Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/kH0tPEKWqXmoasM5maNWDncd5G4.roa
File: kH0tPEKWqXmoasM5maNWDncd5G4.roa (raw, json)
Hash identifier: I/ew2JGBXuMs+/HE/Uz6VwQRnosiSsH0u9c/CP6qLf8=
Subject key identifier: 90:7D:2D:3C:42:96:A9:79:A8:6A:C3:39:99:A3:56:0E:77:1D:E4:6E
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 01870934A91058AE851E54106643E4C45EE3
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/kH0tPEKWqXmoasM5maNWDncd5G4.roa
Signing time: Wed 22 Mar 2023 12:04:18 +0000
ROA not before: Wed 22 Mar 2023 12:04:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28716
IP address blocks: 78.159.216.0/21 maxlen: 24
77.95.136.0/21 maxlen: 24
185.61.12.0/22 maxlen: 24
45.89.180.0/22 maxlen: 24
185.41.212.0/22 maxlen: 22
80.94.116.0/24 maxlen: 24
80.94.112.0/20 maxlen: 24
78.159.192.0/21 maxlen: 24
217.19.144.0/20 maxlen: 24
46.243.32.0/21 maxlen: 24
2001:1bd0::/29 maxlen: 48
2a01:5d20::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Jun 2023 21:59:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:34:a9:10:58:ae:85:1e:54:10:66:43:e4:c4:5e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Mar 22 12:04:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907d2d3c4296a979a86ac33999a3560e771de46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:26:cd:c3:1b:f8:45:94:b5:cb:9c:b2:56:f6:
f6:79:ee:5d:24:0d:46:e4:7f:fc:7f:66:21:cf:a1:
93:3e:60:b2:fd:38:dc:16:38:23:8e:38:73:ac:68:
c3:3b:47:cc:8e:9d:e3:ff:bc:06:50:f4:ed:2c:b5:
dc:4d:e2:3d:52:52:1c:da:3c:a4:3c:aa:99:4a:49:
c1:11:7d:57:7b:b4:31:d8:6f:0e:57:ae:11:f6:93:
5e:27:1a:6f:88:79:30:14:7b:97:22:d2:6b:3d:07:
c5:15:cf:e4:e9:48:01:30:d9:35:6f:b4:be:51:4c:
df:c4:65:13:b0:b0:f6:47:0f:cf:16:8d:a3:76:14:
01:ef:63:cc:b4:69:80:9d:dc:fc:29:bb:62:6d:38:
aa:c1:c1:67:66:95:77:ae:33:20:37:c1:0f:3c:67:
9e:fc:0d:0c:5c:f6:1c:c2:93:3f:dd:ae:58:f5:ca:
10:04:b9:1b:89:ab:6a:49:d5:d4:8e:b0:1e:99:02:
18:25:67:9c:a1:68:eb:a5:d4:ec:4c:f5:5b:c9:9e:
23:fd:45:f7:c4:4a:16:85:1e:fe:13:53:a7:b6:cc:
e4:eb:e1:47:9e:6a:11:50:85:76:ce:ff:81:a0:6f:
06:f6:40:2d:1d:f0:eb:5b:c5:2e:bb:34:15:74:82:
b3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7D:2D:3C:42:96:A9:79:A8:6A:C3:39:99:A3:56:0E:77:1D:E4:6E
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/kH0tPEKWqXmoasM5maNWDncd5G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.180.0/22
46.243.32.0/21
77.95.136.0/21
