Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Hs8bX8mszuOWdvs_MX1gZ6HdVLw.roa
File: Hs8bX8mszuOWdvs_MX1gZ6HdVLw.roa (raw, json)
Hash identifier: gwga1KJf6Irzpntwn24hQbAaB3KgcEcI8xfgcdeB1Wo=
Subject key identifier: 1E:CF:1B:5F:C9:AC:CE:E3:96:76:FB:3F:31:7D:60:67:A1:DD:54:BC
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018FE1D780CD9000CC4FE8F060302F037E4B
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Hs8bX8mszuOWdvs_MX1gZ6HdVLw.roa
Signing time: Tue 04 Jun 2024 06:02:27 +0000
ROA not before: Tue 04 Jun 2024 06:02:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.145.17.0/24 maxlen: 24
212.87.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 10:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:d7:80:cd:90:00:cc:4f:e8:f0:60:30:2f:03:7e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 4 06:02:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ecf1b5fc9accee39676fb3f317d6067a1dd54bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:b4:e4:87:9b:db:c3:d1:23:02:c2:7c:b4:
58:ea:f9:8b:93:dd:0e:83:53:8a:73:b4:de:e3:ca:
df:00:1a:17:a0:da:07:12:9f:c4:df:51:3d:5c:ff:
b5:c1:58:60:85:08:7e:26:b2:97:7f:17:90:24:d7:
88:33:30:bf:24:3a:dc:4c:5e:7f:79:14:37:54:82:
7f:5b:38:3f:bc:79:20:db:9f:64:0b:d6:98:14:73:
b5:e8:cd:e9:55:dd:40:d5:b3:9d:ba:3c:be:f9:f4:
65:47:28:d2:bd:8d:97:e2:dc:80:5c:f1:11:75:b8:
a2:5d:dd:b8:68:92:35:2e:f4:06:5a:70:d3:c9:a9:
bb:6c:d9:35:d7:71:6a:40:ab:f5:05:69:cb:f6:0f:
4a:ed:45:47:f9:60:44:82:ee:4d:e1:6b:c0:66:a4:
d4:da:28:71:69:71:a0:31:7f:f1:d1:b4:e6:17:f9:
d9:25:79:c9:b3:05:8a:e7:d8:9f:d9:97:51:25:47:
d1:71:ee:35:58:46:4a:c5:ee:75:06:b8:32:1c:42:
fc:45:fd:b5:1b:37:1f:b5:f3:7c:45:e4:8f:70:17:
6e:dd:ab:01:f8:ac:7d:4c:f7:2f:8f:b3:7e:be:02:
7d:1c:02:ad:ac:14:09:b0:ea:49:e7:20:c8:67:b9:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CF:1B:5F:C9:AC:CE:E3:96:76:FB:3F:31:7D:60:67:A1:DD:54:BC
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Hs8bX8mszuOWdvs_MX1gZ6HdVLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.17.0/24
212.87.200.0/22
Signature Algorithm: sha256WithRSAEncryption
13:22:ce:44:3b:42:5f:bb:a3:a6:bc:98:9f:b1:7a:eb:b8:29:
51:b8:ce:0c:70:0c:8f:9c:52:52:a0:37:79:63:dc:5f:4d:5a:
a2:f0:1d:56:6e:0d:7a:34:7a:58:c4:8e:f4:20:ad:6f:6e:49:
00:03:06:74:4f:2c:58:8d:a1:9b:1c:b7:23:75:e8:2e:49:e7:
bc:5e:42:7e:e7:4b:b5:7b:6f:10:a0:ee:3f:a2:5c:40:37:e3:
5c:ea:1b:24:6c:16:14:2d:e6:c9:bf:78:a3:5f:b4:f3:e9:56:
3e:e4:41:ac:56:59:fd:fe:9c:6b:c2:d5:e6:0e:01:7c:38:b8:
1f:2c:fd:fd:df:46:05:1d:19:8f:f0:09:2a:42:db:5e:58:e0:
03:26:9f:a6:87:70:a2:b0:a1:d2:25:95:6d:63:fc:a3:61:c8:
2b:a5:c1:98:06:08:da:10:12:5b:9a:51:0a:c1:63:6e:20:53:
14:c9:07:be:21:32:d5:5e:52:39:fc:24:6f:41:51:7e:b7:22:
3c:5f:0f:a0:bb:29:e5:91:8d:e0:a3:dd:f8:6f:f6:bc:39:f1:
86:86:6d:75:e1:61:81:a7:24:2c:07:c6:70:6b:04:83:ed:fc:
a3:08:7a:67:48:e6:08:02:1e:76:22:df:97:f7:82:ff:b6:ed:
af:f0:af:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/h14DNkADMT+jwYDAvA35LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNjA0MDYwMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWNmMWI1ZmM5YWNjZWUzOTY3NmZiM2YzMTdkNjA2N2ExZGQ1NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3y05Ieb28PRIwLCfLRY6vmLk90O
g1OKc7Te48rfABoXoNoHEp/E31E9XP+1wVhghQh+JrKXfxeQJNeIMzC/JDrcTF5/
eRQ3VIJ/Wzg/vHkg259kC9aYFHO16M3pVd1A1bOdujy++fRlRyjSvY2X4tyAXPER
dbiiXd24aJI1LvQGWnDTyam7bNk113FqQKv1BWnL9g9K7UVH+WBEgu5N4WvAZqTU
2ihxaXGgMX/x0bTmF/nZJXnJswWK59if2ZdRJUfRce41WEZKxe51BrgyHEL8Rf21
GzcftfN8ReSPcBdu3asB+Kx9TPcvj7N+vgJ9HAKtrBQJsOpJ5yDIZ7ldvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7PG1/JrM7jlnb7PzF9YGeh3VS8MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvSHM4Ylg4bXN6dU9XZHZzX01YMWdaNkhkVkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZERAwQC
1FfIMA0GCSqGSIb3DQEBCwUAA4IBAQATIs5EO0Jfu6OmvJifsXrruClRuM4McAyP
nFJSoDd5Y9xfTVqi8B1Wbg16NHpYxI70IK1vbkkAAwZ0TyxYjaGbHLcjdeguSee8
XkJ+50u1e28QoO4/olxAN+Nc6hskbBYULebJv3ijX7Tz6VY+5EGsVln9/pxrwtXm
DgF8OLgfLP3930YFHRmP8AkqQtteWOADJp+mh3CisKHSJZVtY/yjYcgrpcGYBgja
EBJbmlEKwWNuIFMUyQe+ITLVXlI5/CRvQVF+tyI8Xw+guynlkY3go934b/a8OfGG
hm114WGBpyQsB8ZwawSD7fyjCHpnSOYIAh52It+X94L/tu2v8K8Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:47 2025 by rpki-client