Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/HYJeVo9-qHAfJtEJGFwxGBDFvlI.roa
File: HYJeVo9-qHAfJtEJGFwxGBDFvlI.roa (raw, json)
Hash identifier: nkRBh2iS5ap8sIJ7+TRsFojUh8KbsakveldJ/Qjqews=
Subject key identifier: 1D:82:5E:56:8F:7E:A8:70:1F:26:D1:09:18:5C:31:18:10:C5:BE:52
Certificate issuer: /CN=c0c9413f076a782110c14490d890f1b3e98e0785
Certificate serial: 018573CCE44F1D9015B645E200D64296835E
Authority key identifier: C0:C9:41:3F:07:6A:78:21:10:C1:44:90:D8:90:F1:B3:E9:8E:07:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/HYJeVo9-qHAfJtEJGFwxGBDFvlI.roa
Signing time: Mon 02 Jan 2023 18:44:45 +0000
ROA not before: Mon 02 Jan 2023 18:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51177
IP address blocks: 188.214.30.0/24 maxlen: 24
193.29.187.0/24 maxlen: 24
84.234.96.0/22 maxlen: 22
188.241.58.0/24 maxlen: 24
45.128.116.0/22 maxlen: 22
193.201.82.0/24 maxlen: 24
91.235.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:e4:4f:1d:90:15:b6:45:e2:00:d6:42:96:83:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0c9413f076a782110c14490d890f1b3e98e0785
Validity
Not Before: Jan 2 18:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d825e568f7ea8701f26d109185c311810c5be52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:f9:56:a1:8d:a8:96:14:b6:99:5a:a7:33:
c3:81:33:83:ef:89:57:f0:16:11:02:7a:10:e1:8b:
d6:d7:90:80:3f:6b:3e:83:e9:36:b7:72:71:58:a8:
7a:e3:ff:e4:f3:c7:28:d4:d8:87:66:92:40:59:2e:
20:13:75:95:51:b6:89:97:de:d8:a5:ce:63:15:4e:
19:64:c0:e5:38:29:5a:88:46:35:b4:cc:09:78:b5:
91:4b:62:65:b5:4d:7f:ca:99:10:72:be:d0:61:a4:
06:5b:28:68:49:e9:36:ec:ff:46:67:22:43:84:b1:
24:77:b8:18:e2:6c:5a:8e:30:d3:27:6c:69:7a:ed:
40:aa:07:cf:b1:b6:ed:01:4d:5b:91:cc:03:81:19:
5a:65:46:d4:2a:65:0a:27:7d:2d:6b:b7:fd:4d:ec:
a0:d4:3c:19:8e:f2:25:2c:5f:f7:08:00:89:2a:fc:
5d:cb:dc:3d:35:ce:c5:3e:96:b3:0f:50:a1:bc:43:
06:3f:d1:12:d3:b4:5c:6d:95:ad:13:a3:11:c0:25:
67:9d:85:1c:0e:d3:ef:52:f7:bc:9f:a6:c3:2a:91:
ff:ab:0b:49:ae:9e:ba:b3:a8:9e:1b:c9:44:6b:fa:
f0:d1:f1:97:75:7d:4b:92:7f:cc:e4:00:66:1d:9e:
f3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:82:5E:56:8F:7E:A8:70:1F:26:D1:09:18:5C:31:18:10:C5:BE:52
X509v3 Authority Key Identifier:
keyid:C0:C9:41:3F:07:6A:78:21:10:C1:44:90:D8:90:F1:B3:E9:8E:07:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/HYJeVo9-qHAfJtEJGFwxGBDFvlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.116.0/22
84.234.96.0/22
91.235.116.0/24
188.214.30.0/24
188.241.58.0/24
193.29.187.0/24
193.201.82.0/24
Signature Algorithm: sha256WithRSAEncryption
