Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/bHs9lbnh1vCE9qZ5Z7nS-8jxQu8.roa
File: bHs9lbnh1vCE9qZ5Z7nS-8jxQu8.roa (raw, json)
Hash identifier: Evgwhd/8juzxS9Ulrw94mr0kkkQII+LYoZlYSWHKXm4=
Subject key identifier: 6C:7B:3D:95:B9:E1:D6:F0:84:F6:A6:79:67:B9:D2:FB:C8:F1:42:EF
Certificate issuer: /CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Certificate serial: 0190F884B3C72F36522793E024BD8E12E32C
Authority key identifier: 0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/bHs9lbnh1vCE9qZ5Z7nS-8jxQu8.roa
Signing time: Sun 28 Jul 2024 08:46:04 +0000
ROA not before: Sun 28 Jul 2024 08:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48434
IP address blocks: 94.232.168.0/21 maxlen: 27
185.37.52.0/22 maxlen: 27
185.78.20.0/22 maxlen: 27
185.232.152.0/22 maxlen: 27
185.232.153.0/24 maxlen: 27
185.232.154.0/23 maxlen: 27
185.232.154.0/24 maxlen: 27
185.232.155.0/24 maxlen: 27
2a04:6e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jul 2024 07:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f8:84:b3:c7:2f:36:52:27:93:e0:24:bd:8e:12:e3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Validity
Not Before: Jul 28 08:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7b3d95b9e1d6f084f6a67967b9d2fbc8f142ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:80:94:6e:56:13:7d:6f:3a:9c:74:56:c4:
10:5a:7e:12:25:84:6f:c2:01:ce:b6:e1:f9:25:34:
fe:f9:64:57:c9:fc:5b:f0:32:7c:14:aa:6b:d5:5b:
cd:41:87:a5:d9:62:25:08:37:b6:49:93:2b:2e:2b:
09:16:cf:a3:4d:2b:b8:8e:62:73:0d:e6:2f:9d:56:
fa:fe:31:e2:1f:c2:2f:70:b8:66:fd:65:9b:1b:7b:
c8:45:fa:f4:79:58:a9:f8:03:3f:a6:35:71:c6:12:
59:8d:98:09:77:09:08:ac:29:38:3f:0a:c2:6f:ab:
81:08:97:92:25:8e:5e:bb:39:2e:98:fd:b8:be:92:
e3:15:8b:9d:07:7a:6e:8a:3b:0a:5e:05:31:e2:44:
19:3f:cf:f7:30:f2:f0:d3:82:b9:90:17:e3:21:bf:
28:89:1d:86:80:05:4c:75:c7:33:c9:f6:99:04:3a:
5c:8a:54:9f:03:e0:2c:96:71:9d:51:ba:12:61:83:
12:bd:17:96:a0:41:d1:d9:53:37:c3:9a:c1:5d:9a:
f6:76:62:1a:2e:c6:c3:34:ab:90:44:db:e3:55:14:
b4:6f:b3:7f:a9:aa:ae:7d:16:3e:0e:19:ad:b9:53:
e7:0d:30:4d:83:af:35:50:e3:7b:9c:28:88:37:71:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7B:3D:95:B9:E1:D6:F0:84:F6:A6:79:67:B9:D2:FB:C8:F1:42:EF
X509v3 Authority Key Identifier:
keyid:0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/bHs9lbnh1vCE9qZ5Z7nS-8jxQu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.168.0/21
185.37.52.0/22
185.78.20.0/22
185.232.152.0/22
