Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/hmHDNVxxeV_SfOY2spODRn3Mqq0.roa
File: hmHDNVxxeV_SfOY2spODRn3Mqq0.roa (raw, json)
Hash identifier: lRJc3VG7T69X3dmqINaT9vCwFWAYjF9zugK+hhn29ws=
Subject key identifier: 86:61:C3:35:5C:71:79:5F:D2:7C:E6:36:B2:93:83:46:7D:CC:AA:AD
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 01865F60FE8AA3CF4A0A15B5079F50A2F1B7
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/hmHDNVxxeV_SfOY2spODRn3Mqq0.roa
Signing time: Fri 17 Feb 2023 12:37:17 +0000
ROA not before: Fri 17 Feb 2023 12:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
185.45.180.0/22 maxlen: 24
193.161.254.0/23 maxlen: 23
193.105.151.0/24 maxlen: 24
91.221.146.0/23 maxlen: 24
193.164.2.0/24 maxlen: 24
193.164.2.0/23 maxlen: 23
193.148.6.0/23 maxlen: 24
185.183.112.0/22 maxlen: 22
185.183.112.0/24 maxlen: 24
185.183.113.0/24 maxlen: 24
45.137.178.0/23 maxlen: 23
45.137.176.0/23 maxlen: 23
45.137.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 20 Feb 2023 08:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:60:fe:8a:a3:cf:4a:0a:15:b5:07:9f:50:a2:f1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Feb 17 12:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8661c3355c71795fd27ce636b29383467dccaaad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:6f:a0:90:ea:b2:e4:63:32:93:a6:35:72:
c7:0e:57:c8:c3:06:db:71:ec:9b:f0:98:be:f1:11:
e6:fd:76:21:4b:fc:7d:06:09:1b:cd:36:14:d7:6c:
b8:4f:d5:bd:de:c8:a8:61:4c:8b:e1:22:2b:74:4b:
9b:e8:72:36:fb:74:68:b2:46:e1:1c:0c:1d:7a:56:
70:6f:e5:2b:a2:e3:05:d4:d8:72:0e:4a:db:af:e4:
08:a2:bd:df:d8:18:7c:44:a8:42:8d:de:65:03:7d:
b1:00:b1:2b:32:92:34:81:88:e0:9c:27:bc:04:d1:
af:05:49:54:3c:16:37:cb:8d:b9:d1:7b:ba:7e:8d:
47:b2:80:f7:e8:6d:11:32:e8:c1:83:bc:38:1d:13:
f1:c7:0a:48:74:86:55:25:9f:27:ef:58:a2:c3:f5:
7e:28:1a:80:52:e4:32:6e:e1:17:13:7a:e0:bd:91:
ea:d1:04:ca:e0:87:5c:f9:47:bc:db:75:1a:c6:eb:
ea:29:72:23:43:6a:f5:68:08:1b:67:d7:fb:9e:15:
ce:74:6f:27:a1:ad:42:86:7c:1f:b2:91:05:7a:06:
d3:90:a3:63:f3:62:c6:1b:69:d6:31:57:3f:aa:89:
a0:54:da:38:f1:5e:78:71:0e:93:81:10:9d:be:8b:
c9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:C3:35:5C:71:79:5F:D2:7C:E6:36:B2:93:83:46:7D:CC:AA:AD
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/hmHDNVxxeV_SfOY2spODRn3Mqq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.176.0/22
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.105.151.0/24
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
Signature Algorithm: sha256WithRSAEncryption
13:d3:e2:8e:61:f2:45:67:f5:cf:dc:ed:e8:b6:49:9e:f4:9a:
64:c2:2e:d7:76:5f:45:45:8a:af:8b:61:1f:de:2d:eb:7d:6b:
07:34:ed:4b:0d:b6:a9:56:f5:b7:93:a2:2d:91:23:b5:f3:29:
dc:79:42:15:b2:16:39:8a:61:45:f4:c9:90:95:7f:86:03:df:
d3:82:6f:e0:e8:83:ab:70:84:8f:81:cb:dd:91:f8:0d:a0:5b:
78:f6:29:96:34:ee:e5:7d:5d:f9:5b:95:b5:52:74:f4:28:02:
3d:3f:e3:7a:9f:bb:c9:51:7a:12:86:82:f4:ed:6e:f9:ce:8f:
4b:ca:ae:66:4f:a2:4b:15:14:c3:e8:65:ba:7f:13:7d:c7:e1:
a6:2b:be:24:b7:50:ce:5b:13:eb:e8:88:79:24:d8:4b:32:8a:
b0:8d:fc:66:a9:97:3f:ab:53:91:54:b9:c9:13:16:0e:f9:44:
02:f8:1d:f2:dd:08:da:16:d6:ee:63:d8:60:85:d2:ad:8c:ae:
d8:5c:1f:18:10:93:29:6f:ba:b6:e7:30:11:f6:fb:5c:d4:9c:
9e:29:e5:9a:ce:3f:d9:df:30:a6:ea:f4:62:c6:87:af:26:9f:
5f:b9:26:c5:6a:9f:94:6f:ba:1d:df:6d:dd:11:e0:39:93:1b:
a7:10:62:3a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYZfYP6Ko89KChW1B59QovG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjMwMjE3MTIzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYxYzMzNTVjNzE3OTVmZDI3Y2U2MzZiMjkzODM0NjdkY2NhYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsExvoJDqsuRjMpOmNXLHDlfIwwbb
ceyb8Ji+8RHm/XYhS/x9BgkbzTYU12y4T9W93sioYUyL4SIrdEub6HI2+3Roskbh
HAwdelZwb+UrouMF1NhyDkrbr+QIor3f2Bh8RKhCjd5lA32xALErMpI0gYjgnCe8
BNGvBUlUPBY3y4250Xu6fo1HsoD36G0RMujBg7w4HRPxxwpIdIZVJZ8n71iiw/V+
KBqAUuQybuEXE3rgvZHq0QTK4Idc+Ue823UaxuvqKXIjQ2r1aAgbZ9f7nhXOdG8n
oa1ChnwfspEFegbTkKNj82LGG2nWMVc/qomgVNo48V54cQ6TgRCdvovJMQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIZhwzVccXlf0nzmNrKTg0Z9zKqtMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL2htSEROVnh4ZVZfU2ZPWTJzcE9EUm4zTXFxMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAItibAD
BAFb3ZIDBAK5LbQDBAK5t3ADBADBaZcDBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIw
DQYJKoZIhvcNAQELBQADggEBABPT4o5h8kVn9c/c7ei2SZ70mmTCLtd2X0VFiq+L
YR/eLet9awc07UsNtqlW9beToi2RI7XzKdx5QhWyFjmKYUX0yZCVf4YD39OCb+Do
g6twhI+By92R+A2gW3j2KZY07uV9XflblbVSdPQoAj0/43qfu8lRehKGgvTtbvnO
j0vKrmZPoksVFMPoZbp/E33H4aYrviS3UM5bE+voiHkk2EsyirCN/Gaplz+rU5FU
uckTFg75RAL4HfLdCNoW1u5j2GCF0q2MrthcHxgQkylvurbnMBH2+1zUnJ4p5ZrO
P9nfMKbq9GLGh68mn1+5JsVqn5Rvuh3fbd0R4DmTG6cQYjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:12 2024 by rpki-client on console-fra.rpki-client.org