Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/HtkLkhtVOqxMrbWohe6zkT_LBm0.roa
File: HtkLkhtVOqxMrbWohe6zkT_LBm0.roa (raw, json)
Hash identifier: DZdC6ia1kseHcPyklJiuolkdXk8HCRyuyD67GbgOjRk=
Subject key identifier: 1E:D9:0B:92:1B:55:3A:AC:4C:AD:B5:A8:85:EE:B3:91:3F:CB:06:6D
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CC26D654989DC028882061B51C4904B56
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/HtkLkhtVOqxMrbWohe6zkT_LBm0.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 16:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:65:49:89:dc:02:88:82:06:1b:51:c4:90:4b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed90b921b553aac4cadb5a885eeb3913fcb066d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:f2:19:ed:e3:d7:44:63:fb:cd:bc:42:c6:
0d:26:16:92:a2:d9:f9:52:d3:58:6d:0c:e0:b2:d8:
32:87:d5:cf:58:26:64:c7:f7:89:db:21:06:60:6f:
3b:ed:fe:7a:99:f5:ce:e3:b7:15:13:7d:48:0b:15:
98:a2:22:23:e5:c0:f0:8e:51:4a:af:4e:3e:45:54:
fa:bd:9f:49:a4:12:c9:6c:41:27:fb:8b:38:09:51:
b6:44:b3:bb:c2:5b:7e:df:ce:5e:9a:8c:86:dd:38:
e3:60:b9:4b:92:42:b3:9a:59:63:ac:97:cc:19:38:
e7:a4:7b:06:d0:d9:5a:9e:72:eb:41:ea:24:1b:a9:
c2:10:3f:17:e4:f5:ad:92:48:2b:02:68:d6:57:f5:
63:62:47:05:16:ff:83:82:5d:70:7d:9a:f8:29:38:
ea:55:c8:89:3d:31:16:e2:03:fe:86:83:36:ec:ab:
17:ed:3b:8a:06:11:69:ca:cb:37:43:5d:94:c4:88:
d0:93:34:3d:7d:e5:63:3a:31:b3:35:b4:e7:ad:ad:
62:5f:7a:e9:86:72:c5:45:d3:cf:25:c0:d6:2f:de:
56:41:91:5e:ba:5a:80:6f:7b:12:71:0e:12:04:ee:
e5:a8:be:02:35:8f:5a:49:d8:74:db:de:2a:b0:69:
6e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D9:0B:92:1B:55:3A:AC:4C:AD:B5:A8:85:EE:B3:91:3F:CB:06:6D
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/HtkLkhtVOqxMrbWohe6zkT_LBm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/23
147.78.3.0/24
185.126.239.0/24
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::/48
2a11:840:54::/48
Signature Algorithm: sha256WithRSAEncryption
29:89:ae:ea:37:7c:f9:92:e0:e5:15:a7:89:1c:88:5d:ce:bf:
8d:bd:4d:32:3a:41:ff:15:a1:23:c0:17:ae:3c:10:5e:57:24:
7e:b0:c9:d1:a7:e1:85:46:c1:88:5b:fc:94:ac:57:2f:5c:77:
73:2d:bd:07:d5:3f:7d:7e:ac:f1:71:55:d3:b3:42:eb:d4:96:
16:b1:26:5e:e0:81:2a:70:d3:f4:ce:f1:22:c7:fe:93:5c:05:
53:01:8e:12:ca:08:d9:7c:e9:cc:34:29:ed:c3:38:26:46:5c:
38:03:6f:73:4b:97:4a:de:4b:76:ef:12:b4:93:7c:f6:a5:ed:
68:cc:1c:7f:02:d4:33:28:b6:00:f4:f8:a0:e5:b6:69:57:95:
83:e2:08:f1:8f:14:27:79:a6:33:eb:97:d4:8e:e7:57:b6:f8:
f8:31:63:41:b9:f3:5b:29:5a:7c:c9:2e:8a:19:d7:8f:b8:4f:
e3:46:eb:89:48:9f:33:4c:56:ff:cb:01:df:2d:68:7b:fd:ba:
f3:bf:39:23:45:07:80:03:03:27:52:f4:0f:3b:c8:8d:8c:18:
69:ad:5b:59:56:cd:70:a6:32:6e:bf:f5:ec:61:d3:94:79:ee:
6a:07:13:87:3d:0e:4e:6d:cc:e4:b8:47:fd:cc:54:39:f3:d9:
41:c1:b0:72
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzCbWVJidwCiIIGG1HEkEtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ5MGI5MjFiNTUzYWFjNGNhZGI1YTg4NWVlYjM5MTNmY2IwNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ7yGe3j10Rj+828QsYNJhaSotn5
UtNYbQzgstgyh9XPWCZkx/eJ2yEGYG877f56mfXO47cVE31ICxWYoiIj5cDwjlFK
r04+RVT6vZ9JpBLJbEEn+4s4CVG2RLO7wlt+385emoyG3TjjYLlLkkKzmlljrJfM
GTjnpHsG0NlannLrQeokG6nCED8X5PWtkkgrAmjWV/VjYkcFFv+Dgl1wfZr4KTjq
VciJPTEW4gP+hoM27KsX7TuKBhFpyss3Q12UxIjQkzQ9feVjOjGzNbTnra1iX3rp
hnLFRdPPJcDWL95WQZFeulqAb3sScQ4SBO7lqL4CNY9aSdh0294qsGluEQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFB7ZC5IbVTqsTK21qIXus5E/ywZtMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvSHRrTGtodFZPcXhNcmJXb2hlNnprVF9MQm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDAqBAIAATAkAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQAuX7vAwQAudUXMHoEAgACMHQwEgMHASoRCEAA
BgMHACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhA
ABgwEgMHAioRCEAAJAMHACoRCEAAJgMHACoRCEAAMwMHASoRCEAAQAMHACoRCEAA
RwMHACoRCEAAVDANBgkqhkiG9w0BAQsFAAOCAQEAKYmu6jd8+ZLg5RWniRyIXc6/
jb1NMjpB/xWhI8AXrjwQXlckfrDJ0afhhUbBiFv8lKxXL1x3cy29B9U/fX6s8XFV
07NC69SWFrEmXuCBKnDT9M7xIsf+k1wFUwGOEsoI2XzpzDQp7cM4JkZcOANvc0uX
St5Ldu8StJN89qXtaMwcfwLUMyi2APT4oOW2aVeVg+II8Y8UJ3mmM+uX1I7nV7b4
+DFjQbnzWylafMkuihnXj7hP40briUifM0xW/8sB3y1oe/268785I0UHgAMDJ1L0
DzvIjYwYaa1bWVbNcKYybr/17GHTlHnuagcThz0OTm3M5LhH/cxUOfPZQcGwcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org