Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/H9KDGbehRdJa3YHrB1eHmumZM8g.roa
File: H9KDGbehRdJa3YHrB1eHmumZM8g.roa (raw, json)
Hash identifier: RN7tqe3BiKxnZwZ+6MtFTIWspB8G/o0GLBXo9MD8X1c=
Subject key identifier: 1F:D2:83:19:B7:A1:45:D2:5A:DD:81:EB:07:57:87:9A:E9:99:33:C8
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 019251CAF77CFA18323D7730F4DBC85B1E6B
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/H9KDGbehRdJa3YHrB1eHmumZM8g.roa
Signing time: Thu 03 Oct 2024 09:51:49 +0000
ROA not before: Thu 03 Oct 2024 09:51:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 11:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:ca:f7:7c:fa:18:32:3d:77:30:f4:db:c8:5b:1e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Oct 3 09:51:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fd28319b7a145d25add81eb0757879ae99933c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:56:6f:d7:23:b5:b8:f6:b5:e5:d0:71:34:31:
41:cd:bf:72:c8:5b:b0:6c:95:e1:c4:2e:69:19:d7:
07:a3:76:7a:f8:7a:95:2d:d4:1c:86:b2:b3:21:8d:
8c:d9:56:19:92:8d:eb:95:4e:ce:c4:0f:b3:72:4e:
a4:eb:41:da:39:b6:7f:db:cb:7d:d9:be:95:5d:28:
22:6f:8c:0b:0f:fb:5b:73:25:66:a2:1a:a6:da:97:
4c:16:b3:4f:44:1a:9e:32:f6:98:fd:f1:74:a7:90:
ef:55:2c:7c:0d:1b:53:65:d4:0b:db:c6:55:e5:40:
64:fb:97:69:e9:93:89:ab:e5:65:40:5e:cd:be:9c:
8a:93:70:c2:22:00:b8:90:75:61:86:df:14:9c:bb:
66:66:09:23:19:98:8f:0d:20:0f:61:8b:5c:2d:93:
4d:b3:c4:b2:11:b6:c3:5b:9e:de:74:78:8d:d8:13:
9a:38:09:44:c2:f5:6a:9a:1d:ce:1c:0c:e5:b3:36:
49:60:a2:27:bb:a7:01:71:10:f7:49:47:a2:7e:c8:
0b:81:2c:76:ad:1f:c7:53:58:8a:ab:84:de:83:5c:
b5:08:b9:fe:3e:f3:6b:c5:3a:7a:e0:50:58:06:ba:
41:00:e8:a7:98:7a:4e:f1:a5:2e:41:76:3f:18:ed:
2b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D2:83:19:B7:A1:45:D2:5A:DD:81:EB:07:57:87:9A:E9:99:33:C8
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/H9KDGbehRdJa3YHrB1eHmumZM8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.91.200.0-45.91.202.255
45.132.107.0/24
77.83.175.0/24
91.211.248.0/23
92.119.114.0/24
185.203.241.0/24
185.209.20.0/23
185.219.81.0/24
185.219.83.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b1:c9:9f:84:40:40:14:0c:88:5d:8a:3e:e4:30:1d:e9:60:
c1:64:e7:a5:19:f9:22:c4:1d:4e:bb:24:28:5c:eb:32:03:c3:
8f:b9:ad:1b:2c:00:c1:9d:5a:4d:1d:b6:00:0d:3a:aa:ae:7a:
36:f0:98:f9:51:47:f5:81:53:05:36:b5:9c:9f:1d:df:d3:20:
8c:78:76:2d:e2:a9:16:c6:7f:b0:03:39:8e:a5:b7:1a:6b:63:
c7:9d:20:d2:89:54:4b:90:f3:c4:01:88:3a:bc:a4:42:68:3a:
98:c4:e4:c8:f7:36:e6:db:6e:dd:31:bf:63:64:19:7c:fa:cf:
f8:67:4b:b6:b8:5b:91:8d:fd:92:a2:b9:cd:3a:13:f2:6b:2c:
ad:89:b4:a5:9e:92:1d:b2:f7:f2:05:e8:76:d4:6d:99:e3:fa:
e6:2a:2d:51:11:c0:0a:ea:34:f8:87:7e:17:4d:76:b3:4c:65:
c8:8d:3a:93:de:ee:df:e8:8b:81:f7:c6:08:fe:7f:9e:cd:88:
3b:58:6f:38:b8:7f:04:e5:9e:db:b8:63:98:21:b9:68:36:a7:
ae:26:8f:79:4d:a7:bb:bf:10:56:f0:87:3b:27:bb:7b:3a:31:
6b:9a:5c:f3:84:34:26:b5:79:b6:22:d3:7f:a5:31:f5:2d:1c:
7b:14:eb:7c
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZJRyvd8+hgyPXcw9NvIWx5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQxMDAzMDk1MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQyODMxOWI3YTE0NWQyNWFkZDgxZWIwNzU3ODc5YWU5OTkzM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlZv1yO1uPa15dBxNDFBzb9yyFuw
bJXhxC5pGdcHo3Z6+HqVLdQchrKzIY2M2VYZko3rlU7OxA+zck6k60HaObZ/28t9
2b6VXSgib4wLD/tbcyVmohqm2pdMFrNPRBqeMvaY/fF0p5DvVSx8DRtTZdQL28ZV
5UBk+5dp6ZOJq+VlQF7NvpyKk3DCIgC4kHVhht8UnLtmZgkjGZiPDSAPYYtcLZNN
s8SyEbbDW57edHiN2BOaOAlEwvVqmh3OHAzlszZJYKInu6cBcRD3SUeifsgLgSx2
rR/HU1iKq4Teg1y1CLn+PvNrxTp64FBYBrpBAOinmHpO8aUuQXY/GO0rxwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFB/Sgxm3oUXSWt2B6wdXh5rpmTPIMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvSDlLREdiZWhSZEphM1lIckIxZUhtdW1aTThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALVhMAwQA
LVhpMAwDBAMtW8gDBAAtW8oDBAAthGsDBABNU68DBAFb0/gDBABcd3IDBAC5y/ED
BAG50RQDBAC521EDBAC521MwDQYJKoZIhvcNAQELBQADggEBAGCxyZ+EQEAUDIhd
ij7kMB3pYMFk56UZ+SLEHU67JChc6zIDw4+5rRssAMGdWk0dtgANOqquejbwmPlR
R/WBUwU2tZyfHd/TIIx4di3iqRbGf7ADOY6ltxprY8edINKJVEuQ88QBiDq8pEJo
OpjE5Mj3Nubbbt0xv2NkGXz6z/hnS7a4W5GN/ZKiuc06E/JrLK2JtKWekh2y9/IF
6HbUbZnj+uYqLVERwArqNPiHfhdNdrNMZciNOpPe7t/oi4H3xgj+f57NiDtYbzi4
fwTlntu4Y5ghuWg2p64mj3lNp7u/EFbwhzsnu3s6MWuaXPOENCa1ebYi03+lMfUt
HHsU63w=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:44:27 2025 by rpki-client