70:ca:88:0d:2d:40:f8:5c:38:12:0e:3f:7e:3c:ec:91:53:41:
fc:55:48:b9:ff:84:ab:c2:ad:80:c9:bc:b5:89:25:7d:67:89:
8a:dd:a2:8c:ec:84:4c:ec:1f:fc:34:d8:36:59:83:ca:1b:68:
76:7b:5b:95:4a:31:42:fa:09:63:56:11:0a:cc:9e:7b:c2:bd:
7c:85:d2:93:65:dc:d8:44:ba:08:f1:77:85:88:6e:3d:e5:71:
39:91:59:87:be:4a:e7:71:e4:b2:1a:98:0f:c1:8c:aa:6f:b9:
62:df:d6:28:d5:20:b5:72:b9:ba:39:41:2d:5d:95:e1:34:c6:
a1:39:f0:d6:96:e8:d3:db:bb:69:72:d5:49:76:17:c3:97:5d:
d0:61:f2:ad:6e:52:b8:55:ed:dc:25:ba:76:50:21:68:c8:92:
bb:80:55:ad:f0:bb:22:77:54:0a:5b:7f:aa:ba:e2:31:52:33:
f8:b7:7c:09:12:f0:59:56:6d:4a:b8:92:b8:e1:5d:ca:9e:17:
9e:a8:61:7b:18:cc:9b:04:8e:74:24:d6:f3:23:f7:50:4b:89:
26:31:c7:f1:d0:78:b7:34:2b:9c:5b:00:76:b3:39:12:50:d0:
a9:6c:a4:94:4a:78:e8:01:81:de:2e:e3:13:d9:6a:7a:a9:37:
c8:8d:c2:ee
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVzzORPHZAVtkXiANZCloNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYzk0MTNmMDc2YTc4MjExMGMxNDQ5MGQ4OTBmMWIzZTk4
ZTA3ODUwHhcNMjMwMTAyMTg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDgyNWU1NjhmN2VhODcwMWYyNmQxMDkxODVjMzExODEwYzViZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF75VqGNqJYUtplapzPDgTOD74lX
8BYRAnoQ4YvW15CAP2s+g+k2t3JxWKh64//k88co1NiHZpJAWS4gE3WVUbaJl97Y
pc5jFU4ZZMDlOClaiEY1tMwJeLWRS2JltU1/ypkQcr7QYaQGWyhoSek27P9GZyJD
hLEkd7gY4mxajjDTJ2xpeu1AqgfPsbbtAU1bkcwDgRlaZUbUKmUKJ30ta7f9Teyg
1DwZjvIlLF/3CACJKvxdy9w9Nc7FPpazD1ChvEMGP9ES07RcbZWtE6MRwCVnnYUc
DtPvUve8n6bDKpH/qwtJrp66s6ieG8lEa/rw0fGXdX1Lkn/M5ABmHZ7zmQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB2CXlaPfqhwHybRCRhcMRgQxb5SMB8GA1UdIwQY
MBaAFMDJQT8HanghEMFEkNiQ8bPpjgeFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01sQlB3ZHFlQ0VRd1VTUTJKRHhzLW1PQjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNGI1YmEtYmYwNi00YjUxLTk1YmMt
YTQ1MjE4YzU4NDE4LzEvSFlKZVZvOS1xSEFmSnRFSkdGd3hHQkRGdmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNGI1YmEtYmYwNi00YjUxLTk1YmMtYTQ1MjE4YzU4NDE4
LzEvd01sQlB3ZHFlQ0VRd1VTUTJKRHhzLW1PQjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYB0AwQC
VOpgAwQAW+t0AwQAvNYeAwQAvPE6AwQAwR27AwQAwclSMA0GCSqGSIb3DQEBCwUA
A4IBAQBwyogNLUD4XDgSDj9+POyRU0H8VUi5/4Srwq2Ayby1iSV9Z4mK3aKM7IRM
7B/8NNg2WYPKG2h2e1uVSjFC+gljVhEKzJ57wr18hdKTZdzYRLoI8XeFiG495XE5
kVmHvkrnceSyGpgPwYyqb7li39Yo1SC1crm6OUEtXZXhNMahOfDWlujT27tpctVJ
dhfDl13QYfKtblK4Ve3cJbp2UCFoyJK7gFWt8Lsid1QKW3+quuIxUjP4t3wJEvBZ
Vm1KuJK44V3KnheeqGF7GMybBI50JNbzI/dQS4kmMcfx0Hi3NCucWwB2szkSUNCp
bKSUSnjoAYHeLuMT2Wp6qTfIjcLu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org