Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/H-2bvEBo5PgmC45asBoVB9vRnJk.roa
File: H-2bvEBo5PgmC45asBoVB9vRnJk.roa (raw, json)
Hash identifier: VQk6uT2cGMZVO2Uigjg/NSj3/v9/YO0uQopLH1cAQAM=
Subject key identifier: 1F:ED:9B:BC:40:68:E4:F8:26:0B:8E:5A:B0:1A:15:07:DB:D1:9C:99
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 0191B242B8FD19BCF881DAFE786ED09B6405
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/H-2bvEBo5PgmC45asBoVB9vRnJk.roa
Signing time: Mon 02 Sep 2024 10:23:22 +0000
ROA not before: Mon 02 Sep 2024 10:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 12:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:42:b8:fd:19:bc:f8:81:da:fe:78:6e:d0:9b:64:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Sep 2 10:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fed9bbc4068e4f8260b8e5ab01a1507dbd19c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e3:ac:06:9a:03:10:2b:6b:1e:09:3d:3e:54:
86:ab:5c:20:07:b6:49:33:7b:b7:5e:ac:b7:f9:6d:
5c:67:fc:63:e4:70:2a:b1:e3:3e:17:a2:4d:f7:ca:
05:98:6c:f0:c0:e2:68:f7:b5:33:8f:cf:be:c5:8f:
0a:bf:45:cc:a3:85:b7:be:cf:be:ba:bc:31:03:d1:
7e:78:f9:91:09:03:fc:92:1e:40:5e:3e:41:6a:46:
14:cf:35:7a:c0:b3:15:ee:b8:92:a5:87:77:bd:d4:
af:bb:b4:93:ba:97:a9:eb:d4:85:a1:36:a6:41:fe:
b7:eb:17:30:7b:ad:c7:45:85:3b:79:a2:49:6f:77:
27:93:c9:39:45:6d:b4:c7:51:01:48:9c:29:df:04:
2a:6e:7b:cd:29:05:50:47:a7:f3:5a:35:5f:4a:b3:
26:23:5f:16:63:91:3f:69:a8:dd:f9:61:50:f3:77:
ad:6b:fd:03:fa:ea:d8:74:50:01:74:af:f3:64:87:
f3:72:0d:93:5b:4b:11:e9:1b:6c:1b:b6:dd:e0:80:
bd:23:21:32:cd:cb:cf:1c:29:bd:89:1a:e5:b4:a2:
ed:b9:21:b0:7d:05:66:d9:33:f4:34:6a:4e:bb:3f:
7f:6d:d4:ca:cd:da:ed:e3:ef:54:57:25:17:28:8a:
a6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:ED:9B:BC:40:68:E4:F8:26:0B:8E:5A:B0:1A:15:07:DB:D1:9C:99
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/H-2bvEBo5PgmC45asBoVB9vRnJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.40.0-85.192.42.255
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
185.125.100.0-185.125.102.255
Signature Algorithm: sha256WithRSAEncryption
6b:79:5e:64:66:98:cd:90:1b:2b:1d:b0:1f:9f:07:cf:bc:f8:
44:b5:fa:f1:bf:71:12:51:a9:17:56:d8:32:50:fb:33:ec:19:
e7:4e:86:29:88:f5:7b:ef:d6:3d:b0:ec:89:6d:10:97:82:79:
15:f5:eb:0d:ba:90:8f:70:7f:60:4a:22:0a:6a:99:40:55:9d:
5c:7f:fb:b2:42:1a:08:85:82:c7:d8:e2:0c:a5:b0:4b:c3:9c:
c3:d3:00:69:54:e1:8c:1e:c0:74:3f:3d:47:23:1f:bd:cb:50:
04:12:0d:8d:2a:e5:d1:4c:d3:81:85:be:d0:8f:f4:3f:1b:ec:
a8:36:60:38:4a:59:bf:7f:66:9b:67:88:36:be:dc:ae:d0:24:
20:ca:15:e1:69:f4:ab:20:a2:04:6b:09:32:72:6b:fc:51:8b:
67:73:cb:7a:e2:6c:29:a4:3d:31:c6:a2:81:b5:0a:cd:7e:6e:
47:93:42:46:80:a4:85:90:02:b7:98:40:eb:6a:b8:6a:d9:91:
ee:70:aa:f3:68:33:fa:3a:6c:6a:35:81:57:7b:a8:1a:cb:ba:
61:f3:30:32:ad:a4:71:d6:29:bf:bf:ce:6c:16:20:f8:52:cb:
d8:36:53:ba:ac:67:34:6d:46:57:66:6d:2c:d7:f5:31:81:4f:
d2:b1:94:e0
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZGyQrj9Gbz4gdr+eG7Qm2QFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQwOTAyMTAyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVkOWJiYzQwNjhlNGY4MjYwYjhlNWFiMDFhMTUwN2RiZDE5Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+OsBpoDECtrHgk9PlSGq1wgB7ZJ
M3u3Xqy3+W1cZ/xj5HAqseM+F6JN98oFmGzwwOJo97Uzj8++xY8Kv0XMo4W3vs++
urwxA9F+ePmRCQP8kh5AXj5BakYUzzV6wLMV7riSpYd3vdSvu7STupep69SFoTam
Qf636xcwe63HRYU7eaJJb3cnk8k5RW20x1EBSJwp3wQqbnvNKQVQR6fzWjVfSrMm
I18WY5E/aajd+WFQ83eta/0D+urYdFABdK/zZIfzcg2TW0sR6RtsG7bd4IC9IyEy
zcvPHCm9iRrltKLtuSGwfQVm2TP0NGpOuz9/bdTKzdrt4+9UVyUXKIqmvQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB/tm7xAaOT4JguOWrAaFQfb0ZyZMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvSC0yYnZFQm81UGdtQzQ1YXNCb1ZCOXZSbkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAFPicID
BANPicAwDAMEAU+JygMEBE+JwAMEAE+J+DAMAwQDVcAoAwQAVcAqAwQAVcA4AwQB
VcA8AwQAVcA/AwQBWdBgMAwDBABZ0GcDBAJZ0GgwDAMEArl9ZAMEALl9ZjANBgkq
hkiG9w0BAQsFAAOCAQEAa3leZGaYzZAbKx2wH58Hz7z4RLX68b9xElGpF1bYMlD7
M+wZ506GKYj1e+/WPbDsiW0Ql4J5FfXrDbqQj3B/YEoiCmqZQFWdXH/7skIaCIWC
x9jiDKWwS8Ocw9MAaVThjB7AdD89RyMfvctQBBINjSrl0UzTgYW+0I/0PxvsqDZg
OEpZv39mm2eINr7crtAkIMoV4Wn0qyCiBGsJMnJr/FGLZ3PLeuJsKaQ9McaigbUK
zX5uR5NCRoCkhZACt5hA62q4atmR7nCq82gz+jpsajWBV3uoGsu6YfMwMq2kcdYp
v7/ObBYg+FLL2DZTuqxnNG1GV2ZtLNf1MYFP0rGU4A==
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org