Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/HXcL8Fx4D2lMDrmyoUvR5AbTyAY.roa
File: HXcL8Fx4D2lMDrmyoUvR5AbTyAY.roa (raw, json)
Hash identifier: LiTbo8P5f1vIPPwQQ2TxrIBuCfDIrrNwCebcnxFT50w=
Subject key identifier: 1D:77:0B:F0:5C:78:0F:69:4C:0E:B9:B2:A1:4B:D1:E4:06:D3:C8:06
Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial: 018DCFF04C548CD316DD6AE59F88D7B50A0E
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/HXcL8Fx4D2lMDrmyoUvR5AbTyAY.roa
Signing time: Thu 22 Feb 2024 08:30:48 +0000
ROA not before: Thu 22 Feb 2024 08:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35378
IP address blocks: 37.123.200.0/21 maxlen: 21
77.91.0.0/18 maxlen: 18
89.150.50.0/24 maxlen: 24
95.171.96.0/19 maxlen: 19
176.241.72.0/21 maxlen: 21
185.14.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 20 Mar 2024 07:23:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:f0:4c:54:8c:d3:16:dd:6a:e5:9f:88:d7:b5:0a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Validity
Not Before: Feb 22 08:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d770bf05c780f694c0eb9b2a14bd1e406d3c806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e3:e5:66:03:23:cd:bf:2a:cf:0d:bd:f1:4e:
6d:c1:5a:61:8d:dd:b7:16:87:74:78:f4:01:bc:73:
88:17:81:66:82:ba:8c:7d:20:08:cd:8e:e8:2f:44:
09:5a:69:ad:c1:5c:ba:82:29:f1:e2:01:48:14:e8:
35:3d:2b:84:82:29:14:38:1d:04:40:f1:3d:ac:7f:
ba:8b:16:19:17:35:0e:35:b9:c5:5f:73:88:a4:db:
6f:3f:bb:58:5e:7a:36:52:81:b9:22:57:dd:ee:24:
4a:4d:0c:61:c5:d6:35:67:37:6c:a3:0e:c1:d6:70:
77:87:e7:ef:79:f3:fa:e6:9c:53:b5:de:13:52:0e:
6a:b4:2b:88:77:3f:ea:b5:b6:4b:20:d6:24:97:ad:
b0:5e:7f:1b:e5:29:d5:a8:19:93:6c:e5:95:48:75:
18:6b:c9:d9:07:de:06:36:40:13:be:8c:28:a4:f4:
80:26:7b:cf:ad:57:b9:df:59:6f:8c:ab:ec:2f:da:
8c:dd:7d:26:5d:d1:ad:dd:5b:41:b9:fe:1c:7a:29:
1c:e6:b4:e2:a5:5e:18:54:7e:cb:48:61:3a:9d:18:
cc:90:4c:28:c9:eb:1b:dc:c5:4c:88:1b:42:95:15:
a4:6a:b0:4e:f6:73:0c:41:4e:a3:c2:6b:3f:5e:a5:
c9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:77:0B:F0:5C:78:0F:69:4C:0E:B9:B2:A1:4B:D1:E4:06:D3:C8:06
X509v3 Authority Key Identifier:
keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/HXcL8Fx4D2lMDrmyoUvR5AbTyAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.200.0/21
77.91.0.0/18
89.150.50.0/24
95.171.96.0/19
176.241.72.0/21
185.14.112.0/22
Signature Algorithm: sha256WithRSAEncryption
26:f7:8b:29:0d:66:19:d3:e4:78:82:44:1e:60:23:de:bf:e5:
0f:67:ef:8e:1f:88:55:ed:61:08:f6:90:4a:0b:ac:0e:26:0a:
f7:8b:5f:42:f2:6e:d7:2b:2d:57:73:c9:68:85:90:c4:0e:ff:
ab:e3:49:21:11:3c:4f:60:50:20:c0:ca:42:a3:fe:76:a2:c6:
34:8a:c4:de:87:7c:92:55:c3:da:74:83:de:79:90:32:3e:8c:
41:26:a0:dd:81:ab:5e:b8:be:e6:82:2c:91:35:a8:d2:61:1c:
3a:bd:00:4f:72:14:bf:03:58:06:6f:4e:5e:cf:5d:28:9b:4e:
55:bd:c9:58:ea:61:7f:46:d3:c7:92:c0:a2:7e:bb:6b:4f:4b:
7f:81:fe:ff:9f:cf:7a:60:08:4d:b4:14:e5:fa:31:af:90:e0:
cd:ec:9a:70:7b:00:79:ce:42:8d:12:59:ad:32:88:aa:bf:b5:
c6:d9:bf:58:eb:49:1a:ff:83:0f:8b:da:36:86:24:7f:17:57:
10:fa:13:04:6c:5e:83:f6:58:a3:52:31:e9:75:77:9c:21:59:
f7:c5:4e:8b:c9:43:de:a0:aa:56:ae:68:53:0e:e4:af:be:d7:
12:2b:bb:7f:b9:38:3a:ca:00:ed:c4:8b:f3:ac:b7:1d:2b:31:
bf:b8:6d:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3P8ExUjNMW3Wrln4jXtQoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMy
Y2Q4MDIwHhcNMjQwMjIyMDgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc3MGJmMDVjNzgwZjY5NGMwZWI5YjJhMTRiZDFlNDA2ZDNjODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+PlZgMjzb8qzw298U5twVphjd23
Fod0ePQBvHOIF4FmgrqMfSAIzY7oL0QJWmmtwVy6ginx4gFIFOg1PSuEgikUOB0E
QPE9rH+6ixYZFzUONbnFX3OIpNtvP7tYXno2UoG5Ilfd7iRKTQxhxdY1Zzdsow7B
1nB3h+fvefP65pxTtd4TUg5qtCuIdz/qtbZLINYkl62wXn8b5SnVqBmTbOWVSHUY
a8nZB94GNkATvowopPSAJnvPrVe531lvjKvsL9qM3X0mXdGt3VtBuf4ceikc5rTi
pV4YVH7LSGE6nRjMkEwoyesb3MVMiBtClRWkarBO9nMMQU6jwms/XqXJrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB13C/BceA9pTA65sqFL0eQG08gGMB8GA1UdIwQY
MBaAFCG/ueIZ4V/tpq3Sljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODIt
NzNmZDJjMDM1ZWI1LzEvSFhjTDhGeDREMmxNRHJteW9VdlI1QWJUeUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1
LzEvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJXvIAwQG
TVsAAwQAWZYyAwQFX6tgAwQDsPFIAwQCuQ5wMA0GCSqGSIb3DQEBCwUAA4IBAQAm
94spDWYZ0+R4gkQeYCPev+UPZ++OH4hV7WEI9pBKC6wOJgr3i19C8m7XKy1Xc8lo
hZDEDv+r40khETxPYFAgwMpCo/52osY0isTeh3ySVcPadIPeeZAyPoxBJqDdgate
uL7mgiyRNajSYRw6vQBPchS/A1gGb05ez10om05VvclY6mF/RtPHksCifrtrT0t/
gf7/n896YAhNtBTl+jGvkODN7JpwewB5zkKNElmtMoiqv7XG2b9Y60ka/4MPi9o2
hiR/F1cQ+hMEbF6D9lijUjHpdXecIVn3xU6LyUPeoKpWrmhTDuSvvtcSK7t/uTg6
ygDtxIvzrLcdKzG/uG3M
-----END CERTIFICATE-----
Generated at Wed Mar 20 11:52:49 2024 by rpki-client on console-fra.rpki-client.org