Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HUZEEjVX_xoFZAAPdxf9DxDdYS8.roa
File: HUZEEjVX_xoFZAAPdxf9DxDdYS8.roa (raw, json)
Hash identifier: abqUZurMWXt3+aJeKc8pjzdh79j6TdXz5xNyzAriNZM=
Subject key identifier: 1D:46:44:12:35:57:FF:1A:05:64:00:0F:77:17:FD:0F:10:DD:61:2F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186E08D148E9D03974C240CC642E7DEA5DE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HUZEEjVX_xoFZAAPdxf9DxDdYS8.roa
Signing time: Tue 14 Mar 2023 14:36:27 +0000
ROA not before: Tue 14 Mar 2023 14:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 92.114.85.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.94.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.37.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 07:16:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:8d:14:8e:9d:03:97:4c:24:0c:c6:42:e7:de:a5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 14 14:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d4644123557ff1a0564000f7717fd0f10dd612f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:0a:da:c1:ae:40:26:94:31:9f:3d:09:cf:
ae:08:ab:30:4f:35:19:03:b2:93:9d:b2:1c:0f:b7:
70:79:9e:61:94:c9:2a:68:cd:12:41:ca:4e:94:fd:
e9:a7:3e:44:22:d7:70:de:16:dd:2a:b7:03:6a:42:
5f:e6:b3:a1:15:99:e5:88:fb:26:64:f6:10:24:b5:
10:8c:af:1f:31:c0:42:cc:ee:05:3e:96:6d:aa:43:
90:d6:fc:35:a2:66:ac:f8:b5:94:94:f5:98:5c:e3:
e5:cf:be:32:98:e2:84:c1:ae:fb:90:12:4a:48:bb:
6a:bf:75:89:f9:ec:fb:1d:d3:ee:f5:9c:15:1e:f5:
98:49:df:13:03:2d:ce:5b:26:3e:7d:5b:2c:fa:02:
f7:48:1c:86:25:39:90:21:77:74:cf:6b:85:74:f8:
a8:82:1c:08:e2:30:f7:73:cd:32:4f:ee:4e:38:12:
f9:91:13:59:c1:67:14:d6:b9:07:a2:68:a9:75:af:
cc:42:83:23:f6:7e:9f:f0:62:4c:33:ed:24:19:cf:
0c:db:72:aa:a0:65:85:51:2c:71:d8:a6:a1:b2:64:
9a:ab:a1:f4:95:3e:12:35:9a:59:6c:c0:68:86:c1:
4d:bb:2b:2e:34:5d:e3:16:f4:23:b9:e1:58:4c:c2:
8c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:46:44:12:35:57:FF:1A:05:64:00:0F:77:17:FD:0F:10:DD:61:2F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HUZEEjVX_xoFZAAPdxf9DxDdYS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
92.114.85.0/24
185.135.143.0/24
185.255.37.0/24
188.240.225.0/24
188.240.230.0/24
188.241.243.0/24
193.23.128.0/23
213.232.94.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:63:41:8c:67:97:90:29:d0:85:4c:80:30:f4:2b:2f:fa:2c:
68:62:fc:80:9a:aa:c7:a8:3a:5b:a8:f8:a5:c3:18:01:65:75:
9d:43:8e:ff:ea:3d:18:6b:64:b8:a4:2a:9a:b5:89:67:12:82:
8a:5e:02:c1:35:1a:cd:c7:7f:a9:09:07:36:ce:35:94:59:8c:
ac:ac:aa:01:5b:ef:ae:1f:ed:99:96:47:46:74:86:e1:6c:65:
24:c2:da:f4:f1:b5:59:2a:7f:be:4b:fd:ab:89:f7:0d:5e:ae:
fd:61:4d:2a:ea:36:cb:44:f9:ad:73:d6:17:df:33:e0:a8:0d:
b9:cb:6b:5f:f5:16:dc:3b:9b:be:89:de:a2:56:65:9c:b8:95:
db:2f:13:0d:0a:81:af:9e:8c:af:16:d7:cb:11:74:23:a0:2d:
a7:52:51:e8:45:1b:79:2c:72:c8:7a:db:97:f2:ad:23:9d:ce:
d9:cd:b1:cc:f9:39:44:a1:70:72:d8:2c:73:ce:1e:41:68:e3:
16:33:bc:fc:1c:74:5c:42:74:c9:2e:2a:bf:bb:e9:fa:d8:fc:
09:ce:13:d4:f8:77:6a:10:08:50:24:c8:b7:db:42:b2:e0:58:
98:f6:fe:fe:7a:81:a4:2a:4c:88:f0:fa:29:06:b0:62:70:f7:
9e:69:1f:25
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYbgjRSOnQOXTCQMxkLn3qXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE0MTQzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ2NDQxMjM1NTdmZjFhMDU2NDAwMGY3NzE3ZmQwZjEwZGQ2MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCYK2sGuQCaUMZ89Cc+uCKswTzUZ
A7KTnbIcD7dweZ5hlMkqaM0SQcpOlP3ppz5EItdw3hbdKrcDakJf5rOhFZnliPsm
ZPYQJLUQjK8fMcBCzO4FPpZtqkOQ1vw1omas+LWUlPWYXOPlz74ymOKEwa77kBJK
SLtqv3WJ+ez7HdPu9ZwVHvWYSd8TAy3OWyY+fVss+gL3SByGJTmQIXd0z2uFdPio
ghwI4jD3c80yT+5OOBL5kRNZwWcU1rkHomipda/MQoMj9n6f8GJMM+0kGc8M23Kq
oGWFUSxx2KahsmSaq6H0lT4SNZpZbMBohsFNuysuNF3jFvQjueFYTMKMwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB1GRBI1V/8aBWQAD3cX/Q8Q3WEvMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSFVaRUVqVlhfeG9GWkFBUGR4ZjlEeERkWVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZyfAwQA
XHJVAwQAuYePAwQAuf8lAwQAvPDhAwQAvPDmAwQAvPHzAwQBwReAAwQA1eheMA0G
CSqGSIb3DQEBCwUAA4IBAQBMY0GMZ5eQKdCFTIAw9Csv+ixoYvyAmqrHqDpbqPil
wxgBZXWdQ47/6j0Ya2S4pCqatYlnEoKKXgLBNRrNx3+pCQc2zjWUWYysrKoBW++u
H+2ZlkdGdIbhbGUkwtr08bVZKn++S/2rifcNXq79YU0q6jbLRPmtc9YX3zPgqA25
y2tf9RbcO5u+id6iVmWcuJXbLxMNCoGvnoyvFtfLEXQjoC2nUlHoRRt5LHLIetuX
8q0jnc7ZzbHM+TlEoXBy2Cxzzh5BaOMWM7z8HHRcQnTJLiq/u+n62PwJzhPU+Hdq
EAhQJMi320Ky4FiY9v7+eoGkKkyI8PopBrBicPeeaR8l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org