Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/hVkXhy1FlvH_rTiuhsO7uHYMr58.roa
File: hVkXhy1FlvH_rTiuhsO7uHYMr58.roa (raw, json)
Hash identifier: PWvLrbQIJmPXaSQidKxgeYdq39gT0/qds5Wy6hBjggY=
Subject key identifier: 85:59:17:87:2D:45:96:F1:FF:AD:38:AE:86:C3:BB:B8:76:0C:AF:9F
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01918F69D2DDBF8640F576CAFA9F275980D7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/hVkXhy1FlvH_rTiuhsO7uHYMr58.roa
Signing time: Mon 26 Aug 2024 15:59:22 +0000
ROA not before: Mon 26 Aug 2024 15:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
80.91.221.0/24 maxlen: 24
193.36.162.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 07:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:69:d2:dd:bf:86:40:f5:76:ca:fa:9f:27:59:80:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Aug 26 15:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=855917872d4596f1ffad38ae86c3bbb8760caf9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:00:33:dd:e0:80:60:01:60:d2:be:37:55:a9:
79:66:0e:d6:31:f2:5b:8f:2f:58:a6:d8:3a:e1:ec:
f5:63:8c:d1:5f:08:79:06:84:a1:c2:3f:97:45:04:
36:eb:8d:f3:fc:ab:57:bf:d9:4f:80:de:f5:7a:f4:
a6:1a:08:98:02:62:d5:08:aa:23:ef:7a:2c:4a:2a:
90:89:31:f4:d3:fa:bb:54:46:12:ff:15:ba:66:51:
6b:b7:80:4c:fc:86:6d:4e:18:2b:f2:89:31:6e:d5:
33:58:a2:d9:b0:37:4f:40:94:99:83:1d:42:55:9f:
a6:e8:68:12:36:96:4b:2e:fe:00:d6:5a:67:dc:30:
4d:d0:94:d2:8e:ea:a5:e4:36:2d:a0:1d:4e:52:83:
7c:4b:db:5d:a4:be:1e:ae:60:2f:ad:70:a0:ac:6b:
49:36:9c:ec:11:ae:65:ca:18:9b:bd:3b:f2:0d:bc:
10:bb:96:9e:86:7a:1f:cf:b4:6d:68:fb:5d:b0:18:
f6:23:d2:1a:69:13:d8:ff:92:4a:92:c9:f2:d3:96:
71:32:19:a6:a6:75:68:d5:5a:49:f7:cf:20:da:94:
6c:39:fa:e8:bb:8e:54:df:ab:53:56:02:67:a3:13:
83:fc:1d:57:55:61:12:fb:ad:33:0d:e0:3d:93:24:
54:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:59:17:87:2D:45:96:F1:FF:AD:38:AE:86:C3:BB:B8:76:0C:AF:9F
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/hVkXhy1FlvH_rTiuhsO7uHYMr58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
80.91.221.0/24
193.36.162.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:86:75:bf:f8:3e:72:d8:4f:69:13:c4:3d:e5:66:6d:f2:35:
3b:21:2d:b6:1b:be:7b:22:2e:32:92:2e:c0:aa:fe:d0:16:11:
30:a2:f7:c1:84:e1:b6:3a:d0:d3:b3:4f:83:0d:15:be:c4:43:
ec:ab:ce:de:21:06:83:87:ac:e0:f9:e4:05:58:de:6b:4a:78:
58:03:a1:fd:58:96:6d:c6:da:0d:22:b6:8b:39:e5:e7:7c:6a:
13:b3:b8:43:ac:34:d2:d3:3e:b9:76:9a:36:9a:07:a0:77:fc:
74:ff:f4:c8:8b:1a:37:fd:4f:46:5f:25:a7:9c:46:60:92:e0:
8b:4f:d1:0c:5e:43:58:b7:3c:6c:7f:20:9b:0d:04:4e:22:18:
18:6d:69:dd:f1:1d:f4:29:0a:b9:04:35:70:ae:e1:b2:4b:fc:
b2:7b:87:8c:c4:25:18:3d:d5:60:03:77:da:97:aa:0f:07:ae:
70:2b:c5:07:35:d7:2f:5e:d3:53:a1:b4:4f:eb:f2:4f:3c:88:
67:4a:cc:29:2c:b9:4b:42:7b:37:85:84:c4:89:01:99:ea:49:
9b:dd:54:08:e6:fa:72:a0:93:7b:64:2a:f5:fa:fc:3a:fe:59:
93:da:22:bc:23:bb:2d:d5:33:bd:1d:52:0a:1a:7d:3c:91:ec:
e4:04:06:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGPadLdv4ZA9XbK+p8nWYDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwODI2MTU1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU5MTc4NzJkNDU5NmYxZmZhZDM4YWU4NmMzYmJiODc2MGNhZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQAz3eCAYAFg0r43Val5Zg7WMfJb
jy9Yptg64ez1Y4zRXwh5BoShwj+XRQQ2643z/KtXv9lPgN71evSmGgiYAmLVCKoj
73osSiqQiTH00/q7VEYS/xW6ZlFrt4BM/IZtThgr8okxbtUzWKLZsDdPQJSZgx1C
VZ+m6GgSNpZLLv4A1lpn3DBN0JTSjuql5DYtoB1OUoN8S9tdpL4ermAvrXCgrGtJ
NpzsEa5lyhibvTvyDbwQu5aehnofz7RtaPtdsBj2I9IaaRPY/5JKksny05ZxMhmm
pnVo1VpJ988g2pRsOfrou45U36tTVgJnoxOD/B1XVWES+60zDeA9kyRUhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIVZF4ctRZbx/604robDu7h2DK+fMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvaFZrWGh5MUZsdkhfclRpdWhzTzd1SFlNcjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQAUFvdAwQBwSSiMA0GCSqGSIb3DQEBCwUAA4IBAQCihnW/+D5y2E9pE8Q9
5WZt8jU7IS22G757Ii4yki7Aqv7QFhEwovfBhOG2OtDTs0+DDRW+xEPsq87eIQaD
h6zg+eQFWN5rSnhYA6H9WJZtxtoNIraLOeXnfGoTs7hDrDTS0z65dpo2mgegd/x0
//TIixo3/U9GXyWnnEZgkuCLT9EMXkNYtzxsfyCbDQROIhgYbWnd8R30KQq5BDVw
ruGyS/yye4eMxCUYPdVgA3fal6oPB65wK8UHNdcvXtNTobRP6/JPPIhnSswpLLlL
Qns3hYTEiQGZ6kmb3VQI5vpyoJN7ZCr1+vw6/lmT2iK8I7st1TO9HVIKGn08kezk
BAag
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:11 2025 by rpki-client