Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfSclpdbBHtuTQYxEmA7GUqnZoE.roa
File: hfSclpdbBHtuTQYxEmA7GUqnZoE.roa (raw, json)
Hash identifier: /lbPTbfaDeL39fllRmWpipWQYZhBCrFrKbwlBZEaZf4=
Subject key identifier: 85:F4:9C:96:97:5B:04:7B:6E:4D:06:31:12:60:3B:19:4A:A7:66:81
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018988CA9B77816C4A03B9507CE2B1F60B89
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfSclpdbBHtuTQYxEmA7GUqnZoE.roa
Signing time: Mon 24 Jul 2023 16:45:26 +0000
ROA not before: Mon 24 Jul 2023 16:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Sep 2023 20:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:ca:9b:77:81:6c:4a:03:b9:50:7c:e2:b1:f6:0b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 24 16:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85f49c96975b047b6e4d063112603b194aa76681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c1:83:d9:b3:db:d8:c9:b9:09:d6:74:7b:92:
33:2c:67:c0:cf:75:61:f9:8c:e6:7e:82:7c:c5:e2:
58:f1:4e:84:92:20:f7:6f:bd:8d:72:bc:5f:47:55:
0e:f6:f5:47:69:dc:fa:58:20:a5:aa:71:56:3e:34:
a0:b4:4a:67:31:87:c5:9b:94:08:54:a1:89:9f:43:
d1:ea:60:64:14:a6:61:8d:32:cf:ea:1e:35:90:d2:
db:91:76:01:c3:a6:ba:76:32:35:7d:0d:64:81:08:
a2:30:b3:71:84:1f:2d:3e:ba:2d:e8:4b:4a:b8:dc:
a0:9c:92:0b:d4:48:d1:ba:25:5f:da:0e:a2:fd:49:
05:c6:e8:fd:69:78:83:cd:78:ae:26:f0:8a:a6:6d:
3d:33:fd:1e:6b:9a:13:4f:6d:1b:98:d1:a5:7a:8a:
4d:06:14:a2:1a:1c:63:a4:9b:63:a0:87:44:d4:33:
aa:05:d2:68:89:a3:05:06:97:41:6a:e5:a4:78:cb:
a0:49:c5:29:90:b6:49:fc:c4:4d:49:58:94:4e:b5:
f0:84:78:b7:97:ee:e7:19:17:30:23:cd:ca:f3:31:
28:c6:3b:0e:7b:34:71:ee:68:52:d9:ef:a6:8f:99:
95:07:1e:b0:5c:64:a1:44:25:c6:6a:f7:20:b4:02:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F4:9C:96:97:5B:04:7B:6E:4D:06:31:12:60:3B:19:4A:A7:66:81
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hfSclpdbBHtuTQYxEmA7GUqnZoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
194.67.200.0/23
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
95:27:84:2e:37:ed:60:a7:c5:14:c1:3f:7a:20:cb:15:21:9a:
5c:34:c0:17:6e:d5:4c:80:20:0d:de:ef:31:f4:ef:fc:c7:cf:
62:05:ca:fb:f9:4b:ac:65:47:63:c4:4f:ad:30:2a:1f:03:ed:
20:9f:8e:2b:d9:b4:1b:70:8e:13:29:82:80:58:9c:7d:09:d6:
37:a6:8d:76:4c:75:4e:79:60:91:24:dc:36:67:52:89:63:a5:
48:3c:6f:9f:e3:73:08:74:a9:e8:d3:bd:ab:71:60:34:28:92:
18:c5:c2:90:51:d3:89:2c:a1:44:8f:23:af:c3:d5:2e:ac:e7:
29:45:26:4e:9a:f9:92:79:8c:90:fd:88:3f:4e:ac:11:a6:23:
6f:95:34:a8:9e:9f:36:bb:39:52:bf:5b:fc:3d:7f:68:07:5b:
89:42:ec:1b:a6:93:a6:c8:81:82:ec:49:05:57:97:c4:42:fc:
00:81:a3:71:6b:ed:18:28:ee:ed:de:d2:fa:98:b1:63:df:69:
fe:14:be:71:a9:6d:99:11:c9:60:04:a3:f0:01:08:6e:e1:0b:
57:de:55:5f:c4:61:94:5c:75:82:98:20:0b:74:d2:12:13:de:
c7:4f:0d:f4:43:6b:ee:0b:a4:35:ae:ae:47:8e:24:1d:9e:2e:
77:8a:e4:21
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYmIypt3gWxKA7lQfOKx9guJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzI0MTY0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY0OWM5Njk3NWIwNDdiNmU0ZDA2MzExMjYwM2IxOTRhYTc2NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMGD2bPb2Mm5CdZ0e5IzLGfAz3Vh
+YzmfoJ8xeJY8U6EkiD3b72NcrxfR1UO9vVHadz6WCClqnFWPjSgtEpnMYfFm5QI
VKGJn0PR6mBkFKZhjTLP6h41kNLbkXYBw6a6djI1fQ1kgQiiMLNxhB8tProt6EtK
uNygnJIL1EjRuiVf2g6i/UkFxuj9aXiDzXiuJvCKpm09M/0ea5oTT20bmNGleopN
BhSiGhxjpJtjoIdE1DOqBdJoiaMFBpdBauWkeMugScUpkLZJ/MRNSViUTrXwhHi3
l+7nGRcwI83K8zEoxjsOezRx7mhS2e+mj5mVBx6wXGShRCXGavcgtAI61wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFIX0nJaXWwR7bk0GMRJgOxlKp2aBMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaGZTY2xwZGJCSHR1VFFZeEVtQTdHVXFuWm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAQW0iAME
AAX8dAMEAC1ZQAMEAC2F9QMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AMEALkRAgME
ALlepwMEALlo+gMEALlpdgMEALm8tQMEAMFtVAMEAMI1NgMEAcJDyAMEAMNCVzAN
BAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAlSeELjftYKfFFME/eiDL
FSGaXDTAF27VTIAgDd7vMfTv/MfPYgXK+/lLrGVHY8RPrTAqHwPtIJ+OK9m0G3CO
EymCgFicfQnWN6aNdkx1TnlgkSTcNmdSiWOlSDxvn+NzCHSp6NO9q3FgNCiSGMXC
kFHTiSyhRI8jr8PVLqznKUUmTpr5knmMkP2IP06sEaYjb5U0qJ6fNrs5Ur9b/D1/
aAdbiULsG6aTpsiBguxJBVeXxEL8AIGjcWvtGCju7d7S+pixY99p/hS+caltmRHJ
YASj8AEIbuELV95VX8RhlFx1gpggC3TSEhPex08N9ENr7gukNa6uR44kHZ4ud4rk
IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org