Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/HV8hB0n6T3_0ySCSoDLVvcwCIEI.roa
File: HV8hB0n6T3_0ySCSoDLVvcwCIEI.roa (raw, json)
Hash identifier: wUuBqR5JIAjUH26kD5zVLtZ4L+JGYZwmetX1zTZ4F8k=
Subject key identifier: 1D:5F:21:07:49:FA:4F:7F:F4:C9:20:92:A0:32:D5:BD:CC:02:20:42
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018D347D6D89ECE433D12937EC51C09DC668
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/HV8hB0n6T3_0ySCSoDLVvcwCIEI.roa
Signing time: Tue 23 Jan 2024 04:04:11 +0000
ROA not before: Tue 23 Jan 2024 04:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.172.0/22 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.243.49.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 19:38:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:34:7d:6d:89:ec:e4:33:d1:29:37:ec:51:c0:9d:c6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 23 04:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d5f210749fa4f7ff4c92092a032d5bdcc022042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:38:e6:96:50:fe:57:50:ff:88:35:46:19:
6a:7a:0d:09:a9:df:dd:cf:72:61:e8:b3:ee:9e:99:
a7:84:71:37:c2:75:b5:8b:50:12:0d:c4:b8:56:c6:
33:75:ba:2a:6b:84:a6:35:30:b8:c8:5d:82:c8:8e:
4d:49:ad:27:54:a7:2e:f3:3d:15:8a:f2:b0:4a:91:
7a:f8:12:57:79:1d:04:12:5f:18:86:f3:7b:3f:d8:
b6:44:78:fc:0f:c6:c3:33:32:47:33:c0:5f:70:b8:
89:b0:9b:b8:fe:b1:e3:d4:13:53:95:31:58:b0:c2:
6a:a4:61:c6:09:2e:2e:b5:d9:7b:a7:9e:fd:f9:81:
38:06:1a:80:34:c9:ec:8c:d3:c7:7c:78:63:90:5a:
1c:0c:e8:b4:01:72:ca:2f:af:38:70:bc:c0:fb:30:
8b:cb:c3:5a:d4:97:1e:83:83:fd:b8:b0:d1:d4:b7:
e3:f4:0a:70:56:6f:bc:bb:7d:bd:43:3b:67:be:99:
b4:4f:9d:01:3d:42:c1:5a:88:b7:e5:b3:ec:49:24:
69:55:d7:ac:38:2e:e4:3b:33:dd:05:d9:f0:29:eb:
b2:bf:d4:be:5a:92:9e:8e:19:f1:d6:75:e4:2b:c9:
0c:7b:6e:8c:4a:96:68:6b:8f:15:9e:a5:33:1a:fb:
aa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5F:21:07:49:FA:4F:7F:F4:C9:20:92:A0:32:D5:BD:CC:02:20:42
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/HV8hB0n6T3_0ySCSoDLVvcwCIEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.212.48.0/24
185.243.49.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
43:be:2f:b1:98:64:38:4b:7a:f5:e8:f2:90:02:38:cd:90:2d:
cb:e0:0c:46:3c:99:67:ac:c8:d2:43:cd:21:30:61:4a:90:90:
cd:ab:ee:a4:7a:9a:f7:4a:4f:23:6a:61:bf:79:94:b0:80:65:
25:df:2e:2c:4a:87:e4:3a:e0:ab:6f:a9:d4:d5:b5:f1:a1:ef:
9a:4e:1c:df:5f:b4:69:10:95:79:ee:be:92:6c:6f:e0:00:f1:
df:1c:46:7c:45:25:91:b9:e6:0c:8a:3b:4c:4f:81:08:78:63:
0b:f7:dc:9f:e8:9f:4d:df:6c:e2:67:eb:50:79:b5:d2:93:ff:
70:f5:64:6c:96:45:b9:90:2d:17:a8:5a:81:42:c5:b5:0c:84:
3f:94:f6:0f:4d:5f:8c:a9:13:01:e4:3f:c6:d1:9b:4a:b1:37:
a9:89:4c:b9:40:77:8c:ae:80:8f:77:9f:b0:93:02:54:45:20:
4d:b3:49:a5:93:e4:dc:01:f8:35:28:cb:65:0b:bc:5a:af:87:
15:cd:27:44:a7:e9:7d:3b:59:78:dd:ec:e8:c8:d1:fd:27:c3:
2c:d6:b9:98:79:cb:d3:0b:01:df:02:a1:a3:7a:af:52:d3:99:
c8:54:f4:20:33:02:b0:47:52:5f:0d:3c:e4:2f:97:30:de:c4:
00:4a:6a:23
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY00fW2J7OQz0Sk37FHAncZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTIzMDQwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVmMjEwNzQ5ZmE0ZjdmZjRjOTIwOTJhMDMyZDViZGNjMDIyMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo445pZQ/ldQ/4g1Rhlqeg0Jqd/d
z3Jh6LPunpmnhHE3wnW1i1ASDcS4VsYzdboqa4SmNTC4yF2CyI5NSa0nVKcu8z0V
ivKwSpF6+BJXeR0EEl8YhvN7P9i2RHj8D8bDMzJHM8BfcLiJsJu4/rHj1BNTlTFY
sMJqpGHGCS4utdl7p579+YE4BhqANMnsjNPHfHhjkFocDOi0AXLKL684cLzA+zCL
y8Na1Jceg4P9uLDR1Lfj9ApwVm+8u329Qztnvpm0T50BPULBWoi35bPsSSRpVdes
OC7kOzPdBdnwKeuyv9S+WpKejhnx1nXkK8kMe26MSpZoa48VnqUzGvuqBwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFB1fIQdJ+k9/9MkgkqAy1b3MAiBCMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvSFY4aEIwbjZUM18weVNDU29ETFZ2Y3dDSUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAsu+fAwQB
uRoiAwQCuXysAwQAudQwAwQAufMxMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEB
CwUAA4IBAQBDvi+xmGQ4S3r16PKQAjjNkC3L4AxGPJlnrMjSQ80hMGFKkJDNq+6k
epr3Sk8jamG/eZSwgGUl3y4sSofkOuCrb6nU1bXxoe+aThzfX7RpEJV57r6SbG/g
APHfHEZ8RSWRueYMijtMT4EIeGML99yf6J9N32ziZ+tQebXSk/9w9WRslkW5kC0X
qFqBQsW1DIQ/lPYPTV+MqRMB5D/G0ZtKsTepiUy5QHeMroCPd5+wkwJURSBNs0ml
k+TcAfg1KMtlC7xar4cVzSdEp+l9O1l43ezoyNH9J8Ms1rmYecvTCwHfAqGjeq9S
05nIVPQgMwKwR1JfDTzkL5cw3sQASmoj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:29 2024 by rpki-client on console-fra.rpki-client.org