Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RHU8AFIYrEJ1avrwbkMl2ELZ7j8.roa
File: RHU8AFIYrEJ1avrwbkMl2ELZ7j8.roa (raw, json)
Hash identifier: eX+zgBwqz0K6wJjX2EJY5ACBYLF9urm1q2MNVpcxA94=
Subject key identifier: 44:75:3C:00:52:18:AC:42:75:6A:FA:F0:6E:43:25:D8:42:D9:EE:3F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A0910374C99B0D6AA503AA24F4E6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RHU8AFIYrEJ1avrwbkMl2ELZ7j8.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
91.242.120.0/21 maxlen: 21
178.175.176.0/22 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a0:91:03:74:c9:9b:0d:6a:a5:03:aa:24:f4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44753c005218ac42756afaf06e4325d842d9ee3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:90:11:b2:06:1d:79:67:2c:05:cb:df:4e:32:
d1:c2:b2:be:b2:3c:30:76:02:a4:b6:cb:ea:ab:2a:
9d:7d:76:6b:ae:49:22:c7:31:01:fe:b0:4f:59:ca:
2e:fa:82:08:53:ed:52:85:a4:6b:a8:d6:a9:c1:30:
c2:65:4a:5f:50:20:7a:a1:c5:3c:7e:88:d4:0e:d6:
f3:2a:dd:43:cd:57:12:52:58:1b:4e:d0:45:6f:67:
5f:9d:86:0b:22:a0:02:82:65:aa:c4:6e:bb:09:6a:
db:de:1f:9c:25:b7:13:07:a7:06:71:0c:02:3d:13:
c4:95:60:51:2e:48:59:bf:12:af:39:80:2d:30:fb:
49:20:88:7e:14:cb:8b:0d:e9:e3:88:37:1f:13:c9:
69:ec:a9:30:9f:1b:43:0b:df:63:ff:95:a5:3c:c1:
8e:2c:d0:fd:fa:7b:ad:f4:80:a4:27:76:43:c2:42:
5b:07:16:ea:b0:4d:02:86:2d:7b:46:86:49:08:ee:
9a:15:c9:92:16:8a:42:be:0b:41:c2:04:23:66:7c:
f4:1a:b2:9d:5e:ac:f0:d4:a2:01:09:1c:68:4b:fe:
7b:fa:fe:fe:c4:3a:70:a6:c0:ed:f1:71:06:16:c6:
d3:99:86:88:2e:61:33:fb:07:79:51:b0:29:6f:73:
b0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:75:3C:00:52:18:AC:42:75:6A:FA:F0:6E:43:25:D8:42:D9:EE:3F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RHU8AFIYrEJ1avrwbkMl2ELZ7j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
04:7f:de:41:54:0b:ca:66:91:17:1f:65:56:dd:2d:91:3c:94:
a1:35:50:4b:80:5a:92:dd:bb:14:c9:5c:2a:ed:c7:67:8d:3f:
b8:bd:d5:ec:5d:1b:20:04:64:4d:af:e6:36:bb:6e:e4:71:e0:
71:de:6f:c5:3c:72:18:26:f0:78:ca:ff:ca:85:ee:8b:7f:8b:
3d:ea:79:5c:56:d3:b4:63:2e:7a:e3:7f:ec:ab:da:7a:c4:f5:
c3:7f:6a:cc:8f:72:61:29:6b:76:04:3c:55:2e:31:8e:26:71:
d2:4e:a7:aa:12:ae:af:03:9c:a5:81:09:b3:50:33:d6:16:17:
6b:39:41:b8:b8:88:af:c6:ba:e8:7c:1d:70:6c:73:24:dd:06:
25:71:0c:77:c2:a4:25:19:68:b0:08:a9:38:74:7a:30:95:f9:
23:19:96:f1:f9:52:dd:ca:f3:77:1a:d7:e8:c6:96:03:5c:e5:
fc:50:df:a4:3b:89:c8:be:46:29:b2:fd:be:07:4d:7e:e2:1b:
f8:10:c5:e0:7b:22:42:56:71:fe:a0:8b:4b:11:74:b8:32:88:
12:c0:67:61:c2:33:ca:53:09:73:c7:ca:b0:e3:05:6a:09:94:
d3:22:b8:4f:6f:fa:5b:af:f3:8b:d8:f6:3a:2d:80:c8:e0:f9:
4c:a6:f7:64
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxp6CRA3TJmw1qpQOqJPTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc1M2MwMDUyMThhYzQyNzU2YWZhZjA2ZTQzMjVkODQyZDllZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5ARsgYdeWcsBcvfTjLRwrK+sjww
dgKktsvqqyqdfXZrrkkixzEB/rBPWcou+oIIU+1ShaRrqNapwTDCZUpfUCB6ocU8
fojUDtbzKt1DzVcSUlgbTtBFb2dfnYYLIqACgmWqxG67CWrb3h+cJbcTB6cGcQwC
PRPElWBRLkhZvxKvOYAtMPtJIIh+FMuLDenjiDcfE8lp7KkwnxtDC99j/5WlPMGO
LND9+nut9ICkJ3ZDwkJbBxbqsE0Chi17RoZJCO6aFcmSFopCvgtBwgQjZnz0GrKd
Xqzw1KIBCRxoS/57+v7+xDpwpsDt8XEGFsbTmYaILmEz+wd5UbApb3OwVwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFER1PABSGKxCdWr68G5DJdhC2e4/MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUkhVOEFGSVlyRUoxYXZyd2JrTWwyRUxaN2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQALUN0AwQG
W/JAAwQCsq+wAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0B
AQsFAAOCAQEABH/eQVQLymaRFx9lVt0tkTyUoTVQS4Bakt27FMlcKu3HZ40/uL3V
7F0bIARkTa/mNrtu5HHgcd5vxTxyGCbweMr/yoXui3+LPep5XFbTtGMueuN/7Kva
esT1w39qzI9yYSlrdgQ8VS4xjiZx0k6nqhKurwOcpYEJs1Az1hYXazlBuLiIr8a6
6HwdcGxzJN0GJXEMd8KkJRlosAipOHR6MJX5IxmW8flS3crzdxrX6MaWA1zl/FDf
pDuJyL5GKbL9vgdNfuIb+BDF4HsiQlZx/qCLSxF0uDKIEsBnYcIzylMJc8fKsOMF
agmU0yK4T2/6W6/zi9j2Oi2AyOD5TKb3ZA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org