Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/HnpCbPq2fDb3MVjZ2Il3rq8KdME.roa
File: HnpCbPq2fDb3MVjZ2Il3rq8KdME.roa (raw, json)
Hash identifier: 7w7GWm8Zu0+CganZUuY99e1sgsMbYoblmv73KGOBUEA=
Subject key identifier: 1E:7A:42:6C:FA:B6:7C:36:F7:31:58:D9:D8:89:77:AE:AF:0A:74:C1
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0186F49407432FE4457A985A304A4945D320
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/HnpCbPq2fDb3MVjZ2Il3rq8KdME.roa
Signing time: Sat 18 Mar 2023 11:56:27 +0000
ROA not before: Sat 18 Mar 2023 11:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204544
IP address blocks: 45.129.38.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.36.0/24 maxlen: 24
45.129.36.0/22 maxlen: 22
45.129.38.0/23 maxlen: 23
45.129.39.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
185.53.140.0/24 maxlen: 24
185.53.140.0/23 maxlen: 23
185.53.143.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:94:07:43:2f:e4:45:7a:98:5a:30:4a:49:45:d3:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Mar 18 11:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e7a426cfab67c36f73158d9d88977aeaf0a74c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:74:eb:9d:04:6a:0c:4b:44:46:90:b1:3c:6d:
51:c2:2a:89:00:63:41:53:4b:ae:f6:c3:99:b4:3a:
a8:75:3b:af:62:54:c0:96:c9:07:4a:9a:21:b4:fa:
86:98:c5:ea:9e:3c:d2:bc:3e:61:e5:e9:82:d8:d0:
ea:2d:2e:24:31:3f:4a:66:70:18:64:a5:2a:c4:08:
d3:aa:56:25:6e:eb:d3:a3:79:1e:1b:a3:ec:b0:31:
13:14:c6:07:dc:59:82:61:d5:34:80:bf:2c:4e:7e:
32:d0:0a:34:3e:fe:87:89:a5:fb:1b:1a:a1:c5:bb:
a5:8e:97:55:b9:5c:aa:0f:e9:37:04:4b:40:23:04:
eb:3e:19:34:0f:3e:f0:ae:56:e2:53:a0:50:9d:4f:
99:a2:18:f0:8e:21:e2:41:37:9a:e7:63:b4:90:e1:
51:8f:7d:64:8b:8f:bb:96:be:b0:e3:53:7d:34:7d:
56:a8:09:43:db:08:59:d0:5a:6c:fb:26:a7:08:f9:
e4:18:42:22:a6:e0:f2:9a:ca:4a:d4:5d:36:ea:76:
24:44:7b:de:74:fd:6d:e5:78:98:fb:05:e5:3c:1f:
e5:c1:c2:34:62:c8:bd:e3:57:7e:a6:16:46:84:43:
ff:0c:23:6f:1b:92:38:77:87:94:dd:ce:f9:25:b9:
22:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7A:42:6C:FA:B6:7C:36:F7:31:58:D9:D8:89:77:AE:AF:0A:74:C1
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/HnpCbPq2fDb3MVjZ2Il3rq8KdME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
Signature Algorithm: sha256WithRSAEncryption
58:52:27:12:94:05:3a:bb:66:5c:6f:c9:65:d9:92:5b:b5:c4:
96:39:95:c6:98:2a:c8:d1:e1:95:62:83:b1:11:32:22:84:85:
cd:bd:16:a5:56:17:a9:ec:e8:82:d4:2b:b8:56:9c:5e:b8:87:
36:bc:2c:04:a7:99:b1:c7:d3:07:38:b8:5f:be:7f:3e:01:c2:
95:25:27:a6:0d:91:10:e9:7b:a0:bf:de:ab:71:90:1a:a5:23:
46:54:4a:8f:2c:78:d7:dc:fc:02:af:72:2d:16:60:88:fc:69:
d0:7a:2a:4e:28:47:63:36:eb:33:28:bb:f8:14:ee:07:ca:e4:
82:32:9f:19:76:2b:5b:9b:20:de:3d:7a:12:44:fb:67:22:ca:
d8:49:c4:f8:56:fc:0f:bf:d4:ff:7e:84:ea:43:a7:5b:35:1b:
58:82:c4:a6:a5:9f:16:cb:da:af:50:23:94:58:03:a6:6c:fd:
8c:88:e0:03:0e:48:7f:50:58:5c:a3:47:1e:6d:55:6e:0c:74:
d3:fc:9e:08:ce:9d:e0:2e:c3:68:70:ae:c9:fc:20:37:40:50:
d5:20:6b:f8:6b:ce:89:6f:fd:02:02:41:2d:9c:68:ee:aa:c2:
74:ea:d1:48:58:c3:cb:35:4c:c6:c8:c4:c8:e0:bf:22:1d:e9:
f3:59:42:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYb0lAdDL+RFephaMEpJRdMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjMwMzE4MTE1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTdhNDI2Y2ZhYjY3YzM2ZjczMTU4ZDlkODg5NzdhZWFmMGE3NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXTrnQRqDEtERpCxPG1RwiqJAGNB
U0uu9sOZtDqodTuvYlTAlskHSpohtPqGmMXqnjzSvD5h5emC2NDqLS4kMT9KZnAY
ZKUqxAjTqlYlbuvTo3keG6PssDETFMYH3FmCYdU0gL8sTn4y0Ao0Pv6HiaX7Gxqh
xbuljpdVuVyqD+k3BEtAIwTrPhk0Dz7wrlbiU6BQnU+ZohjwjiHiQTea52O0kOFR
j31ki4+7lr6w41N9NH1WqAlD2whZ0Fps+yanCPnkGEIipuDymspK1F026nYkRHve
dP1t5XiY+wXlPB/lwcI0Ysi941d+phZGhEP/DCNvG5I4d4eU3c75JbkiVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB56Qmz6tnw29zFY2diJd66vCnTBMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvSG5wQ2JQcTJmRGIzTVZqWjJJbDNycThLZE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYEkAwQC
uTWMMA0GCSqGSIb3DQEBCwUAA4IBAQBYUicSlAU6u2Zcb8ll2ZJbtcSWOZXGmCrI
0eGVYoOxETIihIXNvRalVhep7OiC1Cu4VpxeuIc2vCwEp5mxx9MHOLhfvn8+AcKV
JSemDZEQ6Xugv96rcZAapSNGVEqPLHjX3PwCr3ItFmCI/GnQeipOKEdjNuszKLv4
FO4HyuSCMp8ZditbmyDePXoSRPtnIsrYScT4VvwPv9T/foTqQ6dbNRtYgsSmpZ8W
y9qvUCOUWAOmbP2MiOADDkh/UFhco0cebVVuDHTT/J4Izp3gLsNocK7J/CA3QFDV
IGv4a86Jb/0CAkEtnGjuqsJ06tFIWMPLNUzGyMTI4L8iHenzWULn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org