Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Hk8pvyDBEc-SR7H_PNn19LaWTSE.roa
File: Hk8pvyDBEc-SR7H_PNn19LaWTSE.roa (raw, json)
Hash identifier: 3qnrYxQdT0kIoVXer6N2WePMbqhkM4JsQAQC62HvIjk=
Subject key identifier: 1E:4F:29:BF:20:C1:11:CF:92:47:B1:FF:3C:D9:F5:F4:B6:96:4D:21
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E9E107F835F452F8B551283E2A582BB39
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Hk8pvyDBEc-SR7H_PNn19LaWTSE.roa
Signing time: Tue 02 Apr 2024 09:07:45 +0000
ROA not before: Tue 02 Apr 2024 09:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.150.0.0/24 maxlen: 24
185.165.45.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:10:7f:83:5f:45:2f:8b:55:12:83:e2:a5:82:bb:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 2 09:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e4f29bf20c111cf9247b1ff3cd9f5f4b6964d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:39:71:f3:b1:ca:72:cb:f3:f4:ea:6b:17:0d:
96:71:af:22:17:93:db:18:bf:c7:55:9f:94:7d:f3:
0f:41:fb:4f:27:49:a6:5a:15:66:76:41:44:22:c7:
bf:c6:51:89:48:8a:c0:a9:4b:c4:fd:e5:4b:ab:11:
ad:87:6f:73:d6:cb:c4:e6:28:6e:52:3b:d0:ef:28:
a2:7b:17:45:07:e3:e0:43:9c:c3:fd:01:31:ab:67:
da:1d:66:f1:ae:db:df:3c:29:7c:97:2b:42:9e:22:
ad:ca:7e:69:7d:f3:bf:0f:08:9e:c8:37:ad:45:6c:
f5:92:3a:40:85:1e:29:60:ca:96:73:c2:d4:d3:c4:
0a:d6:70:aa:a4:b6:df:e1:f8:39:94:d1:b5:f4:0e:
53:af:85:66:15:f8:38:79:71:0c:e2:e0:58:78:b2:
74:fd:26:18:af:97:22:f4:69:bb:c1:c3:18:79:d1:
a7:08:ed:b8:fe:bc:ad:3c:db:3c:6b:ce:e2:c3:71:
a3:47:70:a7:20:6c:2f:f8:ce:03:0c:6c:03:b6:c9:
b9:a8:ba:a4:6e:50:57:19:b0:8c:09:ee:9c:5a:59:
1e:0b:58:0a:94:44:cf:79:3d:b6:be:33:a1:07:74:
5a:e0:e5:dc:24:b2:aa:9f:21:a0:56:11:86:83:72:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4F:29:BF:20:C1:11:CF:92:47:B1:FF:3C:D9:F5:F4:B6:96:4D:21
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Hk8pvyDBEc-SR7H_PNn19LaWTSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.150.0.0/24
185.165.45.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c0:5c:46:41:f3:86:f2:d4:cd:62:4f:98:5e:5e:c5:c2:21:
0b:41:2c:b5:c0:a2:f3:ac:c3:e9:cd:47:0a:6c:b1:fd:47:97:
5d:22:39:b0:fb:52:88:c1:6f:dd:fc:b6:04:78:f9:82:17:1e:
08:bb:56:20:4d:a9:86:7a:30:ee:08:b4:c7:6e:f0:54:ba:52:
eb:f4:6c:5f:e6:70:79:a0:c7:42:51:69:1a:ba:16:02:cb:f1:
f7:07:e4:fc:b5:ea:b1:e6:34:93:27:47:78:11:54:b9:33:84:
90:4b:7b:e0:09:fc:0e:9f:57:11:d8:9b:aa:3a:27:ad:42:3e:
06:11:28:b6:b8:a2:ed:a9:f0:51:b7:14:d7:dd:15:33:43:f7:
6d:bb:07:26:0d:b0:92:6d:fa:c0:71:8c:d3:6a:b4:69:94:cb:
4d:09:99:18:6b:5e:36:d2:ea:86:af:16:33:8a:a2:ba:fd:97:
e3:b2:d0:75:47:2a:ba:c1:b8:22:be:c0:7e:92:3b:c6:ca:92:
c7:0f:e5:14:01:92:7d:56:ad:67:54:38:ee:15:ee:ff:1f:5b:
85:7e:78:dc:7f:37:78:fb:3b:b9:5b:67:3d:c8:34:5b:f2:d5:
4d:b1:69:f0:a2:cc:ed:b2:1d:90:61:00:4a:d6:69:00:9c:e3:
36:2f:73:4b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY6eEH+DX0Uvi1USg+Klgrs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDAyMDkwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRmMjliZjIwYzExMWNmOTI0N2IxZmYzY2Q5ZjVmNGI2OTY0ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzlx87HKcsvz9OprFw2Wca8iF5Pb
GL/HVZ+UffMPQftPJ0mmWhVmdkFEIse/xlGJSIrAqUvE/eVLqxGth29z1svE5ihu
UjvQ7yiiexdFB+PgQ5zD/QExq2faHWbxrtvfPCl8lytCniKtyn5pffO/DwieyDet
RWz1kjpAhR4pYMqWc8LU08QK1nCqpLbf4fg5lNG19A5Tr4VmFfg4eXEM4uBYeLJ0
/SYYr5ci9Gm7wcMYedGnCO24/rytPNs8a87iw3GjR3CnIGwv+M4DDGwDtsm5qLqk
blBXGbCMCe6cWlkeC1gKlETPeT22vjOhB3Ra4OXcJLKqnyGgVhGGg3LXjQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB5PKb8gwRHPkkex/zzZ9fS2lk0hMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSGs4cHZ5REJFYy1TUjdIX1BObjE5TGFXVFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAuZYAAwQAuaUtAwQAvNXKAwQBwgVSAwQBwj0oAwQA
yxl8AwQAzEvlAwQA3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQA/wFxGQfOG8tTNYk+Y
Xl7FwiELQSy1wKLzrMPpzUcKbLH9R5ddIjmw+1KIwW/d/LYEePmCFx4Iu1YgTamG
ejDuCLTHbvBUulLr9Gxf5nB5oMdCUWkauhYCy/H3B+T8teqx5jSTJ0d4EVS5M4SQ
S3vgCfwOn1cR2JuqOietQj4GESi2uKLtqfBRtxTX3RUzQ/dtuwcmDbCSbfrAcYzT
arRplMtNCZkYa1420uqGrxYziqK6/ZfjstB1Ryq6wbgivsB+kjvGypLHD+UUAZJ9
Vq1nVDjuFe7/H1uFfnjcfzd4+zu5W2c9yDRb8tVNsWnwosztsh2QYQBK1mkAnOM2
L3NL
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:25:20 2024 by rpki-client on console-fra.rpki-client.org