Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/hLnKDyOJFWuMFv9bTwyDgj-TNEg.roa
File: hLnKDyOJFWuMFv9bTwyDgj-TNEg.roa (raw, json)
Hash identifier: orT7Xb/rzgdhqvjmkNp2Ks+ifP0q41xMhmLxqL7LB2c=
Subject key identifier: 84:B9:CA:0F:23:89:15:6B:8C:16:FF:5B:4F:0C:83:82:3F:93:34:48
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 018CC26D3A21E5B7F69669A75C4062D06A26
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/hLnKDyOJFWuMFv9bTwyDgj-TNEg.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206805
IP address blocks: 185.159.111.0/24 maxlen: 24
45.84.152.0/23 maxlen: 23
45.84.155.0/24 maxlen: 24
45.84.154.0/24 maxlen: 24
193.19.100.0/23 maxlen: 24
45.145.191.0/24 maxlen: 24
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.252.0/24 maxlen: 24
80.85.248.0/23 maxlen: 23
185.247.192.0/22 maxlen: 24
185.228.48.0/22 maxlen: 24
178.159.32.0/23 maxlen: 24
188.64.150.0/23 maxlen: 24
188.64.149.0/24 maxlen: 24
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:200::/40 maxlen: 40
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 29 Jan 2024 08:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3a:21:e5:b7:f6:96:69:a7:5c:40:62:d0:6a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84b9ca0f2389156b8c16ff5b4f0c83823f933448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:63:29:ce:78:85:d5:b3:8e:25:c2:81:7b:fc:
c9:1c:4b:03:a9:60:dd:5c:26:5e:d4:97:3d:b8:91:
51:d0:6f:30:10:0f:61:10:05:d7:3f:b0:23:f7:6c:
44:78:08:50:73:8d:98:4f:76:a5:28:d1:5d:3c:a2:
96:5a:2a:ce:77:f8:a0:a5:2b:fc:3e:76:5c:91:09:
6f:51:78:97:f2:08:ff:8a:65:9c:76:83:40:cb:03:
3e:17:4f:12:44:03:9d:85:bc:78:a4:17:1a:81:07:
95:c0:43:49:ee:b4:4d:bd:8b:df:eb:d2:c0:5b:0a:
9e:03:2d:6e:b0:93:c1:2d:fb:b7:65:54:5b:2f:4a:
bd:fa:ec:fa:c6:b0:79:d9:77:d4:ff:6e:6a:76:54:
d8:4c:4b:69:61:c0:6e:26:23:ed:8f:24:05:fd:a4:
c3:78:e3:93:fc:df:55:38:20:b2:d3:c4:e8:e0:bf:
e1:e2:59:77:bc:fe:e2:f0:3c:00:26:a3:22:4c:02:
ce:40:aa:db:95:0f:09:6f:12:5e:b8:03:50:1f:4d:
a4:ed:92:1a:36:f0:6d:7d:7c:e2:0c:5b:ba:ee:1c:
68:e9:6e:50:5c:48:1b:19:c5:38:e2:b3:20:cf:36:
52:c7:8f:6c:eb:7f:bb:2b:c2:03:ed:a0:f7:69:18:
eb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B9:CA:0F:23:89:15:6B:8C:16:FF:5B:4F:0C:83:82:3F:93:34:48
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/hLnKDyOJFWuMFv9bTwyDgj-TNEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0-80.85.252.255
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
IPv6:
2a0c:ee00::/38
Signature Algorithm: sha256WithRSAEncryption
3f:d8:24:3b:d1:20:20:c5:06:c0:59:9f:6a:94:fd:29:4b:13:
ec:b9:16:49:21:f1:63:ec:50:da:bc:ec:4b:65:7d:64:88:d1:
b1:18:93:e2:88:95:6d:c1:94:20:88:c7:21:e9:a7:1e:c5:27:
55:56:d8:a1:9e:a0:9e:b6:31:5c:71:13:b6:95:88:53:fe:bb:
d1:98:a2:51:da:52:14:90:51:31:01:91:1b:fa:6d:ab:8c:60:
03:c6:83:8e:91:77:2b:73:15:3f:13:72:60:ba:e2:9f:08:a6:
3b:60:36:f3:6a:80:e1:83:4e:8d:2a:42:3f:43:a8:e0:61:8d:
8f:d6:4f:78:82:5c:89:d1:62:ba:d9:5a:36:3e:27:78:9c:3c:
a9:5e:3e:6c:e0:15:5f:ef:71:61:7e:df:97:3c:c6:bc:f7:4f:
07:32:47:33:2a:d0:dc:9c:13:2d:4c:e8:51:8c:c9:5b:fa:9e:
1d:dc:29:3f:6e:da:3d:e0:2d:9b:18:84:b3:eb:74:67:a8:19:
d2:6a:cf:26:f0:5a:c7:d4:58:7c:f1:c7:49:49:c6:02:f6:95:
86:85:af:05:b1:07:78:d6:39:1d:0b:d3:0b:9d:42:1d:ee:ae:
4a:ef:7e:c3:da:bf:7b:5e:ed:f0:7f:93:ce:f3:91:1f:82:87:
6c:7e:0f:8c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYzCbToh5bf2lmmnXEBi0GomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI5Y2EwZjIzODkxNTZiOGMxNmZmNWI0ZjBjODM4MjNmOTMzNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2MpzniF1bOOJcKBe/zJHEsDqWDd
XCZe1Jc9uJFR0G8wEA9hEAXXP7Aj92xEeAhQc42YT3alKNFdPKKWWirOd/igpSv8
PnZckQlvUXiX8gj/imWcdoNAywM+F08SRAOdhbx4pBcagQeVwENJ7rRNvYvf69LA
WwqeAy1usJPBLfu3ZVRbL0q9+uz6xrB52XfU/25qdlTYTEtpYcBuJiPtjyQF/aTD
eOOT/N9VOCCy08To4L/h4ll3vP7i8DwAJqMiTALOQKrblQ8JbxJeuANQH02k7ZIa
NvBtfXziDFu67hxo6W5QXEgbGcU44rMgzzZSx49s63+7K8ID7aD3aRjrTQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIS5yg8jiRVrjBb/W08Mg4I/kzRIMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvaExuS0R5T0pGV3VNRnY5YlR3eURnai1UTkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBMBAIAATBGAwQCLVSYAwQC
LZG8MAwDBANQVfgDBABQVfwDBAGynyADBAC5n28DBAK55DADBAK598AwDAMEALxA
lQMEA7xAkAMEAcETZDAOBAIAAjAIAwYCKgzuAAAwDQYJKoZIhvcNAQELBQADggEB
AD/YJDvRICDFBsBZn2qU/SlLE+y5Fkkh8WPsUNq87EtlfWSI0bEYk+KIlW3BlCCI
xyHppx7FJ1VW2KGeoJ62MVxxE7aViFP+u9GYolHaUhSQUTEBkRv6bauMYAPGg46R
dytzFT8TcmC64p8IpjtgNvNqgOGDTo0qQj9DqOBhjY/WT3iCXInRYrrZWjY+J3ic
PKlePmzgFV/vcWF+35c8xrz3TwcyRzMq0NycEy1M6FGMyVv6nh3cKT9u2j3gLZsY
hLPrdGeoGdJqzybwWsfUWHzxx0lJxgL2lYaFrwWxB3jWOR0L0wudQh3urkrvfsPa
v3te7fB/k87zkR+Ch2x+D4w=
-----END CERTIFICATE-----
Generated at Mon Jan 29 11:11:26 2024 by rpki-client on console-ams.rpki-client.org