Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/Hjb4RnRi5ieMG5CSdn3a-epdzCc.roa
File: Hjb4RnRi5ieMG5CSdn3a-epdzCc.roa (raw, json)
Hash identifier: D8/Jc20rCuG93O0JyKLM9OuwNhVnB+KaSB8hwHXHuNc=
Subject key identifier: 1E:36:F8:46:74:62:E6:27:8C:1B:90:92:76:7D:DA:F9:EA:5D:CC:27
Certificate issuer: /CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Certificate serial: 0191C374931B4BF8AA26133956989CD7122E
Authority key identifier: C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/Hjb4RnRi5ieMG5CSdn3a-epdzCc.roa
Signing time: Thu 05 Sep 2024 18:31:22 +0000
ROA not before: Thu 05 Sep 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.233.0/24 maxlen: 24
5.183.208.0/24 maxlen: 24
93.92.116.0/22 maxlen: 22
94.176.100.0/22 maxlen: 22
185.35.232.0/22 maxlen: 22
185.67.120.0/24 maxlen: 24
185.107.24.0/22 maxlen: 22
185.125.36.0/22 maxlen: 22
185.224.116.0/22 maxlen: 22
193.32.11.0/24 maxlen: 24
193.124.76.0/22 maxlen: 22
193.124.144.0/21 maxlen: 21
194.135.200.0/21 maxlen: 21
195.216.136.0/22 maxlen: 22
2a04:65c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 06 Sep 2024 14:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:74:93:1b:4b:f8:aa:26:13:39:56:98:9c:d7:12:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Validity
Not Before: Sep 5 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e36f8467462e6278c1b9092767ddaf9ea5dcc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c2:47:29:f5:fe:0d:19:9c:23:34:b6:f1:29:
d5:2f:82:63:9c:3c:b8:f3:47:86:65:1e:cd:ef:dc:
93:83:b1:f5:82:67:ec:3c:58:24:79:6e:89:f8:da:
69:d1:39:4b:ae:fc:2e:9e:67:07:80:6f:46:f1:08:
cd:19:a0:79:8f:9a:12:ea:8d:ac:39:2b:dd:d2:ca:
d2:e6:49:ea:7d:40:78:eb:f2:dc:f1:e8:e4:90:be:
99:17:a0:76:12:a7:b7:4f:f0:c2:53:9c:0a:9d:75:
f1:54:df:77:2e:b5:87:cc:0b:80:ed:7c:c3:8b:f2:
51:9c:b8:16:52:3b:de:a8:c1:fe:56:43:57:f4:0a:
1b:6d:b0:98:20:d1:0f:d0:b1:59:43:9a:71:51:6b:
92:f2:12:4c:d1:ca:4e:23:06:ac:89:f3:82:c6:54:
a8:f5:19:60:f1:75:92:8c:8a:2e:e5:ad:79:3f:89:
8b:06:5d:8d:28:20:46:1f:12:e5:8f:1c:99:ae:7b:
fd:b9:6e:53:57:e0:3f:dc:7c:90:93:82:0b:c1:6b:
ad:62:02:b2:d5:03:67:d5:56:36:4b:ea:e0:51:f6:
19:a8:2f:ba:40:61:5f:45:34:b3:1d:fd:0c:6a:ff:
de:63:f5:08:68:68:2e:0d:e0:6c:af:77:5d:62:56:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:36:F8:46:74:62:E6:27:8C:1B:90:92:76:7D:DA:F9:EA:5D:CC:27
X509v3 Authority Key Identifier:
keyid:C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/Hjb4RnRi5ieMG5CSdn3a-epdzCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.233.0/24
5.183.208.0/24
93.92.116.0/22
94.176.100.0/22
185.35.232.0/22
185.67.120.0/24
185.107.24.0/22
185.125.36.0/22
