Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Hq5I5i3PKDnl7p-bqdiEQYnW0hI.roa
File: Hq5I5i3PKDnl7p-bqdiEQYnW0hI.roa (raw, json)
Hash identifier: l86Dttsgvq964y3Xks3Us3MeETljT+PMaRbAIkiWAhM=
Subject key identifier: 1E:AE:48:E6:2D:CF:28:39:E5:EE:9F:9B:A9:D8:84:41:89:D6:D2:12
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 0190265D1B9739F6F9FB0DA53D702B8BF52E
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Hq5I5i3PKDnl7p-bqdiEQYnW0hI.roa
Signing time: Mon 17 Jun 2024 13:22:34 +0000
ROA not before: Mon 17 Jun 2024 13:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 145.219.18.0/23 maxlen: 23
145.219.32.0/22 maxlen: 22
145.219.36.0/22 maxlen: 22
145.219.40.0/21 maxlen: 21
145.219.48.0/21 maxlen: 21
145.219.56.0/21 maxlen: 21
145.219.64.0/18 maxlen: 18
145.219.128.0/17 maxlen: 17
193.176.255.0/24 maxlen: 24
2a04:b0c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 24 Jun 2024 08:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:5d:1b:97:39:f6:f9:fb:0d:a5:3d:70:2b:8b:f5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jun 17 13:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eae48e62dcf2839e5ee9f9ba9d8844189d6d212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e8:64:d8:95:bd:5c:b0:05:2f:14:f7:31:85:
df:1a:6e:f5:04:cd:05:e7:be:c5:59:cc:4d:f4:c3:
c5:40:b6:5e:c0:15:f0:af:33:db:82:d9:fd:75:ad:
ca:79:68:a0:bd:3c:b7:cb:6f:63:1c:c5:61:d3:58:
5a:2b:e2:8f:5b:a2:e7:2f:fe:24:07:78:36:d8:b0:
54:5b:d6:38:d9:8b:c9:54:8e:66:f7:d0:92:91:23:
47:1e:5f:17:4b:20:45:fb:ea:70:ef:57:25:1c:16:
0b:a5:26:85:7e:1c:f8:09:10:1f:ab:96:7d:ee:12:
77:68:da:8f:b5:68:09:fa:0d:f1:82:ea:f8:e8:3f:
1e:b6:e2:c8:74:8c:38:29:be:a6:d8:f3:be:58:b7:
82:cc:ee:2f:58:07:97:cd:8f:38:f8:7c:2d:42:16:
4c:82:a1:07:bb:bb:09:58:06:6b:9c:7d:85:25:06:
e8:1e:39:db:72:80:5a:69:c9:bd:c4:5c:e9:e0:78:
4a:8e:db:70:e9:86:cd:bc:8b:85:5c:be:de:c9:83:
bd:5f:c0:2c:8c:42:db:57:b7:32:4e:36:89:04:33:
6d:51:e5:60:cb:98:2c:2f:7c:40:ad:6d:ed:ee:67:
66:64:8f:b6:83:37:99:e7:ec:00:43:91:27:63:bf:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:48:E6:2D:CF:28:39:E5:EE:9F:9B:A9:D8:84:41:89:D6:D2:12
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Hq5I5i3PKDnl7p-bqdiEQYnW0hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.18.0/23
145.219.32.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
8c:27:91:b4:68:19:ee:3f:6a:b7:5d:b8:c2:a8:0d:5b:bb:8d:
17:6b:5a:76:7b:ef:de:0b:30:c0:4a:41:5e:66:9c:77:19:d4:
88:19:fe:a1:05:f7:ce:f5:4b:d2:1b:fc:e8:39:d7:0b:15:80:
f4:35:41:62:99:fa:6f:56:8f:4e:56:a6:a3:6a:a6:46:7e:54:
c3:d4:5a:c5:e2:d4:c5:af:7f:82:f1:b5:2d:f8:f4:4f:58:85:
6f:b5:60:dd:7e:e1:15:61:4b:3d:ac:ae:79:49:d7:27:f2:8c:
84:2b:2d:41:1e:4c:00:b1:2f:35:aa:f4:b8:09:47:21:64:2d:
0d:b2:db:43:be:2c:f9:5e:a1:50:2d:c0:f5:bd:65:dd:4a:57:
6d:73:ac:7b:4b:57:03:17:e8:3c:09:05:c7:1f:06:d1:93:83:
8d:8a:90:e6:a9:60:fd:37:c0:b6:69:2c:7d:8b:ab:70:71:32:
f1:dc:ab:06:45:7a:b4:69:3e:b3:57:3d:14:55:10:e6:12:e4:
3e:6c:e0:41:d3:5e:ee:27:e3:7b:81:7b:85:e1:df:b7:91:58:
34:d7:4f:19:d9:56:86:cf:4f:84:0c:28:ee:23:f4:47:e9:a8:
14:e0:1c:62:01:f2:e1:c1:c3:f8:14:1b:97:35:19:5a:6e:5e:
cf:16:5e:7c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZAmXRuXOfb5+w2lPXAri/UuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwNjE3MTMyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFlNDhlNjJkY2YyODM5ZTVlZTlmOWJhOWQ4ODQ0MTg5ZDZkMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uhk2JW9XLAFLxT3MYXfGm71BM0F
577FWcxN9MPFQLZewBXwrzPbgtn9da3KeWigvTy3y29jHMVh01haK+KPW6LnL/4k
B3g22LBUW9Y42YvJVI5m99CSkSNHHl8XSyBF++pw71clHBYLpSaFfhz4CRAfq5Z9
7hJ3aNqPtWgJ+g3xgur46D8etuLIdIw4Kb6m2PO+WLeCzO4vWAeXzY84+HwtQhZM
gqEHu7sJWAZrnH2FJQboHjnbcoBaacm9xFzp4HhKjttw6YbNvIuFXL7eyYO9X8As
jELbV7cyTjaJBDNtUeVgy5gsL3xArW3t7mdmZI+2gzeZ5+wAQ5EnY7/UqwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFB6uSOYtzyg55e6fm6nYhEGJ1tISMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvSHE1STVpM1BLRG5sN3AtYnFkaUVRWW5XMGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQBkdsSMAsD
BAWR2yADAwKR2AMEAMGw/zANBAIAAjAHAwUCKgSwxDANBgkqhkiG9w0BAQsFAAOC
AQEAjCeRtGgZ7j9qt124wqgNW7uNF2tadnvv3gswwEpBXmacdxnUiBn+oQX3zvVL
0hv86DnXCxWA9DVBYpn6b1aPTlamo2qmRn5Uw9RaxeLUxa9/gvG1Lfj0T1iFb7Vg
3X7hFWFLPayueUnXJ/KMhCstQR5MALEvNar0uAlHIWQtDbLbQ74s+V6hUC3A9b1l
3UpXbXOse0tXAxfoPAkFxx8G0ZODjYqQ5qlg/TfAtmksfYurcHEy8dyrBkV6tGk+
s1c9FFUQ5hLkPmzgQdNe7ifje4F7heHft5FYNNdPGdlWhs9PhAwo7iP0R+moFOAc
YgHy4cHD+BQblzUZWm5ezxZefA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:53:27 2024 by rpki-client on console-ams.rpki-client.org