Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iHtz5OReU786Gqz8A9gDi5QKsuI.roa
File: iHtz5OReU786Gqz8A9gDi5QKsuI.roa (raw, json)
Hash identifier: A1khKfM6L2Y1gU8Gw+/6a/z4Bf/RNCfiZPtMpfig3Qs=
Subject key identifier: 88:7B:73:E4:E4:5E:53:BF:3A:1A:AC:FC:03:D8:03:8B:94:0A:B2:E2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0193453B3BE8B42A67779ACB2FCC6BBC66F9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iHtz5OReU786Gqz8A9gDi5QKsuI.roa
Signing time: Tue 19 Nov 2024 16:22:10 +0000
ROA not before: Tue 19 Nov 2024 16:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 20 Nov 2024 17:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:3b:3b:e8:b4:2a:67:77:9a:cb:2f:cc:6b:bc:66:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 19 16:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=887b73e4e45e53bf3a1aacfc03d8038b940ab2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:f8:51:94:47:02:df:15:71:3c:70:e5:5f:
6c:26:d1:7a:b5:ed:50:ae:72:22:50:14:6f:1a:19:
e5:70:de:8a:5a:ba:c9:08:0f:cc:80:d8:4c:fc:e9:
76:1e:33:72:c3:9b:60:2f:1d:e5:5b:b1:a7:24:60:
7c:dc:81:d3:97:a1:a7:9d:66:0c:d8:f2:9b:b1:b1:
f0:74:e0:25:74:d6:72:d7:29:d5:e9:66:af:4d:6e:
1c:0e:fd:20:c1:85:51:46:59:3c:f8:67:4f:a2:f5:
d7:e4:c0:93:f8:9c:1d:aa:34:c4:92:82:8e:06:0f:
bb:82:8c:f4:e4:23:a5:cb:a1:2f:ad:0f:ba:17:40:
19:2a:df:4c:c2:1a:bd:b0:3f:2f:ce:bd:9b:e4:f7:
a5:73:67:a3:7b:4b:cb:c1:d2:02:c5:fa:61:7b:d7:
9c:a8:08:82:20:f1:dd:66:08:1c:91:ec:8e:8a:56:
ad:c9:35:f6:7e:0c:ec:fd:c5:df:d4:56:b5:a4:5c:
01:8c:fa:5c:64:4f:53:a7:c5:f1:2a:94:30:89:5e:
3a:75:1f:0a:6c:28:43:e4:9a:55:43:b2:3d:98:4a:
44:1e:fb:b5:21:24:89:43:a0:4e:f4:2c:91:73:be:
3b:f9:e2:25:6b:7e:92:80:14:c4:fd:a1:54:3a:83:
93:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7B:73:E4:E4:5E:53:BF:3A:1A:AC:FC:03:D8:03:8B:94:0A:B2:E2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iHtz5OReU786Gqz8A9gDi5QKsuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.173.244.0/24
185.180.145.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.104.0/22
195.138.109.0-195.138.111.255
195.138.113.0-195.138.115.255
195.138.118.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
59:5b:37:93:96:51:48:38:21:53:df:04:c2:05:cc:81:5e:08:
56:8d:87:62:00:5a:71:73:37:da:ae:09:a9:b6:d5:90:b0:94:
00:b0:5e:d1:0b:3b:20:07:ae:72:0c:58:15:d9:04:3b:e1:8f:
44:af:f3:64:34:4b:a6:52:e6:2a:9a:2c:25:15:25:d1:0c:8b:
e6:ea:37:6e:51:77:ee:92:9e:d9:d7:18:8f:a0:7d:eb:ee:50:
69:8f:9d:e9:14:8c:6e:ad:ff:4f:71:e8:8a:93:a3:d0:8a:e8:
a2:fe:45:e6:68:17:85:28:d9:7c:c9:c7:60:d2:ed:0c:b4:77:
79:e3:86:a9:0e:60:9a:a6:b5:da:cf:bc:18:29:3d:64:19:dc:
33:18:01:11:b8:aa:dc:54:44:3c:24:31:56:61:f6:a4:d5:f5:
2d:29:79:2b:d0:07:41:67:b0:6d:e4:7b:95:d6:cc:4e:cd:79:
f2:27:65:0b:5b:e9:0a:c5:9a:e5:f4:ee:d5:07:fb:1c:b3:e3:
69:b4:c4:0c:c2:0c:4e:28:bc:ed:91:e0:aa:d6:aa:a1:51:3e:
d7:7b:45:2f:97:c6:13:3c:69:78:0c:dc:55:4f:dc:b6:ec:d8:
e4:5a:83:9f:4c:b2:f9:b1:2b:ae:4e:b6:cb:e4:59:38:fb:3a:
6a:cd:a3:91
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZNFOzvotCpnd5rLL8xrvGb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMTE5MTYyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdiNzNlNGU0NWU1M2JmM2ExYWFjZmMwM2Q4MDM4Yjk0MGFiMmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUP4UZRHAt8VcTxw5V9sJtF6te1Q
rnIiUBRvGhnlcN6KWrrJCA/MgNhM/Ol2HjNyw5tgLx3lW7GnJGB83IHTl6GnnWYM
2PKbsbHwdOAldNZy1ynV6WavTW4cDv0gwYVRRlk8+GdPovXX5MCT+JwdqjTEkoKO
Bg+7goz05COly6EvrQ+6F0AZKt9Mwhq9sD8vzr2b5Pelc2eje0vLwdICxfphe9ec
qAiCIPHdZggckeyOilatyTX2fgzs/cXf1Fa1pFwBjPpcZE9Tp8XxKpQwiV46dR8K
bChD5JpVQ7I9mEpEHvu1ISSJQ6BO9CyRc747+eIla36SgBTE/aFUOoOT0wIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFIh7c+TkXlO/Ohqs/APYA4uUCrLiMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaUh0ejVPUmVVNzg2R3F6OEE5Z0RpNVFLc3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAt
Q3UDBAItlqgDBAItl8QDBABZKKEwDAMEAVvyRgMEAVvySAMEAFvySwMEAFvyaTAM
AwQAW/J7AwQHW/IAAwQAuShpAwQAua30AwQAubSRAwQCwR9oAwQBwjLIAwQAwrTu
AwQCw4poMAwDBADDim0DBATDimAwDAMEAMOKcQMEAsOKcAMEAMOKdgMEAsOKfDAN
BgkqhkiG9w0BAQsFAAOCAQEAWVs3k5ZRSDghU98EwgXMgV4IVo2HYgBacXM32q4J
qbbVkLCUALBe0Qs7IAeucgxYFdkEO+GPRK/zZDRLplLmKposJRUl0QyL5uo3blF3
7pKe2dcYj6B96+5QaY+d6RSMbq3/T3HoipOj0Iroov5F5mgXhSjZfMnHYNLtDLR3
eeOGqQ5gmqa12s+8GCk9ZBncMxgBEbiq3FREPCQxVmH2pNX1LSl5K9AHQWewbeR7
ldbMTs158idlC1vpCsWa5fTu1Qf7HLPjabTEDMIMTii87ZHgqtaqoVE+13tFL5fG
EzxpeAzcVU/ctuzY5FqDn0yy+bErrk62y+RZOPs6as2jkQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:56:26 2024 by rpki-client on console-fra.rpki-client.org