185.224.116.0/22
193.32.11.0/24
193.124.76.0/22
193.124.144.0/21
194.135.200.0/21
195.216.136.0/22
IPv6:
2a04:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:5f:7e:d5:d1:7b:99:47:83:e9:95:a4:c8:cd:03:d1:9c:fa:
67:01:a0:a6:fe:a3:d5:6a:a5:eb:c4:20:3b:d6:c5:63:ef:69:
76:94:f8:11:88:72:b5:d7:37:97:1c:9e:4a:a5:f9:31:09:5e:
84:20:d1:5c:91:ec:56:e8:bf:09:94:5e:98:d8:56:a4:f1:3e:
35:7b:4a:bf:fc:10:62:4c:77:82:f3:f7:93:92:20:60:f6:32:
98:41:10:34:20:57:19:29:6c:ee:0a:fa:b7:1b:81:85:49:9a:
d1:c9:53:c3:cf:f1:93:9e:32:91:46:e2:d6:66:40:d4:cc:cb:
08:df:3c:d7:f8:f7:25:92:56:10:7b:14:53:66:2b:79:2f:a2:
56:b9:92:df:b8:36:fa:b8:79:67:57:74:33:20:ea:30:75:b8:
f4:a3:10:e2:43:f0:3e:12:2f:40:6f:3e:24:6e:e8:ab:a5:da:
48:f4:4b:79:d0:8e:8a:1f:4a:2a:23:fb:bb:ef:e6:1f:b0:77:
99:1e:6d:b3:d8:af:fa:58:67:c6:4f:b7:f3:39:bc:f3:5c:77:
e8:0b:66:61:47:b0:98:f9:3e:d9:d3:a9:90:11:af:b9:48:7a:
e8:04:ac:89:48:18:1f:dd:bf:b9:a2:e9:5b:7d:83:17:08:10:
75:e5:77:30
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZHDdJMbS/iqJhM5Vpic1xIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGNhMDg1NTE3OGEwY2RkNzE5MTRiY2YyMjNhYTMxYWY2
MzY5YTQwHhcNMjQwOTA1MTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM2Zjg0Njc0NjJlNjI3OGMxYjkwOTI3NjdkZGFmOWVhNWRjYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8JHKfX+DRmcIzS28SnVL4JjnDy4
80eGZR7N79yTg7H1gmfsPFgkeW6J+Npp0TlLrvwunmcHgG9G8QjNGaB5j5oS6o2s
OSvd0srS5knqfUB46/Lc8ejkkL6ZF6B2Eqe3T/DCU5wKnXXxVN93LrWHzAuA7XzD
i/JRnLgWUjveqMH+VkNX9AobbbCYINEP0LFZQ5pxUWuS8hJM0cpOIwasifOCxlSo
9Rlg8XWSjIou5a15P4mLBl2NKCBGHxLljxyZrnv9uW5TV+A/3HyQk4ILwWutYgKy
1QNn1VY2S+rgUfYZqC+6QGFfRTSzHf0Mav/eY/UIaGguDeBsr3ddYlZBXwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFB42+EZ0YuYnjBuQknZ92vnqXcwnMB8GA1UdIwQY
MBaAFMdMoIVReKDN1xkUvPIjqjGvY2mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQt
ZGVkZDM1MjkzMjMwLzEvSGpiNFJuUmk1aWVNRzVDU2RuM2EtZXBkekNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQtZGVkZDM1MjkzMjMw
LzEveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQABZrpAwQA
BbfQAwQCXVx0AwQCXrBkAwQCuSPoAwQAuUN4AwQCuWsYAwQCuX0kAwQCueB0AwQA
wSALAwQCwXxMAwQDwXyQAwQDwofIAwQCw9iIMA0EAgACMAcDBQMqBGXAMA0GCSqG
SIb3DQEBCwUAA4IBAQArX37V0XuZR4PplaTIzQPRnPpnAaCm/qPVaqXrxCA71sVj
72l2lPgRiHK11zeXHJ5KpfkxCV6EINFckexW6L8JlF6Y2Fak8T41e0q//BBiTHeC
8/eTkiBg9jKYQRA0IFcZKWzuCvq3G4GFSZrRyVPDz/GTnjKRRuLWZkDUzMsI3zzX
+PclklYQexRTZit5L6JWuZLfuDb6uHlnV3QzIOowdbj0oxDiQ/A+Ei9Abz4kbuir
pdpI9Et50I6KH0oqI/u77+YfsHeZHm2z2K/6WGfGT7fzObzzXHfoC2ZhR7CY+T7Z
06mQEa+5SHroBKyJSBgf3b+5oulbfYMXCBB15Xcw
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:58:48 2025 by rpki-client