Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/h6nr2QHHaMf32Q1LoXYTolQ2Og4.roa
File: h6nr2QHHaMf32Q1LoXYTolQ2Og4.roa (raw, json)
Hash identifier: fEnrTEpQm3bKqN+h4ouXnxhF+MryjLPXY9TpRH3N53U=
Subject key identifier: 87:A9:EB:D9:01:C7:68:C7:F7:D9:0D:4B:A1:76:13:A2:54:36:3A:0E
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018FB904116FA46C84364B1C166228850CE8
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/h6nr2QHHaMf32Q1LoXYTolQ2Og4.roa
Signing time: Mon 27 May 2024 07:46:42 +0000
ROA not before: Mon 27 May 2024 07:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6698
IP address blocks: 45.11.57.0/24 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
128.0.104.0/24 maxlen: 24
176.97.112.0/23 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.115.0/24 maxlen: 24
176.97.116.0/22 maxlen: 22
176.97.122.0/23 maxlen: 23
176.97.124.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 13:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:04:11:6f:a4:6c:84:36:4b:1c:16:62:28:85:0c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: May 27 07:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a9ebd901c768c7f7d90d4ba17613a254363a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0d:57:87:ce:de:ad:8e:1e:78:61:61:59:94:
41:82:d0:e9:76:8c:72:a0:9b:ee:8f:32:37:32:91:
ba:f7:9e:3f:48:35:7a:37:45:af:bf:8c:0f:8b:0d:
20:cf:03:fb:93:f9:95:55:5e:8c:bb:c2:02:c9:7b:
e0:1b:d7:bd:dd:c9:68:93:f9:b6:d7:12:a9:34:f3:
2e:d7:d6:2c:57:05:60:8f:fc:f4:f6:95:d5:bf:9c:
c5:8d:59:5e:6c:ba:a7:9a:22:58:58:6d:63:7b:8c:
94:9a:1f:1f:31:16:46:d7:d6:51:26:eb:80:1b:aa:
cd:04:d8:37:21:40:e4:c5:cc:0f:bf:79:f3:ec:66:
5c:84:3c:b4:59:71:42:50:bb:af:4c:ba:ad:11:87:
6f:8a:dc:ea:b8:95:63:87:4c:94:67:a3:82:72:76:
33:c9:a9:b5:50:b3:c1:7c:76:67:32:ec:68:32:46:
fc:3f:a1:30:8e:9e:2d:45:3f:55:b6:5a:f1:f5:97:
5b:20:e0:f1:d8:b0:d4:71:a8:4f:8a:07:2e:75:66:
1d:ea:b1:5e:53:b2:a9:dc:c5:47:09:1b:7a:4a:7d:
fc:55:cd:88:3e:ad:01:08:a3:ae:2e:47:6c:15:cd:
ee:4f:76:22:06:ad:5f:a8:7f:b8:a5:ac:b7:3c:8e:
1e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A9:EB:D9:01:C7:68:C7:F7:D9:0D:4B:A1:76:13:A2:54:36:3A:0E
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/h6nr2QHHaMf32Q1LoXYTolQ2Og4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
128.0.104.0/24
176.97.112.0/21
176.97.122.0-176.97.124.255
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
1b:5f:fb:3f:f9:a7:95:29:52:69:0b:62:47:dd:b3:5a:a7:a7:
a0:aa:51:5e:1e:cf:ef:9c:0d:b0:62:fe:7a:22:65:ab:f6:3a:
d7:8a:f6:23:30:cf:0e:4f:ea:df:e2:5c:08:36:1f:a0:c5:5d:
a3:e5:35:dd:12:22:d2:d8:4f:0a:03:a9:41:71:f4:db:e6:c3:
d5:bb:c7:81:67:62:f3:f7:17:cc:3b:71:4f:d1:b6:8b:c9:d0:
31:14:d3:eb:7f:0a:06:58:df:b2:9d:0f:5b:d5:d7:35:f0:56:
47:ca:03:85:73:bc:b8:39:01:46:b0:9d:51:a7:76:d5:47:9d:
5a:48:3c:7c:e7:5d:7c:b4:05:a2:3a:c2:6b:3b:8d:31:15:33:
5b:fd:2a:bc:f9:68:4b:14:8e:2a:e4:e4:47:30:9e:4c:88:b5:
9d:61:4e:15:f0:70:48:cf:98:44:ab:bf:ab:df:2c:9a:9f:59:
6d:35:1a:7e:18:66:b0:e7:f8:b7:c9:5f:d7:62:d2:eb:37:d0:
af:a5:4b:89:86:11:cd:87:61:2f:01:bf:a6:7d:af:69:11:d0:
10:47:95:17:6d:a6:50:e8:44:29:8e:56:2d:d5:4d:6a:03:82:
c4:66:fd:05:fe:cf:8f:31:57:1b:9c:69:ae:ea:cf:ca:a2:68:
f0:fa:d0:c3
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAY+5BBFvpGyENkscFmIohQzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwNTI3MDc0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E5ZWJkOTAxYzc2OGM3ZjdkOTBkNGJhMTc2MTNhMjU0MzYzYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ1Xh87erY4eeGFhWZRBgtDpdoxy
oJvujzI3MpG6954/SDV6N0Wvv4wPiw0gzwP7k/mVVV6Mu8ICyXvgG9e93clok/m2
1xKpNPMu19YsVwVgj/z09pXVv5zFjVlebLqnmiJYWG1je4yUmh8fMRZG19ZRJuuA
G6rNBNg3IUDkxcwPv3nz7GZchDy0WXFCULuvTLqtEYdvitzquJVjh0yUZ6OCcnYz
yam1ULPBfHZnMuxoMkb8P6Ewjp4tRT9Vtlrx9ZdbIODx2LDUcahPigcudWYd6rFe
U7Kp3MVHCRt6Sn38Vc2IPq0BCKOuLkdsFc3uT3YiBq1fqH+4pay3PI4eowIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFIep69kBx2jH99kNS6F2E6JUNjoOMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvaDZucjJRSEhhTWYzMlExTG9YWVRvbFEyT2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQAgABoAwQDsGFwMAwDBAGwYXoDBACwYXwDBACwdx8D
BAC5/scDBADCKswDBADDQtIDBAHDgPgwDQQCAAIwBwMFACoJLcIwDQYJKoZIhvcN
AQELBQADggEBABtf+z/5p5UpUmkLYkfds1qnp6CqUV4ez++cDbBi/noiZav2OteK
9iMwzw5P6t/iXAg2H6DFXaPlNd0SItLYTwoDqUFx9Nvmw9W7x4FnYvP3F8w7cU/R
tovJ0DEU0+t/CgZY37KdD1vV1zXwVkfKA4VzvLg5AUawnVGndtVHnVpIPHznXXy0
BaI6wms7jTEVM1v9Krz5aEsUjirk5EcwnkyItZ1hThXwcEjPmESrv6vfLJqfWW01
Gn4YZrDn+LfJX9di0us30K+lS4mGEc2HYS8Bv6Z9r2kR0BBHlRdtplDoRCmOVi3V
TWoDgsRm/QX+z48xVxucaa7qz8qiaPD60MM=
-----END CERTIFICATE-----
Generated at Mon Jun 10 16:21:31 2024 by rpki-client on console-fra.rpki-client.org