Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/hS_ia8res4_7zohD1KDzQc7NCGk.roa
File: hS_ia8res4_7zohD1KDzQc7NCGk.roa (raw, json)
Hash identifier: /UKdFVOyq+CHTUXKSxynIXPSv0xlgFHmcv02opzU5Z8=
Subject key identifier: 85:2F:E2:6B:CA:DE:B3:8F:FB:CE:88:43:D4:A0:F3:41:CE:CD:08:69
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 018F064F90EB387627666879A037052A5F9E
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/hS_ia8res4_7zohD1KDzQc7NCGk.roa
Signing time: Mon 22 Apr 2024 14:57:08 +0000
ROA not before: Mon 22 Apr 2024 14:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39728
IP address blocks: 91.217.4.0/23 maxlen: 23
91.217.4.0/24 maxlen: 24
91.217.5.0/24 maxlen: 24
176.113.224.0/19 maxlen: 19
178.214.160.0/19 maxlen: 19
178.216.232.0/21 maxlen: 21
185.149.196.0/22 maxlen: 22
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 08:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:4f:90:eb:38:76:27:66:68:79:a0:37:05:2a:5f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Apr 22 14:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=852fe26bcadeb38ffbce8843d4a0f341cecd0869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:18:5e:58:1f:73:07:83:3c:da:cd:39:b6:74:
a9:76:a5:c1:ef:5b:8f:45:9a:15:d3:55:b3:10:f0:
ff:82:54:bc:39:5d:22:bf:b8:41:5f:5d:45:92:95:
6d:bc:c3:93:bd:ea:93:1e:24:b6:fe:8b:6e:f9:79:
6f:6f:2e:8c:cf:0f:9a:b8:c1:1f:fe:f8:23:39:9a:
2c:ce:e7:30:cc:0f:3a:cf:3d:26:36:97:b2:44:70:
c6:7d:55:52:16:70:e5:87:42:a7:fa:d9:5b:45:d1:
4b:49:a9:ad:91:3e:ff:07:32:61:47:54:c8:15:47:
a4:b3:5a:1a:79:88:38:63:91:11:c8:ab:b0:f4:48:
3b:8f:53:1d:1f:e4:e4:fb:50:f4:85:fc:37:b5:76:
41:06:19:6b:d1:f4:b0:62:12:cb:f4:f4:07:9d:79:
1c:b5:09:fe:95:c3:fe:1d:75:98:59:6d:3b:58:8d:
14:fe:b8:14:fa:70:26:73:12:0f:e3:55:44:62:e2:
fa:85:03:10:cc:ad:25:66:94:ef:60:99:dd:47:51:
1d:70:26:bc:0f:4c:82:cd:0b:d0:b7:1f:48:d5:af:
d1:ff:68:1c:31:83:07:8c:bf:7d:55:ca:74:ba:a0:
b7:67:b9:14:39:5e:d0:ec:96:76:94:b2:a5:7a:f9:
80:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2F:E2:6B:CA:DE:B3:8F:FB:CE:88:43:D4:A0:F3:41:CE:CD:08:69
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/hS_ia8res4_7zohD1KDzQc7NCGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
bb:7a:03:0e:2f:6b:9f:82:70:7c:30:92:8b:c7:33:b2:63:34:
1e:5a:f2:a4:9c:7a:38:e4:ca:7d:6d:05:fb:6c:bd:01:2b:f5:
7f:70:6c:ae:2a:c1:22:b7:ea:e0:27:8d:bb:6d:85:14:7c:73:
e7:8c:fc:0b:64:e5:21:50:1c:45:75:4f:67:83:fa:f5:f2:1e:
e6:92:6e:81:e0:52:f9:a8:97:5d:8c:40:c9:ce:ca:a1:23:31:
69:a6:cf:99:be:6a:04:a9:e9:0a:0c:10:9a:ff:f8:93:64:85:
f9:de:29:79:3e:36:c8:ed:f8:ab:73:2e:24:56:b9:19:db:9f:
e4:e1:dd:b0:ac:1d:37:0e:76:c7:0e:73:53:65:d6:b4:c8:c2:
62:9a:d6:e3:02:a3:b2:24:b3:14:b2:17:9c:b7:22:5e:3e:ed:
78:5f:60:2d:e6:be:19:09:44:7c:55:6f:34:b3:10:c9:28:e7:
a9:79:be:1f:44:b1:aa:ce:52:01:07:22:00:60:c3:e4:4c:1a:
94:7f:8c:bd:c3:21:46:d9:ae:6f:da:ba:28:0b:4d:45:52:20:
db:d3:bb:20:c2:9f:8e:e6:79:75:17:a0:e0:c6:e8:56:4e:78:
41:99:ae:f3:72:25:31:0f:64:ed:c5:a1:2b:04:16:58:da:64:
a3:66:dc:44
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY8GT5DrOHYnZmh5oDcFKl+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwNDIyMTQ1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJmZTI2YmNhZGViMzhmZmJjZTg4NDNkNGEwZjM0MWNlY2QwODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghheWB9zB4M82s05tnSpdqXB71uP
RZoV01WzEPD/glS8OV0iv7hBX11FkpVtvMOTveqTHiS2/otu+Xlvby6Mzw+auMEf
/vgjOZoszucwzA86zz0mNpeyRHDGfVVSFnDlh0Kn+tlbRdFLSamtkT7/BzJhR1TI
FUeks1oaeYg4Y5ERyKuw9Eg7j1MdH+Tk+1D0hfw3tXZBBhlr0fSwYhLL9PQHnXkc
tQn+lcP+HXWYWW07WI0U/rgU+nAmcxIP41VEYuL6hQMQzK0lZpTvYJndR1EdcCa8
D0yCzQvQtx9I1a/R/2gcMYMHjL99Vcp0uqC3Z7kUOV7Q7JZ2lLKlevmA1wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIUv4mvK3rOP+86IQ9Sg80HOzQhpMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvaFNfaWE4cmVzNF83em9oRDFLRHpRYzdOQ0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEMA8EAgACMAkDBwEqB2kAAAAwDQYJKoZIhvcN
AQELBQADggEBALt6Aw4va5+CcHwwkovHM7JjNB5a8qScejjkyn1tBftsvQEr9X9w
bK4qwSK36uAnjbtthRR8c+eM/Atk5SFQHEV1T2eD+vXyHuaSboHgUvmol12MQMnO
yqEjMWmmz5m+agSp6QoMEJr/+JNkhfneKXk+Nsjt+KtzLiRWuRnbn+Th3bCsHTcO
dscOc1Nl1rTIwmKa1uMCo7IksxSyF5y3Il4+7XhfYC3mvhkJRHxVbzSzEMko56l5
vh9EsarOUgEHIgBgw+RMGpR/jL3DIUbZrm/auigLTUVSINvTuyDCn47meXUXoODG
6FZOeEGZrvNyJTEPZO3FoSsEFljaZKNm3EQ=
-----END CERTIFICATE-----
Generated at Fri May 10 13:38:28 2024 by rpki-client on console-fra.rpki-client.org