Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/h5JxUNL9M1bzJb-lbWQAAE0ghK8.roa
File: h5JxUNL9M1bzJb-lbWQAAE0ghK8.roa (raw, json)
Hash identifier: xsSVeHsZp33OtCJBlMPujQidhm87JnhrJLopQIwZNr4=
Subject key identifier: 87:92:71:50:D2:FD:33:56:F3:25:BF:A5:6D:64:00:00:4D:20:84:AF
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018CC56F090DCB4CEF45991879AD2FCB9FE5
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/h5JxUNL9M1bzJb-lbWQAAE0ghK8.roa
Signing time: Mon 01 Jan 2024 14:30:37 +0000
ROA not before: Mon 01 Jan 2024 14:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211545
IP address blocks: 82.119.71.0/24 maxlen: 24
176.67.237.0/24 maxlen: 24
176.67.236.0/24 maxlen: 24
176.67.239.0/24 maxlen: 24
89.252.204.0/24 maxlen: 24
89.252.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:09:0d:cb:4c:ef:45:99:18:79:ad:2f:cb:9f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 14:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87927150d2fd3356f325bfa56d6400004d2084af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fa:13:b6:b6:c2:98:ae:ef:6c:3f:12:ff:b7:
84:1b:7e:24:d1:07:1e:7f:ed:59:05:ad:de:63:6d:
71:e2:54:96:1a:80:78:2a:14:6f:e9:73:24:84:83:
8a:0b:2c:40:7b:ee:71:c4:dc:4e:15:68:18:42:f6:
0a:36:7a:64:3d:35:31:be:af:57:a4:f8:a7:8e:98:
7a:10:94:ed:3a:17:e4:75:21:8c:cc:17:06:57:e1:
cd:e6:56:3e:f3:3a:a1:37:9a:0e:51:0f:93:8f:8f:
2a:1d:79:f9:19:a1:7b:53:62:1a:b7:f5:92:24:86:
cc:36:8c:5d:aa:a2:76:e2:59:5a:1e:bb:74:4a:fa:
ab:5c:35:66:9d:b0:ef:5a:14:ea:8a:b5:56:61:57:
f8:40:61:47:a7:82:8b:19:29:4c:e0:1c:d8:50:91:
3b:b9:a8:47:b5:1f:2e:92:d3:73:f9:01:87:ac:79:
24:d0:f1:65:de:0b:f1:2f:9c:70:47:f7:44:81:ec:
bb:95:4b:97:71:f7:d2:53:64:a9:2f:d2:02:59:40:
93:a0:1f:15:34:36:af:b3:d1:17:73:e5:e2:9a:1b:
16:95:17:70:8c:ac:aa:c7:59:6d:b7:05:68:cf:b1:
df:62:1c:ea:a9:18:b8:da:63:95:09:b9:8d:dd:3a:
c4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:92:71:50:D2:FD:33:56:F3:25:BF:A5:6D:64:00:00:4D:20:84:AF
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/h5JxUNL9M1bzJb-lbWQAAE0ghK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.71.0/24
89.252.204.0/23
176.67.236.0/23
176.67.239.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d1:c8:34:4f:ec:45:08:3d:98:ff:ba:39:c2:54:a9:68:31:
65:6c:22:f8:0e:cc:b1:d3:d9:48:97:b3:16:13:df:87:f3:af:
5e:6a:9a:31:44:c7:29:0a:a8:9f:a3:c4:84:d8:58:d8:43:6e:
1e:1d:a8:3e:15:b4:99:72:56:71:82:9a:4b:80:2c:0b:03:e2:
73:2d:9e:72:97:75:83:27:6b:03:93:16:26:4f:e6:c9:1f:76:
63:c4:a3:77:e1:1c:d0:8a:9e:1e:28:83:30:e4:de:7a:27:0b:
30:bd:12:f6:a3:0f:14:f9:c2:1d:aa:0a:0a:97:a7:e5:6e:15:
92:21:e4:da:71:22:a8:72:7b:05:3e:32:10:64:e8:46:aa:c1:
5f:2f:6d:6e:e4:01:b0:94:25:ec:f5:bb:a1:95:b0:f3:4e:b1:
9e:cb:53:e1:42:a6:93:86:7b:31:ff:ee:6c:8f:5e:06:29:ae:
32:59:70:5f:78:b3:ae:d1:88:99:6d:46:7d:a4:51:14:52:6b:
00:30:f2:37:4a:63:a8:a8:96:ab:b1:f7:cd:72:96:a9:cb:b9:
e5:06:f0:b0:14:51:ab:0f:ca:3b:ea:3d:e3:e7:e7:a5:58:32:
e9:75:a4:fc:85:f2:c1:ed:47:d3:91:6b:da:2e:ef:89:27:70:
74:24:57:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbwkNy0zvRZkYea0vy5/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwMTAxMTQzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkyNzE1MGQyZmQzMzU2ZjMyNWJmYTU2ZDY0MDAwMDRkMjA4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/oTtrbCmK7vbD8S/7eEG34k0Qce
f+1ZBa3eY21x4lSWGoB4KhRv6XMkhIOKCyxAe+5xxNxOFWgYQvYKNnpkPTUxvq9X
pPinjph6EJTtOhfkdSGMzBcGV+HN5lY+8zqhN5oOUQ+Tj48qHXn5GaF7U2Iat/WS
JIbMNoxdqqJ24llaHrt0SvqrXDVmnbDvWhTqirVWYVf4QGFHp4KLGSlM4BzYUJE7
uahHtR8uktNz+QGHrHkk0PFl3gvxL5xwR/dEgey7lUuXcffSU2SpL9ICWUCToB8V
NDavs9EXc+XimhsWlRdwjKyqx1lttwVoz7HfYhzqqRi42mOVCbmN3TrEAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIeScVDS/TNW8yW/pW1kAABNIISvMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvaDVKeFVOTDlNMWJ6SmItbGJXUUFBRTBnaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUndHAwQB
WfzMAwQBsEPsAwQAsEPvMA0GCSqGSIb3DQEBCwUAA4IBAQC30cg0T+xFCD2Y/7o5
wlSpaDFlbCL4Dsyx09lIl7MWE9+H869eapoxRMcpCqifo8SE2FjYQ24eHag+FbSZ
clZxgppLgCwLA+JzLZ5yl3WDJ2sDkxYmT+bJH3ZjxKN34RzQip4eKIMw5N56Jwsw
vRL2ow8U+cIdqgoKl6flbhWSIeTacSKocnsFPjIQZOhGqsFfL21u5AGwlCXs9buh
lbDzTrGey1PhQqaThnsx/+5sj14GKa4yWXBfeLOu0YiZbUZ9pFEUUmsAMPI3SmOo
qJarsffNcpapy7nlBvCwFFGrD8o76j3j5+elWDLpdaT8hfLB7UfTkWvaLu+JJ3B0
JFda
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:48:57 2025 by rpki-client