Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/Hu-0s5iV6illdoMtQfzTis3pajo.roa
File: Hu-0s5iV6illdoMtQfzTis3pajo.roa (raw, json)
Hash identifier: pH2siKNYvKEAfF+qsI+ajrKir6D67IdoDa3oyoe2rTU=
Subject key identifier: 1E:EF:B4:B3:98:95:EA:29:65:76:83:2D:41:FC:D3:8A:CD:E9:6A:3A
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 01856E264D2C61CE4F36DC30993F546C92C0
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/Hu-0s5iV6illdoMtQfzTis3pajo.roa
Signing time: Sun 01 Jan 2023 16:24:41 +0000
ROA not before: Sun 01 Jan 2023 16:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6893
IP address blocks: 185.125.199.0/24 maxlen: 24
185.125.198.0/24 maxlen: 24
185.125.197.0/24 maxlen: 24
185.125.196.0/22 maxlen: 22
185.125.196.0/23 maxlen: 23
185.125.196.0/24 maxlen: 24
62.220.128.0/19 maxlen: 19
62.220.150.0/24 maxlen: 24
62.220.158.0/24 maxlen: 24
2001:788::/29 maxlen: 29
2001:788::/32 maxlen: 32
2001:789::/32 maxlen: 32
2001:78c::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:4d:2c:61:ce:4f:36:dc:30:99:3f:54:6c:92:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Jan 1 16:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eefb4b39895ea296576832d41fcd38acde96a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b3:84:2a:28:ab:d3:ad:a2:ac:32:6a:e8:1e:
29:a3:4e:7f:3d:1a:94:d0:2c:45:a2:7e:66:96:cc:
8d:09:65:6b:21:c9:3e:2e:66:cc:67:c8:36:0e:d8:
e2:78:71:a0:33:af:96:c6:83:e1:ac:35:35:3b:ba:
8b:e7:2a:18:83:86:78:44:d5:0b:b4:4d:e5:46:86:
3b:5c:be:0c:49:a4:14:da:4d:99:74:f8:8f:65:3b:
0c:16:35:79:14:f7:90:c8:41:75:9d:0d:89:c6:fa:
a6:4b:2c:6e:0d:2d:ad:b2:99:85:ff:b2:1a:a9:8f:
3b:f9:39:78:b7:d8:11:ce:74:dc:5f:67:b7:22:13:
b0:78:97:00:0f:df:59:59:19:c2:2f:16:89:67:9d:
50:0f:5c:32:f9:9e:dd:a3:c8:c4:f7:f1:74:39:6c:
3d:38:fb:26:cd:1c:bd:89:cf:ae:3a:58:d7:03:d6:
44:de:f4:93:42:db:62:e5:bf:25:20:f4:d0:35:31:
19:99:5f:b3:b2:67:4e:4d:71:c3:45:50:08:af:52:
5d:0a:dd:d3:7e:1d:d4:8e:68:c8:89:59:84:df:d3:
eb:43:81:a1:c8:cb:01:89:80:8f:43:b1:95:dd:0c:
7d:95:6f:c3:cb:72:3c:57:22:0a:cd:3f:0b:93:9c:
cc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EF:B4:B3:98:95:EA:29:65:76:83:2D:41:FC:D3:8A:CD:E9:6A:3A
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/Hu-0s5iV6illdoMtQfzTis3pajo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.128.0/19
185.125.196.0/22
IPv6:
2001:788::/29
Signature Algorithm: sha256WithRSAEncryption
16:00:23:8f:23:6f:56:44:6e:9a:41:4b:9a:f3:23:84:63:a8:
d0:5b:ed:4d:bb:24:c4:d3:bc:27:80:51:3c:0b:9f:3f:f7:d4:
9d:1f:8e:55:b0:ee:62:8d:ef:fd:40:51:f5:b3:5e:ac:0e:a6:
cc:97:73:18:99:78:eb:4e:69:df:9f:ae:ef:6a:84:32:65:cb:
59:34:c5:dc:c7:fb:ea:e4:72:98:82:1f:ba:ee:26:1f:81:92:
d7:46:08:86:d7:1e:fe:e5:c8:bd:3a:75:a1:ae:a1:2f:7c:15:
a4:d1:ed:d2:a6:d3:be:cf:ae:0c:2a:14:d1:7e:8e:34:00:ed:
8d:b9:e1:16:7e:3b:df:8d:e1:65:c2:c4:04:ad:87:6a:01:6a:
14:33:4e:84:0e:75:94:52:44:59:58:e5:83:7d:7e:8c:ac:05:
08:88:a9:8a:69:69:2b:c8:4e:c7:33:1f:2f:53:70:83:68:23:
9a:4e:36:b2:ff:ff:aa:00:98:1d:34:11:ab:f0:3a:e0:13:61:
e3:75:a6:10:66:eb:1e:2c:e8:4e:73:0e:98:c5:fe:2f:d0:ec:
46:bd:c8:a1:68:f9:cc:62:eb:3e:f4:4a:da:2d:5f:52:f8:6c:
98:ae:f5:d0:b2:65:a0:f2:6f:75:f1:9a:1e:60:37:82:ea:00:
3b:42:0d:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuJk0sYc5PNtwwmT9UbJLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3
NDAwOTcwHhcNMjMwMTAxMTYyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWVmYjRiMzk4OTVlYTI5NjU3NjgzMmQ0MWZjZDM4YWNkZTk2YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLOEKiir062irDJq6B4po05/PRqU
0CxFon5mlsyNCWVrIck+LmbMZ8g2DtjieHGgM6+WxoPhrDU1O7qL5yoYg4Z4RNUL
tE3lRoY7XL4MSaQU2k2ZdPiPZTsMFjV5FPeQyEF1nQ2JxvqmSyxuDS2tspmF/7Ia
qY87+Tl4t9gRznTcX2e3IhOweJcAD99ZWRnCLxaJZ51QD1wy+Z7do8jE9/F0OWw9
OPsmzRy9ic+uOljXA9ZE3vSTQtti5b8lIPTQNTEZmV+zsmdOTXHDRVAIr1JdCt3T
fh3UjmjIiVmE39PrQ4GhyMsBiYCPQ7GV3Qx9lW/Dy3I8VyIKzT8Lk5zMOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB7vtLOYleopZXaDLUH804rN6Wo6MB8GA1UdIwQY
MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt
NDdiY2QzOWMzZDg2LzEvSHUtMHM1aVY2aWxsZG9NdFFmelRpczNwYWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2
LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPtyAAwQC
uX3EMA0EAgACMAcDBQMgAQeIMA0GCSqGSIb3DQEBCwUAA4IBAQAWACOPI29WRG6a
QUua8yOEY6jQW+1NuyTE07wngFE8C58/99SdH45VsO5ije/9QFH1s16sDqbMl3MY
mXjrTmnfn67vaoQyZctZNMXcx/vq5HKYgh+67iYfgZLXRgiG1x7+5ci9OnWhrqEv
fBWk0e3SptO+z64MKhTRfo40AO2NueEWfjvfjeFlwsQErYdqAWoUM06EDnWUUkRZ
WOWDfX6MrAUIiKmKaWkryE7HMx8vU3CDaCOaTjay//+qAJgdNBGr8DrgE2HjdaYQ
ZuseLOhOcw6Yxf4v0OxGvcihaPnMYus+9EraLV9S+GyYrvXQsmWg8m918ZoeYDeC
6gA7Qg03
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:18 2024 by rpki-client on console-fra.rpki-client.org