Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HuKyBH4tLddPQNUjbp_OhxyKBhs.roa
File: HuKyBH4tLddPQNUjbp_OhxyKBhs.roa (raw, json)
Hash identifier: FEcoWKqXizdKfoc/NhWbve0LatuWNnCKBYS7O/GVbyM=
Subject key identifier: 1E:E2:B2:04:7E:2D:2D:D7:4F:40:D5:23:6E:9F:CE:87:1C:8A:06:1B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01947F8CE1AD3F656BAB0CC7E31675FA9E5E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HuKyBH4tLddPQNUjbp_OhxyKBhs.roa
Signing time: Sun 19 Jan 2025 17:12:06 +0000
ROA not before: Sun 19 Jan 2025 17:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.34.101.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 22 Jan 2025 05:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:8c:e1:ad:3f:65:6b:ab:0c:c7:e3:16:75:fa:9e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 19 17:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ee2b2047e2d2dd74f40d5236e9fce871c8a061b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:80:49:0e:dd:16:25:04:ae:79:97:e6:5b:
89:46:3a:0b:f2:ab:66:41:50:2c:0e:92:f0:81:57:
00:ff:f3:7a:99:28:20:19:71:56:b8:38:70:20:6d:
5b:e9:8c:85:e3:5c:90:5f:74:69:e5:87:5c:de:c0:
ab:5d:01:68:e2:9d:05:76:df:5e:e7:98:9f:8f:11:
14:53:13:7e:e1:6e:09:03:ef:bb:d1:fe:df:37:2b:
16:32:3f:30:2c:e6:3d:ea:29:e1:7b:d5:dc:dc:99:
83:66:bb:d0:24:e4:ac:e8:93:41:9c:29:39:b6:4d:
30:07:57:53:61:cf:7a:79:8d:4d:6a:48:b9:71:41:
cc:77:66:e7:40:de:ea:b4:fb:04:ca:4a:f6:63:24:
41:3b:34:0a:e4:fe:49:af:92:f8:1e:d9:d9:fc:b4:
56:df:b0:92:e4:76:a2:cb:97:5c:99:38:6c:10:84:
f1:fb:94:ef:dc:c7:38:ae:3a:a7:08:c7:7b:ce:16:
1c:fe:49:88:6a:eb:0c:56:17:d7:16:d5:71:bd:05:
de:15:0d:4f:b9:5a:8b:bb:15:6f:f1:52:1a:69:fb:
f9:fb:90:18:2a:3a:5b:c0:49:d0:fb:22:22:a5:04:
9b:56:ac:bb:4f:31:de:2d:c5:aa:47:60:57:ae:f7:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E2:B2:04:7E:2D:2D:D7:4F:40:D5:23:6E:9F:CE:87:1C:8A:06:1B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HuKyBH4tLddPQNUjbp_OhxyKBhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
185.34.101.0/24
185.254.66.0/24
195.88.89.0/24
212.192.11.0/24
212.192.16.0/22
Signature Algorithm: sha256WithRSAEncryption
25:52:e6:83:96:36:43:32:4a:46:3e:e7:59:57:c3:1a:85:94:
82:a2:d6:39:b4:69:fd:eb:d4:58:a8:bc:84:5c:3a:ab:f3:07:
9e:60:9c:34:7f:6a:02:30:b0:83:37:7c:67:c5:2f:95:e2:f1:
ef:87:c9:3c:c2:9b:44:ce:1f:fb:38:e8:bd:c7:a1:25:54:40:
f1:f8:ac:ca:4f:fe:45:a5:33:90:f4:ff:36:33:04:ac:19:90:
93:b1:11:6f:da:88:61:e7:5f:63:cb:0d:c1:b7:dd:b0:99:38:
a3:85:6f:17:08:a9:c1:4d:b8:c1:49:e2:c9:2f:3a:78:d5:9f:
0f:5a:75:5a:17:0f:0c:a8:e7:55:80:b8:41:22:72:d6:91:3b:
cf:1a:09:82:60:be:6b:79:07:bd:5c:29:20:19:f9:79:e2:8b:
b4:b8:f5:d9:b6:68:c2:9a:52:55:95:90:72:e1:19:80:70:73:
d4:41:9f:8a:88:65:24:f2:ab:ad:00:f5:ad:42:6c:40:30:7e:
23:6d:ad:65:48:05:85:5c:fc:9c:3c:2d:e3:2a:1c:31:cd:72:
c1:86:62:16:97:99:db:c2:65:8b:fd:7c:e2:36:e7:f7:1a:d6:
d9:e9:88:51:3d:c4:e6:53:6d:01:73:c0:2d:4c:13:a2:bd:27:
66:0c:87:52
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZR/jOGtP2VrqwzH4xZ1+p5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTE5MTcxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUyYjIwNDdlMmQyZGQ3NGY0MGQ1MjM2ZTlmY2U4NzFjOGEwNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S+ASQ7dFiUErnmX5luJRjoL8qtm
QVAsDpLwgVcA//N6mSggGXFWuDhwIG1b6YyF41yQX3Rp5Ydc3sCrXQFo4p0Fdt9e
55ifjxEUUxN+4W4JA++70f7fNysWMj8wLOY96inhe9Xc3JmDZrvQJOSs6JNBnCk5
tk0wB1dTYc96eY1Naki5cUHMd2bnQN7qtPsEykr2YyRBOzQK5P5Jr5L4HtnZ/LRW
37CS5Haiy5dcmThsEITx+5Tv3Mc4rjqnCMd7zhYc/kmIausMVhfXFtVxvQXeFQ1P
uVqLuxVv8VIaafv5+5AYKjpbwEnQ+yIipQSbVqy7TzHeLcWqR2BXrverVwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB7isgR+LS3XT0DVI26fzoccigYbMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSHVLeUJINHRMZGRQUU5VamJwX09oeHlLQmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAXXK3AwQAuSJlAwQAuf5CAwQAw1hZAwQA1MALAwQC1MAQMA0GCSqGSIb3
DQEBCwUAA4IBAQAlUuaDljZDMkpGPudZV8MahZSCotY5tGn969RYqLyEXDqr8wee
YJw0f2oCMLCDN3xnxS+V4vHvh8k8wptEzh/7OOi9x6ElVEDx+KzKT/5FpTOQ9P82
MwSsGZCTsRFv2ohh519jyw3Bt92wmTijhW8XCKnBTbjBSeLJLzp41Z8PWnVaFw8M
qOdVgLhBInLWkTvPGgmCYL5reQe9XCkgGfl54ou0uPXZtmjCmlJVlZBy4RmAcHPU
QZ+KiGUk8qutAPWtQmxAMH4jba1lSAWFXPycPC3jKhwxzXLBhmIWl5nbwmWL/Xzi
Nuf3GtbZ6YhRPcTmU20Bc8AtTBOivSdmDIdS
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:22 2025 by rpki-client