Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hmHmX1C8yLnm34JsPfdSCPR0pvM.roa
File: hmHmX1C8yLnm34JsPfdSCPR0pvM.roa (raw, json)
Hash identifier: 9aV9OLwKcN9auKnCQ20cEuL8KV669weMDNYlX9TJeio=
Subject key identifier: 86:61:E6:5F:50:BC:C8:B9:E6:DF:82:6C:3D:F7:52:08:F4:74:A6:F3
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018677FDA5C235650A994B8375734EEA4563
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hmHmX1C8yLnm34JsPfdSCPR0pvM.roa
Signing time: Wed 22 Feb 2023 07:19:17 +0000
ROA not before: Wed 22 Feb 2023 07:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 45.8.98.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jul 2023 10:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:fd:a5:c2:35:65:0a:99:4b:83:75:73:4e:ea:45:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 22 07:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8661e65f50bcc8b9e6df826c3df75208f474a6f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:a0:aa:e5:37:51:41:63:fd:dc:d7:37:a9:
17:ed:f3:12:79:3b:24:76:4c:d7:84:9f:cb:fd:e2:
73:88:75:84:0c:e2:aa:2e:90:b6:78:23:32:ca:b8:
39:0b:df:f9:34:e9:19:3b:6c:fc:4b:9b:9f:15:46:
ef:f1:46:68:a1:20:74:48:fc:f3:16:15:6e:b9:8e:
ac:51:ba:89:b3:71:fe:6c:aa:ec:d4:f5:00:5b:93:
71:e7:b7:70:4f:66:95:23:83:df:b8:db:de:9b:c2:
91:28:55:6e:ac:65:f9:70:2e:f2:c5:5c:f4:99:4f:
d0:cd:20:85:61:c2:a6:8c:50:6b:87:7c:3c:80:a8:
13:dc:b5:f1:c5:21:9d:07:b6:79:67:7f:42:71:a9:
bf:f0:c0:bb:f8:7a:3f:b4:c0:55:0f:fa:1a:d5:0d:
2b:d6:af:5b:20:e9:67:7e:b7:a6:1a:fe:ff:05:4f:
ed:d7:db:02:2a:a0:3e:b2:b5:49:f5:44:1c:26:59:
48:e5:da:68:77:8a:48:e8:bd:e0:3a:37:86:b1:c9:
52:70:fd:9e:06:1c:23:9b:c3:26:d8:81:8c:da:39:
60:0e:40:ea:01:f8:a6:44:eb:9a:20:e5:c4:65:91:
d3:9d:d6:e5:a2:38:24:3a:9a:ec:9a:57:be:c1:a4:
d5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:E6:5F:50:BC:C8:B9:E6:DF:82:6C:3D:F7:52:08:F4:74:A6:F3
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hmHmX1C8yLnm34JsPfdSCPR0pvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.98.0/24
92.118.115.0/24
94.198.220.0/23
Signature Algorithm: sha256WithRSAEncryption
40:60:45:91:cd:d6:87:77:6a:51:89:9e:99:93:70:bb:6d:88:
b8:00:a6:0e:c3:91:6c:c1:f3:73:13:3b:50:5b:8e:6f:d2:bd:
37:37:40:47:54:f2:df:9f:81:84:11:97:d5:74:4f:c6:75:47:
21:89:c1:1a:3d:3c:f8:62:16:a0:bb:63:6f:6f:f9:1f:fa:f3:
59:6f:b1:54:bb:28:8e:47:ab:23:14:66:27:75:0b:9b:dd:8e:
eb:98:ed:09:3a:5d:3c:78:e0:b5:2a:a4:ad:99:b9:f4:d2:7b:
9c:dc:f0:0b:72:f1:37:c0:ef:e2:71:51:4f:0e:c9:7e:67:46:
39:38:76:a6:14:df:4b:ea:23:9d:2a:da:10:bb:2f:eb:0e:8c:
d5:f9:21:20:b1:31:85:e8:50:fe:3b:7c:b7:96:2e:75:2a:f0:
fa:ed:1b:33:43:f0:23:e6:c9:fb:7e:8d:44:e0:0d:ff:12:dd:
a7:ab:cc:12:9d:8f:75:7d:1a:a1:92:11:2d:48:82:f0:79:3c:
26:ac:71:55:9f:ec:97:56:98:dd:10:ab:e0:75:14:bd:22:9d:
60:5e:65:eb:51:a5:ad:af:72:ea:cc:d7:a5:0e:55:d0:3b:11:
2e:9d:b3:a8:32:05:85:4a:aa:71:83:44:25:b3:14:c5:a4:7d:
a4:1a:6c:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ3/aXCNWUKmUuDdXNO6kVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjIyMDcxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYxZTY1ZjUwYmNjOGI5ZTZkZjgyNmMzZGY3NTIwOGY0NzRhNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY+gquU3UUFj/dzXN6kX7fMSeTsk
dkzXhJ/L/eJziHWEDOKqLpC2eCMyyrg5C9/5NOkZO2z8S5ufFUbv8UZooSB0SPzz
FhVuuY6sUbqJs3H+bKrs1PUAW5Nx57dwT2aVI4PfuNvem8KRKFVurGX5cC7yxVz0
mU/QzSCFYcKmjFBrh3w8gKgT3LXxxSGdB7Z5Z39Ccam/8MC7+Ho/tMBVD/oa1Q0r
1q9bIOlnfremGv7/BU/t19sCKqA+srVJ9UQcJllI5dpod4pI6L3gOjeGsclScP2e
Bhwjm8Mm2IGM2jlgDkDqAfimROuaIOXEZZHTndblojgkOprsmle+waTVsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZh5l9QvMi55t+CbD33Ugj0dKbzMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvaG1IbVgxQzh5TG5tMzRKc1BmZFNDUFIwcHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQhiAwQA
XHZzAwQBXsbcMA0GCSqGSIb3DQEBCwUAA4IBAQBAYEWRzdaHd2pRiZ6Zk3C7bYi4
AKYOw5FswfNzEztQW45v0r03N0BHVPLfn4GEEZfVdE/GdUchicEaPTz4Yhagu2Nv
b/kf+vNZb7FUuyiOR6sjFGYndQub3Y7rmO0JOl08eOC1KqStmbn00nuc3PALcvE3
wO/icVFPDsl+Z0Y5OHamFN9L6iOdKtoQuy/rDozV+SEgsTGF6FD+O3y3li51KvD6
7RszQ/Aj5sn7fo1E4A3/Et2nq8wSnY91fRqhkhEtSILweTwmrHFVn+yXVpjdEKvg
dRS9Ip1gXmXrUaWtr3LqzNelDlXQOxEunbOoMgWFSqpxg0QlsxTFpH2kGmxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org