Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4xcfv-19oL621GEeCdkkef-GWM.roa
File: H4xcfv-19oL621GEeCdkkef-GWM.roa (raw, json)
Hash identifier: w7Km61GWD2DUOREb/m5613IdChEqm9noE8V6x9RT9kc=
Subject key identifier: 1F:8C:5C:7E:FF:B5:F6:82:FA:DB:51:84:78:27:64:91:E7:FE:19:63
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E86047F7E0489C5E2D800C49EB24E1B59
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4xcfv-19oL621GEeCdkkef-GWM.roa
Signing time: Thu 28 Mar 2024 17:03:45 +0000
ROA not before: Thu 28 Mar 2024 17:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 13:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:04:7f:7e:04:89:c5:e2:d8:00:c4:9e:b2:4e:1b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 17:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8c5c7effb5f682fadb518478276491e7fe1963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e8:bb:89:e2:74:12:04:35:c2:ce:66:67:ad:
eb:4d:c1:5d:67:b0:e5:c7:96:5e:54:8b:a1:fe:52:
8f:76:f4:84:e9:4e:2b:51:a3:28:a6:f1:ad:8e:52:
0a:8f:2a:2c:34:f8:f8:dc:e0:8c:77:b6:1f:88:ca:
92:a8:a4:d6:2d:91:1b:0a:0c:ec:3b:60:9e:43:30:
51:0c:22:60:b4:66:ad:66:b5:a0:88:12:66:3e:25:
62:70:06:f5:d9:4a:7b:39:83:78:c4:6c:3f:77:32:
e2:69:d8:5b:a7:4f:7c:e4:26:2c:40:db:d9:00:e9:
c9:3b:8b:4d:be:e4:92:2e:7e:0f:8a:e8:26:88:96:
aa:2a:9c:83:0e:ba:1f:14:a1:80:c0:b5:db:09:5c:
8d:e2:70:b3:6e:b2:d9:4b:e3:63:33:c0:f9:ea:4d:
75:ac:a4:f4:9e:36:0b:c9:ea:7b:3c:c7:c8:1d:df:
2f:49:51:ad:22:56:d7:0b:b3:04:3d:37:e2:23:09:
b5:bc:7a:bb:62:00:ef:ce:a3:d4:83:9c:45:e6:05:
cb:02:07:fc:72:06:4e:f2:3d:63:c1:8e:88:14:95:
cc:ff:54:64:a8:07:e6:f2:b3:ca:2e:6f:64:ce:62:
58:6a:78:5b:52:45:66:e1:65:5d:32:e2:d7:a1:7f:
c7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8C:5C:7E:FF:B5:F6:82:FA:DB:51:84:78:27:64:91:E7:FE:19:63
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4xcfv-19oL621GEeCdkkef-GWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
84.252.69.0/24
88.218.184.0/22
194.59.222.0/24
194.60.76.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9c:1c:d0:19:23:5d:75:18:95:b3:1d:83:67:e7:a4:63:20:
5e:5a:23:46:00:d5:0d:46:df:6b:1e:71:f5:89:53:ef:f8:0b:
33:19:e6:ee:6c:43:e9:be:d0:0f:a8:20:a4:b6:87:f3:96:df:
cc:96:a5:55:bc:e0:45:d6:27:cb:46:09:ac:e0:7f:d4:1a:07:
06:14:15:32:b9:ed:9c:76:71:d0:4c:3a:9f:32:b2:d4:d7:24:
99:ca:69:c0:59:95:ab:6e:7e:8c:42:a8:84:fb:29:15:5d:a3:
16:73:49:42:fe:74:c4:e1:1d:71:e4:16:b0:60:5f:c1:3d:38:
bc:6e:e1:2b:dd:e4:c1:53:ce:50:94:b0:22:87:c3:80:d0:99:
d4:1b:df:58:27:8f:30:7f:5d:08:85:bc:ef:6d:8c:b2:97:08:
cc:0e:c3:ae:e5:8c:c1:76:78:c6:e1:22:e8:54:ce:d4:98:c3:
97:a0:e6:01:4e:7a:b1:fd:66:8e:42:c4:ae:96:b5:5c:a4:36:
33:02:df:69:b7:08:ec:0b:8f:24:28:10:37:9b:cc:3e:35:32:
ae:12:4c:03:ec:a6:0e:35:c1:ca:36:0b:3d:56:8d:5c:b9:45:
2e:45:02:73:5c:44:0c:d3:ba:16:04:21:27:27:62:43:0b:97:
61:89:09:79
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6GBH9+BInF4tgAxJ6yThtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhjNWM3ZWZmYjVmNjgyZmFkYjUxODQ3ODI3NjQ5MWU3ZmUxOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+i7ieJ0EgQ1ws5mZ63rTcFdZ7Dl
x5ZeVIuh/lKPdvSE6U4rUaMopvGtjlIKjyosNPj43OCMd7YfiMqSqKTWLZEbCgzs
O2CeQzBRDCJgtGatZrWgiBJmPiVicAb12Up7OYN4xGw/dzLiadhbp0985CYsQNvZ
AOnJO4tNvuSSLn4PiugmiJaqKpyDDrofFKGAwLXbCVyN4nCzbrLZS+NjM8D56k11
rKT0njYLyep7PMfIHd8vSVGtIlbXC7MEPTfiIwm1vHq7YgDvzqPUg5xF5gXLAgf8
cgZO8j1jwY6IFJXM/1RkqAfm8rPKLm9kzmJYanhbUkVm4WVdMuLXoX/HDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB+MXH7/tfaC+ttRhHgnZJHn/hljMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSDR4Y2Z2LTE5b0w2MjFHRWVDZGtrZWYtR1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLVd8AwQA
LVd/AwQALYB8AwQAVPxFAwQCWNq4AwQAwjveAwQAwjxMAwQA1GsZMA0GCSqGSIb3
DQEBCwUAA4IBAQBNnBzQGSNddRiVsx2DZ+ekYyBeWiNGANUNRt9rHnH1iVPv+Asz
GebubEPpvtAPqCCktofzlt/MlqVVvOBF1ifLRgms4H/UGgcGFBUyue2cdnHQTDqf
MrLU1ySZymnAWZWrbn6MQqiE+ykVXaMWc0lC/nTE4R1x5BawYF/BPTi8buEr3eTB
U85QlLAih8OA0JnUG99YJ48wf10IhbzvbYyylwjMDsOu5YzBdnjG4SLoVM7UmMOX
oOYBTnqx/WaOQsSulrVcpDYzAt9ptwjsC48kKBA3m8w+NTKuEkwD7KYONcHKNgs9
Vo1cuUUuRQJzXEQM07oWBCEnJ2JDC5dhiQl5
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:04 2024 by rpki-client on console-fra.rpki-client.org