Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mHbfVysPYb41h4gVZihX1O66Tgk.roa
File: mHbfVysPYb41h4gVZihX1O66Tgk.roa (raw, json)
Hash identifier: 7jkiAGt0QgZ1VC4M+Kt3QHXSC3PqLOfbUHd/L2P7RB0=
Subject key identifier: 98:76:DF:57:2B:0F:61:BE:35:87:88:15:66:28:57:D4:EE:BA:4E:09
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AB7F983A0BFCE63C5C781021CFDE0AC0D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mHbfVysPYb41h4gVZihX1O66Tgk.roa
Signing time: Thu 21 Sep 2023 13:41:37 +0000
ROA not before: Thu 21 Sep 2023 13:41:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.227.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.40.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 07:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:f9:83:a0:bf:ce:63:c5:c7:81:02:1c:fd:e0:ac:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 21 13:41:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9876df572b0f61be35878815662857d4eeba4e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:09:2b:c1:26:b5:6d:39:7e:92:b0:15:51:8f:
6d:8c:10:b0:ed:bd:9d:d1:69:27:57:ac:b5:a7:6a:
b3:c2:9d:f9:b8:c3:c5:2a:85:55:df:90:03:ba:b3:
e2:f8:92:87:d0:e4:40:07:1e:ac:59:ab:9f:8d:cf:
db:35:13:32:77:01:b1:93:aa:4f:ce:b3:e8:7e:a0:
32:64:9f:ff:bb:6e:31:d5:b3:38:d2:86:b6:5a:21:
2d:bc:4c:04:dd:f3:b1:2f:79:78:66:8a:4d:53:18:
bd:16:7b:cc:43:cc:66:d8:1f:d0:18:91:7e:2f:1d:
0a:64:63:68:fd:fb:51:f2:d0:d4:39:ee:8e:b7:ce:
5b:90:bc:c2:45:b5:56:39:05:ec:a5:2f:3d:20:35:
fd:86:be:a1:e9:2c:c6:cd:e2:e9:1b:69:f9:ae:c2:
b4:59:c0:5c:b4:cb:24:f3:2b:37:35:e8:1c:b2:8b:
cd:28:c2:3d:b8:83:47:8e:70:70:64:ac:44:a7:17:
4e:66:6b:be:c2:37:25:f1:e7:fc:47:78:63:c7:85:
86:47:42:49:ab:90:81:96:a8:96:c2:f9:0b:4e:6a:
b3:74:09:71:72:41:12:91:fc:6a:8f:02:fd:4f:42:
c5:d6:b5:0d:6f:bb:c2:f2:63:e7:a9:44:e5:81:ed:
19:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:76:DF:57:2B:0F:61:BE:35:87:88:15:66:28:57:D4:EE:BA:4E:09
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mHbfVysPYb41h4gVZihX1O66Tgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.136.0/22
82.153.227.0/24
89.213.40.0/22
89.213.145.0-89.213.146.255
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
46:04:d6:7a:f4:5e:ed:8c:b9:e2:f9:13:44:52:a9:78:c7:22:
48:70:73:d3:0c:5e:a1:ce:92:ef:83:09:a8:b8:45:58:4f:9a:
4e:d6:c2:30:e5:dd:76:b3:14:e0:61:65:28:fb:d6:64:5f:d2:
58:fc:5f:d4:6b:19:b7:6b:e7:6c:b0:4f:1d:98:64:d6:c7:b9:
a2:5e:9a:88:7a:cf:81:72:5d:b1:83:73:af:b3:21:9a:c2:be:
40:50:f3:46:66:51:06:06:c0:39:61:1d:b8:df:1c:00:6f:d1:
82:fd:6c:b3:a3:36:29:63:ed:3b:04:e1:56:b5:d5:b3:ee:63:
93:53:a9:b0:40:b8:e0:4a:ed:97:c1:b9:78:9e:de:29:ed:4d:
ab:18:9a:72:57:55:d4:45:b2:8e:43:7e:dd:13:a6:6e:d8:61:
a1:35:c6:b9:65:0c:03:45:61:33:71:91:22:a9:a2:ac:2d:57:
29:bd:13:66:18:22:80:cc:6c:db:b5:72:e5:c4:5f:0e:6f:82:
b7:af:04:59:d9:5b:11:fd:7a:f5:9a:d8:f3:35:c2:a2:a8:0c:
a2:a3:89:79:02:de:cd:06:67:ee:3a:2f:a9:37:7b:14:07:9c:
fc:00:33:b1:59:64:4a:e9:7a:89:a5:9d:3d:cc:8b:4b:7a:9d:
62:8d:84:7a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYq3+YOgv85jxceBAhz94KwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTIxMTM0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc2ZGY1NzJiMGY2MWJlMzU4Nzg4MTU2NjI4NTdkNGVlYmE0ZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggkrwSa1bTl+krAVUY9tjBCw7b2d
0WknV6y1p2qzwp35uMPFKoVV35ADurPi+JKH0ORABx6sWaufjc/bNRMydwGxk6pP
zrPofqAyZJ//u24x1bM40oa2WiEtvEwE3fOxL3l4ZopNUxi9FnvMQ8xm2B/QGJF+
Lx0KZGNo/ftR8tDUOe6Ot85bkLzCRbVWOQXspS89IDX9hr6h6SzGzeLpG2n5rsK0
WcBctMsk8ys3NegcsovNKMI9uINHjnBwZKxEpxdOZmu+wjcl8ef8R3hjx4WGR0JJ
q5CBlqiWwvkLTmqzdAlxckESkfxqjwL9T0LF1rUNb7vC8mPnqUTlge0ZsQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJh231crD2G+NYeIFWYoV9Tuuk4JMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbUhiZlZ5c1BZYjQxaDRnVlppaFgxTzY2VGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
Uah7AwQCUpmIAwQAUpnjAwQCWdUoMAwDBABZ1ZEDBABZ1ZIDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAEYE1nr0Xu2MueL5E0RSqXjHIkhwc9MMXqHOku+D
Cai4RVhPmk7WwjDl3XazFOBhZSj71mRf0lj8X9RrGbdr52ywTx2YZNbHuaJemoh6
z4FyXbGDc6+zIZrCvkBQ80ZmUQYGwDlhHbjfHABv0YL9bLOjNilj7TsE4Va11bPu
Y5NTqbBAuOBK7ZfBuXie3intTasYmnJXVdRFso5Dft0Tpm7YYaE1xrllDANFYTNx
kSKpoqwtVym9E2YYIoDMbNu1cuXEXw5vgrevBFnZWxH9evWa2PM1wqKoDKKjiXkC
3s0GZ+46L6k3exQHnPwAM7FZZErpeomlnT3Mi0t6nWKNhHo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org