Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/He-aDbQCXIxY-9w5dtUkGr0djwI.roa
File: He-aDbQCXIxY-9w5dtUkGr0djwI.roa (raw, json)
Hash identifier: huQbQImASm9felDLsQ71FpTdrTl9dW0iB362nBnZRxw=
Subject key identifier: 1D:EF:9A:0D:B4:02:5C:8C:58:FB:DC:39:76:D5:24:1A:BD:1D:8F:02
Certificate issuer: /CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Certificate serial: 01856BE5B18CB83A7FB4FAC1CABA638ABAC1
Authority key identifier: CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/He-aDbQCXIxY-9w5dtUkGr0djwI.roa
Signing time: Sun 01 Jan 2023 05:54:53 +0000
ROA not before: Sun 01 Jan 2023 05:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51553
IP address blocks: 85.91.50.0/24 maxlen: 24
85.91.51.0/24 maxlen: 24
91.217.237.0/24 maxlen: 24
85.91.49.0/24 maxlen: 24
85.91.53.0/24 maxlen: 24
85.91.54.0/24 maxlen: 24
85.91.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 07:45:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:b1:8c:b8:3a:7f:b4:fa:c1:ca:ba:63:8a:ba:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Validity
Not Before: Jan 1 05:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1def9a0db4025c8c58fbdc3976d5241abd1d8f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e7:42:b4:28:81:0d:36:17:73:6e:18:1a:83:
4a:9d:c9:87:dd:be:c8:6d:60:c6:d9:4c:25:d5:bd:
d5:22:1f:61:ce:d3:45:53:b3:ba:e8:af:87:aa:52:
96:cf:fb:8b:a2:90:25:5e:66:53:f8:af:a1:35:2a:
f6:68:21:0e:b5:f6:9c:44:3a:f3:c4:fa:1e:58:87:
1d:8e:92:b3:48:83:52:83:93:92:ec:9f:a2:e0:e4:
e5:c3:2d:df:fb:c6:20:c3:4d:63:17:1d:e3:c7:90:
db:64:af:3d:90:7d:b7:48:7a:b6:16:dd:69:35:f6:
4d:98:55:1a:61:42:39:30:99:01:2c:57:58:55:e7:
57:97:75:07:7b:88:8b:d3:dc:df:ea:39:2b:de:8f:
08:c9:9c:99:c0:e8:12:62:8c:4d:e9:e7:39:f3:f4:
b6:a2:a9:8c:89:12:4e:8f:b3:af:25:86:35:67:bb:
5b:c5:f6:07:3c:c1:b8:6b:8c:c3:d7:9a:e4:3d:cd:
eb:eb:7c:9c:d4:66:7f:30:53:9f:26:fd:8b:90:b5:
5c:65:5a:4e:df:0c:d9:6a:ad:86:8c:73:7e:10:cd:
7f:df:e6:5b:cd:23:25:ae:82:51:f5:3c:06:cf:61:
dc:9d:96:49:48:97:43:cf:d0:0d:31:0a:d0:02:07:
de:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EF:9A:0D:B4:02:5C:8C:58:FB:DC:39:76:D5:24:1A:BD:1D:8F:02
X509v3 Authority Key Identifier:
keyid:CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/He-aDbQCXIxY-9w5dtUkGr0djwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.49.0-85.91.54.255
91.217.237.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:9b:f2:d5:fd:d2:54:59:81:f3:86:a7:d3:be:2b:4c:43:61:
70:29:5e:4a:e0:9f:2a:33:1d:a2:ce:d8:e5:af:3d:c8:a2:72:
4f:b5:10:db:f1:20:6d:b1:1e:2a:56:3a:41:08:34:cd:4d:55:
3a:09:c4:48:b4:c8:3d:e8:3c:66:1f:dd:7f:b0:39:b9:b7:b8:
0c:fa:41:36:d0:d3:5b:e4:4a:e9:2a:66:5d:55:5d:39:05:c1:
70:28:96:53:a9:ba:ab:6f:58:0d:08:5f:ca:77:24:d1:39:08:
52:57:17:d7:c6:48:e9:dd:12:65:12:d1:08:72:e5:e3:70:a1:
94:7c:dd:17:1c:8b:64:70:d2:2f:cb:1b:af:31:fe:fd:3b:a7:
d4:ba:f3:84:55:17:a9:85:ae:9f:45:58:5a:b8:ee:16:a6:ed:
bb:b5:69:68:d8:3b:d6:19:70:ff:82:3a:9f:e2:f7:43:d7:dd:
44:88:ba:ba:ab:ed:d5:3e:2e:db:b7:75:b6:8c:ab:5b:7e:04:
45:43:2e:5e:81:b7:62:bc:67:1f:ff:e7:81:9f:bc:08:41:ca:
6a:a5:bc:8c:4e:05:79:18:a6:01:7a:14:2e:09:5e:5a:a1:74:
b9:f0:19:4b:da:b9:e1:65:fb:b0:e3:3e:d0:37:b7:bc:02:73:
56:2e:eb:ea
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVr5bGMuDp/tPrByrpjirrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODM3NWMzMjFkZWY5MjY1OTgzZTIxOTRkNDBiYTk3YWZl
N2YxY2MwHhcNMjMwMTAxMDU1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVmOWEwZGI0MDI1YzhjNThmYmRjMzk3NmQ1MjQxYWJkMWQ4ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+dCtCiBDTYXc24YGoNKncmH3b7I
bWDG2Uwl1b3VIh9hztNFU7O66K+HqlKWz/uLopAlXmZT+K+hNSr2aCEOtfacRDrz
xPoeWIcdjpKzSINSg5OS7J+i4OTlwy3f+8Ygw01jFx3jx5DbZK89kH23SHq2Ft1p
NfZNmFUaYUI5MJkBLFdYVedXl3UHe4iL09zf6jkr3o8IyZyZwOgSYoxN6ec58/S2
oqmMiRJOj7OvJYY1Z7tbxfYHPMG4a4zD15rkPc3r63yc1GZ/MFOfJv2LkLVcZVpO
3wzZaq2GjHN+EM1/3+ZbzSMlroJR9TwGz2HcnZZJSJdDz9ANMQrQAgfefQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB3vmg20AlyMWPvcOXbVJBq9HY8CMB8GA1UdIwQY
MBaAFM+DdcMh3vkmWYPiGU1Aupev5/HMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUt
ZTBjN2I5NmI1N2YyLzEvSGUtYURiUUNYSXhZLTl3NWR0VWtHcjBkandJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUtZTBjN2I5NmI1N2Yy
LzEvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVWzED
BABVWzYDBABb2e0wDQYJKoZIhvcNAQELBQADggEBALub8tX90lRZgfOGp9O+K0xD
YXApXkrgnyozHaLO2OWvPciick+1ENvxIG2xHipWOkEINM1NVToJxEi0yD3oPGYf
3X+wObm3uAz6QTbQ01vkSukqZl1VXTkFwXAollOpuqtvWA0IX8p3JNE5CFJXF9fG
SOndEmUS0Qhy5eNwoZR83Rcci2Rw0i/LG68x/v07p9S684RVF6mFrp9FWFq47ham
7bu1aWjYO9YZcP+COp/i90PX3USIurqr7dU+Ltu3dbaMq1t+BEVDLl6Bt2K8Zx//
54GfvAhBymqlvIxOBXkYpgF6FC4JXlqhdLnwGUvaueFl+7DjPtA3t7wCc1Yu6+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:17 2024 by rpki-client on console-ams.rpki-client.org