjenRN5wrTDMwxv7wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFB9qUhLhFXdMYLXf3DLwEHXsbStPMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvSDJwU0V1RVZkMHhndGRfY012QVFkZXh0SzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAF
rCADBABZF0ADBAFZF0gDBAFZF14wDAMEAG1v8QMEAG1v8gMEAG1v+QMEAG1v+wME
AG1v/wMEALL+ljAMAwQFsv6gAwQAsv6iAwQAsv6kAwQBsv6mMAwDBACy/q0DBACy
/q4DBACy/rIDBACy/rkwDAMEALmdLQMEBLmdIDANBgkqhkiG9w0BAQsFAAOCAQEA
iDWTPTIQqBFWQ2wh/1KEWBAy+rDP97j/LH4gt01e3RvmjhLSZgcvM74MCql1CnzT
NIrVDDsWivVDUgWg80DuwzRsT/xQ2w5DM4rouuFQ44qCdLqDz+TE2lNIvJpte6Yg
+CT7ajJOKcqiV2vvHhRI8YAFRZYYX5SeGP5ibhUmFUfL4kuXykEr3vgk1f0IJEZY
2ejlb2zO0hI78ayjZiBcBd7n6DCqnlCRtdmV1HRJZhHYLV3FheIreIx8znobAOfD
6iuGduJk7zBQh52VKknquN4dLkUiH05utONkl2XjeEP5PGF3d8IdTflhqaxp8xHx
ct762nNKcMYn52RbrTFKEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org