78.159.192.0/21
78.159.216.0/21
80.94.112.0/20
185.41.212.0/22
185.61.12.0/22
217.19.144.0/20
IPv6:
2001:1bd0::/29
2a01:5d20::/29
Signature Algorithm: sha256WithRSAEncryption
38:1d:16:9f:bd:f6:12:6c:8f:d5:b9:e5:2d:2c:fb:ca:1c:87:
d3:9f:49:73:66:13:75:08:57:59:6f:e2:78:8e:ac:f6:c7:9b:
14:98:9b:3d:4e:ad:40:8b:bc:8e:b1:1e:86:1a:14:57:5e:c5:
d0:c7:28:ae:9f:95:19:76:42:f9:8a:23:9e:a8:78:9e:96:22:
3a:40:80:ce:32:27:07:ed:f3:32:c6:65:94:34:17:d2:78:95:
8b:53:1a:bf:5c:43:ae:35:8d:ce:89:e0:aa:cc:ff:5e:ef:72:
e5:1f:6e:f5:23:26:2c:35:bb:4c:26:a4:99:07:5e:fa:3b:bd:
f9:64:6c:af:4b:f9:58:ae:e9:f0:17:29:5e:b8:d3:2d:72:63:
fb:6c:c8:91:88:17:b8:d0:b4:e2:05:e3:ca:77:fa:38:f6:31:
1c:1b:d7:12:2b:57:79:ba:25:d9:ce:72:6a:26:fb:4c:a9:ea:
2f:cf:63:96:41:d1:53:06:7c:e8:0d:e3:47:ff:48:51:0a:e4:
b0:8d:b8:45:2f:f8:56:e4:84:f7:38:7a:1d:b0:53:1e:cf:ca:
87:bf:2e:7c:be:8e:27:01:66:8f:60:16:dd:a2:3b:2b:c8:59:
21:cd:ba:11:fe:e9:c3:fc:7b:a8:6b:fb:9f:6b:8d:b4:89:40:
d9:42:52:9e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYcJNKkQWK6FHlQQZkPkxF7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjMwMzIyMTIwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdkMmQzYzQyOTZhOTc5YTg2YWMzMzk5OWEzNTYwZTc3MWRlNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhibNwxv4RZS1y5yyVvb2ee5dJA1G
5H/8f2Yhz6GTPmCy/TjcFjgjjjhzrGjDO0fMjp3j/7wGUPTtLLXcTeI9UlIc2jyk
PKqZSknBEX1Xe7Qx2G8OV64R9pNeJxpviHkwFHuXItJrPQfFFc/k6UgBMNk1b7S+
UUzfxGUTsLD2Rw/PFo2jdhQB72PMtGmAndz8KbtibTiqwcFnZpV3rjMgN8EPPGee
/A0MXPYcwpM/3a5Y9coQBLkbiatqSdXUjrAemQIYJWecoWjrpdTsTPVbyZ4j/UX3
xEoWhR7+E1Ontszk6+FHnmoRUIV2zv+BoG8G9kAtHfDrW8UuuzQVdIKzAQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJB9LTxClql5qGrDOZmjVg53HeRuMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEva0gwdFBFS1dxWG1vYXNNNW1hTldEbmNkNUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCLVm0AwQD
LvMgAwQDTV+IAwQDTp/AAwQDTp/YAwQEUF5wAwQCuSnUAwQCuT0MAwQE2ROQMBQE
AgACMA4DBQMgARvQAwUDKgFdIDANBgkqhkiG9w0BAQsFAAOCAQEAOB0Wn732EmyP
1bnlLSz7yhyH059Jc2YTdQhXWW/ieI6s9sebFJibPU6tQIu8jrEehhoUV17F0Mco
rp+VGXZC+Yojnqh4npYiOkCAzjInB+3zMsZllDQX0niVi1Mav1xDrjWNzongqsz/
Xu9y5R9u9SMmLDW7TCakmQde+ju9+WRsr0v5WK7p8BcpXrjTLXJj+2zIkYgXuNC0
4gXjynf6OPYxHBvXEitXebol2c5yaib7TKnqL89jlkHRUwZ86A3jR/9IUQrksI24
RS/4VuSE9zh6HbBTHs/Kh78ufL6OJwFmj2AW3aI7K8hZIc26Ef7pw/x7qGv7n2uN
tIlA2UJSng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org