IPv6:
2a04:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
09:d8:c0:17:7a:67:e0:01:e6:fe:1c:6d:e1:89:02:b5:1a:91:
5d:39:9b:f2:8c:41:d2:2e:fd:16:1f:eb:9d:7b:5d:e0:03:46:
31:19:7f:94:2c:8b:9d:8d:a8:d9:6c:20:7c:a2:af:c0:5b:65:
0a:fe:a5:c3:1e:a1:ea:23:aa:94:c9:e8:36:3b:20:91:a9:82:
32:7b:c9:74:47:4d:43:b7:02:9e:a4:b6:47:8f:a0:58:0c:8c:
96:bd:18:b5:8c:77:2b:b1:20:f5:05:14:51:8b:25:49:1e:12:
16:a0:19:00:c6:78:21:31:c2:2b:7a:db:57:ad:ff:26:c8:56:
1f:46:b5:f4:7f:d8:3c:3f:52:88:83:2f:fa:8f:f2:eb:53:b5:
74:61:c0:2c:68:f5:a5:52:8c:df:eb:25:22:ed:c7:b4:71:92:
76:2c:94:27:79:08:b3:fa:3f:61:02:b4:94:58:6d:50:cb:71:
0d:3f:1d:94:f4:9d:f5:a5:03:8f:85:2d:de:d6:7c:99:ec:98:
47:ac:cc:6a:68:7f:34:db:12:74:0e:1d:34:86:46:ed:61:5f:
5f:52:8b:56:22:e0:67:ff:27:1a:0b:df:5e:4a:ae:5a:b8:27:
3f:78:c4:20:97:cd:0c:0d:fc:b1:3f:b6:1e:0f:72:58:d7:1d:
ff:eb:31:2b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZD4hLPHLzZSJ5PgJL2OEuMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZGE1Yzg3NDM1NGQ4MzgyNmU0M2MyNTM1Yjc2ZTIwZDVi
NjFiMDUwHhcNMjQwNzI4MDg0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdiM2Q5NWI5ZTFkNmYwODRmNmE2Nzk2N2I5ZDJmYmM4ZjE0MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3WAlG5WE31vOpx0VsQQWn4SJYRv
wgHOtuH5JTT++WRXyfxb8DJ8FKpr1VvNQYel2WIlCDe2SZMrLisJFs+jTSu4jmJz
DeYvnVb6/jHiH8IvcLhm/WWbG3vIRfr0eVip+AM/pjVxxhJZjZgJdwkIrCk4PwrC
b6uBCJeSJY5euzkumP24vpLjFYudB3puijsKXgUx4kQZP8/3MPLw04K5kBfjIb8o
iR2GgAVMdcczyfaZBDpcilSfA+AslnGdUboSYYMSvReWoEHR2VM3w5rBXZr2dmIa
LsbDNKuQRNvjVRS0b7N/qaqufRY+DhmtuVPnDTBNg681UON7nCiIN3H9kwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGx7PZW54dbwhPameWe50vvI8ULvMB8GA1UdIwQY
MBaAFAzaXIdDVNg4JuQ8JTW3biDVthsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMt
YzgyZjQyNGI2ZDBkLzEvYkhzOWxibmgxdkNFOXFaNVo3blMtOGp4UXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMtYzgyZjQyNGI2ZDBk
LzEvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXuioAwQC
uSU0AwQCuU4UAwQCueiYMA0EAgACMAcDBQMqBG4AMA0GCSqGSIb3DQEBCwUAA4IB
AQAJ2MAXemfgAeb+HG3hiQK1GpFdOZvyjEHSLv0WH+ude13gA0YxGX+ULIudjajZ
bCB8oq/AW2UK/qXDHqHqI6qUyeg2OyCRqYIye8l0R01DtwKepLZHj6BYDIyWvRi1
jHcrsSD1BRRRiyVJHhIWoBkAxnghMcIrettXrf8myFYfRrX0f9g8P1KIgy/6j/Lr
U7V0YcAsaPWlUozf6yUi7ce0cZJ2LJQneQiz+j9hArSUWG1Qy3ENPx2U9J31pQOP
hS3e1nyZ7JhHrMxqaH802xJ0Dh00hkbtYV9fUotWIuBn/ycaC99eSq5auCc/eMQg
l80MDfyxP7YeD3JY1x3/6zEr
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:32:35 2025 by rpki-client