Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/hnVVPdr-M1_0jdlrvhHldbJEMkQ.roa
File: hnVVPdr-M1_0jdlrvhHldbJEMkQ.roa (raw, json)
Hash identifier: Iv066u+eN+X1bPpmBfLoqX6id3SvDZ5K9qyWw5J3E8k=
Subject key identifier: 86:75:55:3D:DA:FE:33:5F:F4:8D:D9:6B:BE:11:E5:75:B2:44:32:44
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 0192293CE28A85C3D1258AB95D609F46865F
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/hnVVPdr-M1_0jdlrvhHldbJEMkQ.roa
Signing time: Wed 25 Sep 2024 12:51:48 +0000
ROA not before: Wed 25 Sep 2024 12:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
94.124.88.0/21 maxlen: 24
185.94.168.0/24 maxlen: 24
185.103.16.0/22 maxlen: 24
194.50.163.0/24 maxlen: 24
195.216.246.0/24 maxlen: 24
213.132.192.0/19 maxlen: 24
2a00:1bd0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 26 Sep 2024 19:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:3c:e2:8a:85:c3:d1:25:8a:b9:5d:60:9f:46:86:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Sep 25 12:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8675553ddafe335ff48dd96bbe11e575b2443244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:3e:ae:97:0f:f6:27:c2:28:9f:9a:40:5c:
b4:aa:6d:53:fb:1a:de:8d:e6:bb:9b:bf:cc:67:96:
d4:02:4f:f2:23:92:f1:08:e4:40:e6:f4:be:a5:42:
54:a4:1b:77:94:76:5d:ba:de:88:fa:5a:21:8d:d4:
bf:54:2f:3d:fd:68:6c:98:1d:18:b5:37:23:95:f0:
96:85:19:a9:7b:00:0f:10:d7:73:01:ac:3e:d6:a9:
ac:1e:a2:df:9b:be:50:23:52:e0:43:fc:31:92:87:
bb:ec:10:ff:22:26:55:7c:e5:59:38:8c:3b:8c:fb:
93:62:91:9f:f3:af:22:b4:90:42:e9:fb:2c:57:87:
95:65:99:b7:d2:f0:27:4b:a6:3a:0c:33:60:f3:b4:
4b:cf:af:32:4d:d7:65:0a:3e:14:6e:84:e7:5b:f5:
f4:c8:4f:0d:15:77:27:18:32:07:fe:b2:28:1f:61:
be:61:b7:e6:a8:30:f2:fc:a7:15:6d:c4:90:d0:ec:
90:6f:e3:f9:bc:80:a3:0c:d1:3e:a9:ee:1c:d5:b6:
90:2f:59:8c:d5:d9:3c:25:f8:65:7a:fe:b2:83:d0:
65:5b:bf:6e:84:74:01:ed:f6:91:88:42:8d:05:01:
42:68:34:fa:48:79:b3:3f:87:4d:31:3f:a9:18:ad:
4e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:75:55:3D:DA:FE:33:5F:F4:8D:D9:6B:BE:11:E5:75:B2:44:32:44
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/hnVVPdr-M1_0jdlrvhHldbJEMkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
195.216.246.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/29
Signature Algorithm: sha256WithRSAEncryption
85:87:00:79:53:0b:f7:ba:69:41:4f:2d:f9:e3:6b:27:35:ea:
b5:88:9c:a8:80:60:41:78:cd:e6:4f:20:33:9d:59:ef:d2:3f:
cd:61:1b:d6:00:10:7c:38:51:66:fb:d2:b2:85:4f:e8:b3:df:
dc:7c:c7:ab:f9:14:2d:30:a0:27:c6:ec:ef:c9:e3:9a:a1:aa:
e3:48:db:ce:9d:8c:43:92:58:7c:4b:ec:01:7c:4f:d3:20:dd:
08:79:53:bb:cb:46:ed:11:e6:ca:85:af:0c:f6:54:e7:fb:75:
6f:ae:2b:f0:28:09:a9:02:fe:45:6d:49:a4:56:f7:a5:fe:eb:
d2:1f:35:4d:30:15:bc:1b:94:46:4e:3b:7f:64:8d:23:89:e1:
c5:8d:cc:88:71:3d:3b:5e:06:18:ca:67:1c:ab:3d:ff:90:bb:
15:81:c4:3f:91:09:43:4a:20:37:38:25:cf:8f:1e:8d:a3:6e:
0b:9a:85:4a:7f:e6:b5:d3:4d:c7:fe:c8:e4:bf:37:17:50:b8:
7c:69:d5:17:fc:16:0e:cc:f3:41:3c:9b:e7:34:e5:b2:8f:47:
d7:bc:69:d5:69:d5:22:91:a6:82:1d:0a:f8:e1:d9:d9:50:4f:
6f:fd:04:cf:aa:e0:26:8c:a1:1b:52:dc:e8:36:71:57:a0:14:
23:56:a0:c2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZIpPOKKhcPRJYq5XWCfRoZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjQwOTI1MTI1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njc1NTUzZGRhZmUzMzVmZjQ4ZGQ5NmJiZTExZTU3NWIyNDQzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZI+rpcP9ifCKJ+aQFy0qm1T+xre
jea7m7/MZ5bUAk/yI5LxCORA5vS+pUJUpBt3lHZdut6I+lohjdS/VC89/WhsmB0Y
tTcjlfCWhRmpewAPENdzAaw+1qmsHqLfm75QI1LgQ/wxkoe77BD/IiZVfOVZOIw7
jPuTYpGf868itJBC6fssV4eVZZm30vAnS6Y6DDNg87RLz68yTddlCj4UboTnW/X0
yE8NFXcnGDIH/rIoH2G+YbfmqDDy/KcVbcSQ0OyQb+P5vICjDNE+qe4c1baQL1mM
1dk8Jfhlev6yg9BlW79uhHQB7faRiEKNBQFCaDT6SHmzP4dNMT+pGK1OFwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIZ1VT3a/jNf9I3Za74R5XWyRDJEMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvaG5WVlBkci1NMV8wamRscnZoSGxkYkpFTWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjAwQAw9j2AwQF1YTAMA0E
AgACMAcDBQMqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQCFhwB5Uwv3umlBTy3542sn
Neq1iJyogGBBeM3mTyAznVnv0j/NYRvWABB8OFFm+9KyhU/os9/cfMer+RQtMKAn
xuzvyeOaoarjSNvOnYxDklh8S+wBfE/TIN0IeVO7y0btEebKha8M9lTn+3Vvrivw
KAmpAv5FbUmkVvel/uvSHzVNMBW8G5RGTjt/ZI0jieHFjcyIcT07XgYYymccqz3/
kLsVgcQ/kQlDSiA3OCXPjx6No24LmoVKf+a1003H/sjkvzcXULh8adUX/BYOzPNB
PJvnNOWyj0fXvGnVadUikaaCHQr44dnZUE9v/QTPquAmjKEbUtzoNnFXoBQjVqDC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:15 2025 by rpki-client