Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/hYt-PCmuUYwJxC3F-zcUvjgeQrg.roa
File: hYt-PCmuUYwJxC3F-zcUvjgeQrg.roa (raw, json)
Hash identifier: eC1oKQrgrVmNAECdvXcN8duntUjD3GpWSEnrIQzzwW4=
Subject key identifier: 85:8B:7E:3C:29:AE:51:8C:09:C4:2D:C5:FB:37:14:BE:38:1E:42:B8
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B81A1CA0D8885C822113B93BBF588F
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/hYt-PCmuUYwJxC3F-zcUvjgeQrg.roa
Signing time: Mon 01 Jan 2024 20:30:03 +0000
ROA not before: Mon 01 Jan 2024 20:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60490
IP address blocks: 176.109.70.0/24 maxlen: 24
176.109.67.0/24 maxlen: 24
176.109.65.0/24 maxlen: 24
194.150.89.0/24 maxlen: 24
194.150.90.0/24 maxlen: 24
194.150.88.0/24 maxlen: 24
194.150.91.0/24 maxlen: 24
176.109.64.0/24 maxlen: 24
2a02:28:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 May 2024 09:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:1a:1c:a0:d8:88:5c:82:21:13:b9:3b:bf:58:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=858b7e3c29ae518c09c42dc5fb3714be381e42b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:02:ba:ed:8b:1b:69:bf:c8:1f:95:05:09:28:
ab:91:af:30:3f:c8:16:1d:08:b2:97:36:38:3f:04:
8d:cd:2f:ef:1e:a4:7e:34:29:eb:40:32:59:db:07:
17:2a:73:c7:b2:f1:76:e5:e9:b2:f9:0c:f2:62:16:
53:54:41:18:de:7c:24:fe:2a:87:cb:ee:55:47:70:
b1:92:72:64:38:53:da:b4:4c:36:14:32:81:80:be:
e2:9d:e0:1e:9c:9d:0a:f3:22:94:08:a4:73:b8:e5:
23:d2:34:6a:d0:ed:56:1a:0d:ea:bb:5e:8b:d4:5e:
46:13:8a:86:d5:d2:4d:ef:26:54:77:f5:08:9c:87:
74:f7:85:d9:f5:cb:4b:ba:56:7a:99:71:2e:c1:2e:
01:d6:79:2d:3a:d5:f2:0c:3b:a6:88:b9:c3:88:8c:
7e:2d:93:3d:02:0b:f0:5e:15:37:8f:c3:4b:f7:92:
33:2c:5d:17:1a:12:dc:bf:3c:6c:03:c4:9b:f2:2f:
3f:49:01:2d:48:fa:e1:f5:85:2c:01:05:de:e2:d7:
50:80:5c:20:7a:b1:96:b6:11:3c:d9:4a:4a:8f:73:
ad:31:d9:75:bb:b9:bc:65:ed:05:81:ee:60:8e:8d:
96:b2:e3:62:bb:68:3b:90:3a:d6:d8:3a:b7:f2:66:
dc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8B:7E:3C:29:AE:51:8C:09:C4:2D:C5:FB:37:14:BE:38:1E:42:B8
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/hYt-PCmuUYwJxC3F-zcUvjgeQrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.64.0/23
176.109.67.0/24
176.109.70.0/24
194.150.88.0/22
IPv6:
2a02:28:7::/48
Signature Algorithm: sha256WithRSAEncryption
48:a6:c0:0d:03:34:ea:4c:92:88:5d:97:67:d5:5a:1a:41:96:
97:23:03:e8:08:8f:2e:4b:c6:fc:0f:2f:1e:7f:1d:91:55:42:
d8:22:ac:88:24:c1:03:f9:ca:19:cf:c0:02:69:85:c3:26:35:
25:04:17:a9:38:b1:56:80:7f:ca:e4:39:fa:94:1d:a5:07:75:
14:21:ab:ce:a7:40:8a:85:87:16:76:44:bb:83:8b:cb:6b:7d:
a3:d0:5a:d1:39:6c:c8:0b:42:a6:6f:54:61:25:b6:59:a6:ee:
5f:ce:e1:a0:70:74:a0:8b:d0:04:bf:69:26:5f:73:5c:4e:fe:
60:61:9a:4c:f1:ba:d2:ed:2e:30:10:e2:2c:a8:82:9c:6f:13:
5f:c7:6a:3c:b8:13:41:da:01:84:5f:ca:d1:7a:82:c0:7d:82:
10:7a:06:41:95:eb:24:77:08:c7:49:2c:a5:75:cd:2e:28:1f:
43:1f:21:c9:af:1b:c0:7d:24:ad:23:8a:d8:07:f2:2f:69:f1:
9e:0d:fc:55:d1:38:1a:83:0c:a9:a6:02:d9:36:8d:45:f2:e9:
b0:24:0c:99:86:14:5c:7b:ad:64:38:f7:08:bf:20:40:f0:91:
9b:b5:b3:82:66:26:f8:23:0c:e8:92:35:6d:31:36:d4:bc:76:
cc:e5:e5:d9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGuBocoNiIXIIhE7k7v1iPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThiN2UzYzI5YWU1MThjMDljNDJkYzVmYjM3MTRiZTM4MWU0MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwK67Ysbab/IH5UFCSirka8wP8gW
HQiylzY4PwSNzS/vHqR+NCnrQDJZ2wcXKnPHsvF25emy+QzyYhZTVEEY3nwk/iqH
y+5VR3CxknJkOFPatEw2FDKBgL7ineAenJ0K8yKUCKRzuOUj0jRq0O1WGg3qu16L
1F5GE4qG1dJN7yZUd/UInId094XZ9ctLulZ6mXEuwS4B1nktOtXyDDumiLnDiIx+
LZM9AgvwXhU3j8NL95IzLF0XGhLcvzxsA8Sb8i8/SQEtSPrh9YUsAQXe4tdQgFwg
erGWthE82UpKj3OtMdl1u7m8Ze0Fge5gjo2WsuNiu2g7kDrW2Dq38mbc8wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFIWLfjwprlGMCcQtxfs3FL44HkK4MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvaFl0LVBDbXVVWXdKeEMzRi16Y1V2amdlUXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBsG1AAwQA
sG1DAwQAsG1GAwQCwpZYMA8EAgACMAkDBwAqAgAoAAcwDQYJKoZIhvcNAQELBQAD
ggEBAEimwA0DNOpMkohdl2fVWhpBlpcjA+gIjy5LxvwPLx5/HZFVQtgirIgkwQP5
yhnPwAJphcMmNSUEF6k4sVaAf8rkOfqUHaUHdRQhq86nQIqFhxZ2RLuDi8trfaPQ
WtE5bMgLQqZvVGEltlmm7l/O4aBwdKCL0AS/aSZfc1xO/mBhmkzxutLtLjAQ4iyo
gpxvE1/Hajy4E0HaAYRfytF6gsB9ghB6BkGV6yR3CMdJLKV1zS4oH0MfIcmvG8B9
JK0jitgH8i9p8Z4N/FXROBqDDKmmAtk2jUXy6bAkDJmGFFx7rWQ49wi/IEDwkZu1
s4JmJvgjDOiSNW0xNtS8dszl5dk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org