Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hKbYbdZRFq4aQFfUC3R6QJjWUfY.roa
File: hKbYbdZRFq4aQFfUC3R6QJjWUfY.roa (raw, json)
Hash identifier: SY3sHNhNCGtDSvc3gPyV/DMrxByCMPp6Qch+wT+lGd4=
Subject key identifier: 84:A6:D8:6D:D6:51:16:AE:1A:40:57:D4:0B:74:7A:40:98:D6:51:F6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019344C3C5A3797487B62EC273C82BFA6BE7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hKbYbdZRFq4aQFfUC3R6QJjWUfY.roa
Signing time: Tue 19 Nov 2024 14:11:40 +0000
ROA not before: Tue 19 Nov 2024 14:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 19 Nov 2024 16:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:c3:c5:a3:79:74:87:b6:2e:c2:73:c8:2b:fa:6b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 19 14:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84a6d86dd65116ae1a4057d40b747a4098d651f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e7:f8:70:3a:82:1f:02:b7:58:7d:de:33:fc:
9d:7e:6b:e6:52:b1:83:4a:27:b7:2a:bf:77:58:b0:
2b:a4:e9:cb:87:b3:bb:cf:8a:4a:bc:cf:90:4f:6a:
34:51:ce:5a:09:a0:9d:b4:bb:5d:1e:e2:6b:48:a7:
7a:68:da:71:6a:01:ef:10:3d:0c:2c:ac:84:0b:0d:
32:98:77:dc:ac:26:a9:59:ab:f6:f1:e2:c1:87:15:
24:30:f8:af:ee:4f:a6:d1:ab:53:e7:33:88:41:6a:
e7:ad:88:f5:f3:99:2b:f7:c3:c3:01:0d:e1:b2:e7:
ec:34:ae:5b:7d:38:9d:25:f7:56:ef:3b:60:c4:35:
ba:3b:11:be:c7:1b:72:81:de:f8:8e:d2:b2:c7:b3:
db:79:8a:05:e9:f6:de:eb:83:7a:36:79:77:b4:33:
87:b0:bf:60:80:c6:8d:a1:20:39:a3:ad:89:9c:1f:
ea:c2:bf:fd:80:9e:70:78:75:1d:31:43:c0:58:d1:
41:ef:2e:d5:23:54:c5:99:a2:25:bd:4c:8b:dd:5e:
f9:95:b5:13:17:a6:bb:88:88:1e:bd:2e:eb:af:a6:
cf:fa:5c:5f:94:46:c5:fe:6b:c8:c8:c1:83:b8:52:
23:9b:01:18:e5:a2:da:7b:78:f3:d1:2c:4b:8c:bd:
5f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A6:D8:6D:D6:51:16:AE:1A:40:57:D4:0B:74:7A:40:98:D6:51:F6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hKbYbdZRFq4aQFfUC3R6QJjWUfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.173.244.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.104.0/22
195.138.109.0-195.138.111.255
195.138.113.0-195.138.115.255
195.138.118.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
02:65:88:75:ac:61:1f:3f:cd:98:96:2a:6d:17:5b:b4:19:5d:
f3:70:e7:07:20:c5:bf:2f:ab:50:8d:0d:97:15:d0:ab:92:b3:
9d:e2:1f:19:be:45:e8:89:1f:04:b6:8f:22:67:fd:db:86:8d:
d8:64:e0:01:a6:06:63:de:8d:5d:45:aa:00:d2:eb:91:e8:a5:
97:7e:8d:e6:a5:1a:3a:b0:18:6e:d7:90:d8:bd:7d:f2:da:a8:
d7:f6:a7:db:df:9c:f4:ef:7e:8c:65:52:af:e0:5b:66:13:73:
27:42:16:71:dc:9b:51:31:b0:ba:98:39:99:56:a1:3f:b7:40:
fb:1b:1e:9a:20:f6:af:92:46:4f:60:57:b4:42:24:7b:fc:cb:
4c:be:8b:3e:7e:a9:00:13:6b:e4:3f:c6:36:3e:51:0a:5a:43:
a7:51:94:34:81:19:71:e5:d5:fd:1e:8e:6d:66:e9:57:ea:31:
73:22:25:34:84:28:05:0b:0b:69:4d:7f:8a:fb:e1:11:6a:3e:
74:eb:35:a9:23:b5:f1:60:5c:8b:b0:cd:67:31:cb:25:b7:9b:
b2:12:85:3c:3e:34:21:b7:20:c2:53:48:da:18:65:95:77:f3:
3d:92:c9:1d:ec:f6:8d:88:10:43:a8:4b:ae:97:3d:b4:0d:45:
ad:e3:f4:b2
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZNEw8WjeXSHti7Cc8gr+mvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMTE5MTQxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE2ZDg2ZGQ2NTExNmFlMWE0MDU3ZDQwYjc0N2E0MDk4ZDY1MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzef4cDqCHwK3WH3eM/ydfmvmUrGD
Sie3Kr93WLArpOnLh7O7z4pKvM+QT2o0Uc5aCaCdtLtdHuJrSKd6aNpxagHvED0M
LKyECw0ymHfcrCapWav28eLBhxUkMPiv7k+m0atT5zOIQWrnrYj185kr98PDAQ3h
sufsNK5bfTidJfdW7ztgxDW6OxG+xxtygd74jtKyx7PbeYoF6fbe64N6Nnl3tDOH
sL9ggMaNoSA5o62JnB/qwr/9gJ5weHUdMUPAWNFB7y7VI1TFmaIlvUyL3V75lbUT
F6a7iIgevS7rr6bP+lxflEbF/mvIyMGDuFIjmwEY5aLae3jz0SxLjL1fhwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFISm2G3WURauGkBX1At0ekCY1lH2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaEtiWWJkWlJGcTRhUUZmVUMzUjZRSmpXVWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAt
Q3UDBAItlqgDBAItl8QDBABZKKEwDAMEAVvyRgMEAVvySAMEAFvySwMEAFvyaTAM
AwQAW/J7AwQHW/IAAwQAuShpAwQAua30AwQCwR9oAwQBwjLIAwQAwrTuAwQCw4po
MAwDBADDim0DBATDimAwDAMEAMOKcQMEAsOKcAMEAMOKdgMEAsOKfDANBgkqhkiG
9w0BAQsFAAOCAQEAAmWIdaxhHz/NmJYqbRdbtBld83DnByDFvy+rUI0NlxXQq5Kz
neIfGb5F6IkfBLaPImf924aN2GTgAaYGY96NXUWqANLrkeill36N5qUaOrAYbteQ
2L198tqo1/an29+c9O9+jGVSr+BbZhNzJ0IWcdybUTGwupg5mVahP7dA+xsemiD2
r5JGT2BXtEIke/zLTL6LPn6pABNr5D/GNj5RClpDp1GUNIEZceXV/R6ObWbpV+ox
cyIlNIQoBQsLaU1/ivvhEWo+dOs1qSO18WBci7DNZzHLJbebshKFPD40IbcgwlNI
2hhllXfzPZLJHez2jYgQQ6hLrpc9tA1FreP0sg==
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:43:34 2024 by rpki-client on console-ams.rpki-client.org