Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/H-j0Kv9vnzMPBgn7nRF5Pwtljuk.roa
File: H-j0Kv9vnzMPBgn7nRF5Pwtljuk.roa (raw, json)
Hash identifier: GW5I3ZFuc1MQUpEbVDYA5Si27LF4e/YG0Qg9ksUPxWA=
Subject key identifier: 1F:E8:F4:2A:FF:6F:9F:33:0F:06:09:FB:9D:11:79:3F:0B:65:8E:E9
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 018B1EF4685CA7A09DFB2EC08A0793E6FEAA
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/H-j0Kv9vnzMPBgn7nRF5Pwtljuk.roa
Signing time: Wed 11 Oct 2023 13:36:55 +0000
ROA not before: Wed 11 Oct 2023 13:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 86.62.31.0/24 maxlen: 24
86.62.28.0/24 maxlen: 24
86.62.29.0/24 maxlen: 24
86.62.30.0/24 maxlen: 24
194.107.162.0/24 maxlen: 24
194.36.32.0/23 maxlen: 23
45.80.28.0/24 maxlen: 24
45.80.30.0/24 maxlen: 24
45.80.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 11:41:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:f4:68:5c:a7:a0:9d:fb:2e:c0:8a:07:93:e6:fe:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Oct 11 13:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fe8f42aff6f9f330f0609fb9d11793f0b658ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:e4:d4:13:ce:a0:d4:82:83:d3:da:ce:8d:
17:0d:91:25:f8:30:81:b1:84:2c:36:22:09:77:5e:
79:c2:33:79:9d:7e:6e:98:00:b6:b1:08:f7:77:75:
38:3d:a9:2c:30:cf:39:9f:8d:b0:96:75:6c:21:9e:
ac:67:c4:9d:23:e3:69:3b:86:e6:25:e7:49:b8:0b:
de:31:ef:3c:5d:2d:5e:0e:8c:d7:a3:03:69:af:3c:
36:ba:29:64:31:e0:9e:53:7e:3d:a7:49:4e:2b:07:
80:78:37:9b:8a:4c:96:00:12:c4:18:72:bc:a2:5e:
1b:c0:ba:29:6d:8b:ba:96:ed:09:fa:8c:e0:21:cf:
d8:4c:7a:f6:66:f9:ca:10:64:82:2d:23:9c:0d:e3:
72:b8:29:75:09:8b:d6:e1:87:df:d3:55:71:ac:47:
19:33:df:96:97:2d:57:5a:ae:df:61:de:7c:b1:fc:
93:23:c0:d7:15:18:3e:94:c4:af:84:64:7b:e1:3f:
0d:98:d8:0b:88:16:22:42:18:0a:48:5b:cf:81:9f:
5b:5b:10:0e:57:5a:68:de:d8:e5:c1:a8:3f:07:a7:
41:fc:02:e8:bf:3a:1e:2b:d4:29:e1:a4:70:e4:62:
5b:02:dc:9a:0c:ec:41:ec:af:e9:f5:11:f2:63:d9:
5e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E8:F4:2A:FF:6F:9F:33:0F:06:09:FB:9D:11:79:3F:0B:65:8E:E9
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/H-j0Kv9vnzMPBgn7nRF5Pwtljuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.28.0/24
45.80.30.0/23
86.62.28.0/22
194.36.32.0/23
194.107.162.0/24
Signature Algorithm: sha256WithRSAEncryption
84:ff:5a:24:74:05:d9:a5:55:66:fe:3c:ea:d6:cf:24:bf:62:
26:06:bf:0a:3c:0c:ba:3c:56:45:d6:82:90:cc:21:e3:d7:6b:
59:b5:19:b8:1a:ef:4c:76:ad:a9:05:43:41:23:30:c8:e3:b8:
ad:c4:67:96:8f:fa:69:94:76:f7:5f:21:cc:8e:d1:59:4c:df:
a2:83:9d:89:db:cf:59:d6:be:bd:a7:4c:6b:48:26:a2:59:c1:
20:98:87:17:ab:4b:4a:6c:4b:1e:10:40:8e:76:0a:7c:1f:b0:
92:ff:bd:1b:70:0e:8d:6d:7a:0a:5c:0f:d0:01:06:93:24:7b:
e0:1b:84:86:16:37:32:39:81:3b:58:88:bb:99:f4:82:16:f9:
44:9f:60:7a:ae:d4:1d:31:6b:fe:cd:b2:a9:57:81:17:1b:6d:
fd:27:7e:99:0d:de:f0:ee:9c:13:21:a2:11:d7:d9:e9:4c:b9:
01:04:28:b9:6f:2d:2a:10:ef:f4:0d:63:e9:2b:ec:0f:60:5e:
79:66:49:9a:61:6e:73:8c:e2:6e:33:00:cb:13:a3:19:f0:da:
d8:0b:94:c6:39:5d:a4:db:28:32:16:51:53:24:ab:7e:0a:58:
77:c3:f0:90:ab:ab:1e:0a:e3:8f:76:a2:90:5c:64:31:f0:14:
bd:5a:c5:86
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYse9Ghcp6Cd+y7AigeT5v6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMxMDExMTMzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmU4ZjQyYWZmNmY5ZjMzMGYwNjA5ZmI5ZDExNzkzZjBiNjU4ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjnk1BPOoNSCg9Pazo0XDZEl+DCB
sYQsNiIJd155wjN5nX5umAC2sQj3d3U4PaksMM85n42wlnVsIZ6sZ8SdI+NpO4bm
JedJuAveMe88XS1eDozXowNprzw2uilkMeCeU349p0lOKweAeDebikyWABLEGHK8
ol4bwLopbYu6lu0J+ozgIc/YTHr2ZvnKEGSCLSOcDeNyuCl1CYvW4Yff01VxrEcZ
M9+Wly1XWq7fYd58sfyTI8DXFRg+lMSvhGR74T8NmNgLiBYiQhgKSFvPgZ9bWxAO
V1po3tjlwag/B6dB/ALovzoeK9Qp4aRw5GJbAtyaDOxB7K/p9RHyY9le/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB/o9Cr/b58zDwYJ+50ReT8LZY7pMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvSC1qMEt2OXZuek1QQmduN25SRjVQd3RsanVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVAcAwQB
LVAeAwQCVj4cAwQBwiQgAwQAwmuiMA0GCSqGSIb3DQEBCwUAA4IBAQCE/1okdAXZ
pVVm/jzq1s8kv2ImBr8KPAy6PFZF1oKQzCHj12tZtRm4Gu9Mdq2pBUNBIzDI47it
xGeWj/pplHb3XyHMjtFZTN+ig52J289Z1r69p0xrSCaiWcEgmIcXq0tKbEseEECO
dgp8H7CS/70bcA6NbXoKXA/QAQaTJHvgG4SGFjcyOYE7WIi7mfSCFvlEn2B6rtQd
MWv+zbKpV4EXG239J36ZDd7w7pwTIaIR19npTLkBBCi5by0qEO/0DWPpK+wPYF55
ZkmaYW5zjOJuMwDLE6MZ8NrYC5TGOV2k2ygyFlFTJKt+Clh3w/CQq6seCuOPdqKQ
XGQx8BS9WsWG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org