Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/s-H3-8jszZLHYxcybk7rpP27jX0.roa
File: s-H3-8jszZLHYxcybk7rpP27jX0.roa (raw, json)
Hash identifier: M5wYYZwsveST2Ow2pcDozK2xL2d60PtkBN7woH31hXc=
Subject key identifier: B3:E1:F7:FB:C8:EC:CD:92:C7:63:17:32:6E:4E:EB:A4:FD:BB:8D:7D
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018D7DE94331D0B132EF237976324C463461
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/s-H3-8jszZLHYxcybk7rpP27jX0.roa
Signing time: Tue 06 Feb 2024 10:14:15 +0000
ROA not before: Tue 06 Feb 2024 10:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 10:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:e9:43:31:d0:b1:32:ef:23:79:76:32:4c:46:34:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 6 10:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3e1f7fbc8eccd92c76317326e4eeba4fdbb8d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:9f:66:18:b4:78:a7:ea:31:c1:e7:cd:28:
c2:4f:23:7a:df:e6:d1:52:e3:39:7e:5e:34:b1:29:
ff:ab:a8:63:9d:69:96:89:04:88:d9:72:c3:c4:ad:
8a:bd:97:c7:df:5d:31:dd:7e:8c:44:62:26:66:35:
73:49:b1:1a:d5:ca:05:b4:9e:e1:62:2e:42:25:f1:
03:a0:dc:b4:c0:ff:a9:f0:09:c7:3e:f6:fd:10:5d:
d1:d4:90:fa:fb:c8:41:b8:4f:b5:ed:79:24:c1:46:
4f:b7:2d:09:25:8f:7c:2d:96:42:45:10:b1:dc:e8:
4f:9f:e2:3b:3a:12:9d:5d:be:dc:a6:fc:c6:bf:15:
53:b8:d1:e4:ad:6f:57:e4:5a:f3:59:31:72:c1:11:
dd:6b:5c:47:b6:a0:90:5e:3f:86:ab:8f:97:71:0a:
c9:59:1e:55:8d:b6:f8:44:2b:bd:14:65:d3:6f:ae:
0c:02:0f:ac:4e:ec:36:c0:8d:73:52:39:3e:1e:54:
38:4e:fd:f0:ce:35:ec:d9:fd:6a:ca:17:a5:8f:14:
92:9a:a1:c4:76:62:81:91:a2:b5:11:e8:a9:dd:53:
9c:83:cd:c9:ea:2b:1e:8f:eb:4e:36:04:b6:c6:cc:
00:a0:2e:49:44:12:56:64:f2:71:6b:e6:de:77:eb:
13:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E1:F7:FB:C8:EC:CD:92:C7:63:17:32:6E:4E:EB:A4:FD:BB:8D:7D
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/s-H3-8jszZLHYxcybk7rpP27jX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.44.240.0/23
89.46.217.0/24
185.3.200.0/24
185.239.1.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
65:d6:b4:29:63:6d:1c:5e:c0:70:53:44:5e:8d:0d:d9:b3:4c:
31:00:c3:b4:e0:54:1a:2d:91:81:c4:11:b6:b9:01:47:d2:ba:
6e:9d:ec:32:f3:d6:b8:8c:f7:2d:04:f8:0e:bc:cd:0b:0b:d3:
64:e3:be:e5:7e:41:5f:bb:47:83:9c:65:f7:ae:e9:5e:18:5a:
1b:25:1e:de:f2:01:a1:8f:cd:a1:b5:d7:8d:3c:ff:32:0f:94:
7e:39:4b:88:be:75:91:68:e6:21:e0:83:5b:55:f9:48:36:86:
d1:fe:ca:e5:0e:be:67:fa:14:76:c2:31:c4:a6:73:2a:bb:f3:
ef:a9:c9:6b:4a:a6:6d:94:2f:88:fa:e2:e3:e8:11:54:fa:ea:
cb:20:be:29:7f:ce:d0:23:15:fc:bf:48:9c:0c:c0:50:f1:52:
52:a1:eb:3b:87:29:23:0d:a8:da:e7:b1:57:59:17:49:39:16:
f4:5a:c0:1a:f4:f5:f9:cb:05:f8:f2:83:55:78:6e:f5:dd:bc:
2c:34:cb:76:11:2e:84:76:ef:4a:cb:6b:9d:48:3d:54:fb:16:
8f:13:83:f6:a5:c6:3e:c1:f1:b3:4d:2c:3f:8d:4c:02:14:c6:
41:e8:2d:6f:70:f1:61:a6:1a:87:3d:d1:4d:7e:3a:a4:fb:03:
dc:c0:b9:0c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY196UMx0LEy7yN5djJMRjRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMjA2MTAxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2UxZjdmYmM4ZWNjZDkyYzc2MzE3MzI2ZTRlZWJhNGZkYmI4ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmSfZhi0eKfqMcHnzSjCTyN63+bR
UuM5fl40sSn/q6hjnWmWiQSI2XLDxK2KvZfH310x3X6MRGImZjVzSbEa1coFtJ7h
Yi5CJfEDoNy0wP+p8AnHPvb9EF3R1JD6+8hBuE+17XkkwUZPty0JJY98LZZCRRCx
3OhPn+I7OhKdXb7cpvzGvxVTuNHkrW9X5FrzWTFywRHda1xHtqCQXj+Gq4+XcQrJ
WR5Vjbb4RCu9FGXTb64MAg+sTuw2wI1zUjk+HlQ4Tv3wzjXs2f1qyheljxSSmqHE
dmKBkaK1Eeip3VOcg83J6isej+tONgS2xswAoC5JRBJWZPJxa+bed+sT9wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLPh9/vI7M2Sx2MXMm5O66T9u419MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvcy1IMy04anN6WkxIWXhjeWJrN3JwUDI3algwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLV7WAwQC
WSosAwQBWSzwAwQAWS7ZAwQAuQPIAwQAue8BAwQAvPDEMA0GCSqGSIb3DQEBCwUA
A4IBAQBl1rQpY20cXsBwU0RejQ3Zs0wxAMO04FQaLZGBxBG2uQFH0rpunewy89a4
jPctBPgOvM0LC9Nk477lfkFfu0eDnGX3ruleGFobJR7e8gGhj82htdeNPP8yD5R+
OUuIvnWRaOYh4INbVflINobR/srlDr5n+hR2wjHEpnMqu/PvqclrSqZtlC+I+uLj
6BFU+urLIL4pf87QIxX8v0icDMBQ8VJSoes7hykjDaja57FXWRdJORb0WsAa9PX5
ywX48oNVeG713bwsNMt2ES6Edu9Ky2udSD1U+xaPE4P2pcY+wfGzTSw/jUwCFMZB
6C1vcPFhphqHPdFNfjqk+wPcwLkM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org