Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HMRgbwe8h8qA0Bs2AtDOHLUbmvA.roa
File: HMRgbwe8h8qA0Bs2AtDOHLUbmvA.roa (raw, json)
Hash identifier: cBmquDDqCoE5I0hUUPzlSZaTfyCHrM26E5ETkZYz6BU=
Subject key identifier: 1C:C4:60:6F:07:BC:87:CA:80:D0:1B:36:02:D0:CE:1C:B5:1B:9A:F0
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019127DE487808697889CB72B3B58B87C6CB
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HMRgbwe8h8qA0Bs2AtDOHLUbmvA.roa
Signing time: Tue 06 Aug 2024 13:26:04 +0000
ROA not before: Tue 06 Aug 2024 13:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 45.11.186.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
2a05:9080:3::/48 maxlen: 48
2a05:9080:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 13 Oct 2024 04:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:de:48:78:08:69:78:89:cb:72:b3:b5:8b:87:c6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Aug 6 13:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc4606f07bc87ca80d01b3602d0ce1cb51b9af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:b9:bc:47:6e:e2:14:1e:91:a9:6b:78:7a:
93:2e:7b:c0:a2:52:dc:14:19:30:d4:02:51:a3:8f:
42:74:49:a0:7a:e4:cd:e6:b7:f2:9f:fd:50:4b:9d:
50:ae:bb:88:61:e4:e4:48:26:c3:b2:38:a3:1f:a4:
ca:c4:4a:6d:03:32:7d:f1:51:ff:39:55:fe:82:34:
27:53:41:a4:24:a0:15:3c:2f:56:c2:2f:cb:53:1d:
e7:3d:b7:2a:b3:86:23:f1:33:38:83:e2:aa:06:87:
2b:6b:f4:a0:34:7f:1c:25:46:63:b1:e5:d9:c3:6b:
4d:be:a8:a7:95:2c:4f:30:d5:26:10:0b:87:b5:d8:
48:36:c0:ec:bc:f0:b9:d9:aa:5b:a9:a9:f0:a6:ae:
66:03:72:3f:2b:25:52:34:9a:31:d7:b3:cc:6c:c0:
fd:a5:97:1d:fa:dd:84:e4:f7:35:9e:f9:2c:0f:49:
0d:26:c0:c1:ee:41:a7:28:bf:0d:98:c2:43:98:b4:
20:2a:86:7f:ae:39:e0:c5:02:38:ce:46:8e:09:aa:
4c:f4:76:30:f9:f6:72:9b:5a:bf:02:5e:0b:cc:60:
86:47:44:8d:b9:86:5e:59:7e:c4:7d:aa:0b:b8:e4:
0f:51:bc:62:6d:28:12:9f:42:00:71:ee:1c:8a:9c:
7a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C4:60:6F:07:BC:87:CA:80:D0:1B:36:02:D0:CE:1C:B5:1B:9A:F0
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/HMRgbwe8h8qA0Bs2AtDOHLUbmvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.186.0/24
45.81.16.0/22
185.201.49.0/24
IPv6:
2a05:9080:3::/48
2a05:9080:5::/48
Signature Algorithm: sha256WithRSAEncryption
ad:71:11:af:19:65:99:d1:ef:e4:48:e6:5e:08:2b:6f:22:96:
5f:61:3e:29:57:21:3f:91:59:7a:79:05:14:a0:e8:b5:5b:c0:
e3:d8:7e:20:49:53:4c:04:60:bb:75:45:a0:14:3d:bd:48:9e:
66:5c:3a:e3:5d:cf:9e:98:a8:c5:71:20:1d:cc:12:96:a4:ff:
ef:4c:82:6e:ca:5f:be:1e:cc:0f:72:af:ba:00:c0:c9:cf:be:
59:67:4b:ae:17:2f:08:10:50:5b:f0:b6:47:5e:69:75:37:54:
86:cd:59:70:e3:0e:4e:fd:81:a9:e3:60:99:27:38:bd:be:1a:
ce:a4:8e:e4:98:de:0b:3e:98:be:cc:98:ec:86:84:cd:3d:16:
b3:ca:84:f3:07:5e:d3:5e:34:6d:4c:51:04:6c:af:55:d6:50:
c9:44:09:52:5b:1f:48:4f:3d:b1:6d:f4:83:84:4b:4b:a5:5b:
8f:c2:6b:b3:6e:73:3d:a4:5c:30:6b:22:37:90:09:f2:a4:c5:
0b:cc:bb:e1:a7:19:e3:71:3a:ff:6e:cf:77:8f:e5:57:0e:16:
6f:23:47:ba:5f:90:70:20:64:87:bd:48:8c:2f:34:89:28:f5:
48:1c:d0:ce:c4:d4:b6:36:12:2f:05:4b:8c:28:0b:06:cd:b6:
3e:6e:41:60
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZEn3kh4CGl4ictys7WLh8bLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwODA2MTMyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M0NjA2ZjA3YmM4N2NhODBkMDFiMzYwMmQwY2UxY2I1MWI5YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNu5vEdu4hQekalreHqTLnvAolLc
FBkw1AJRo49CdEmgeuTN5rfyn/1QS51QrruIYeTkSCbDsjijH6TKxEptAzJ98VH/
OVX+gjQnU0GkJKAVPC9Wwi/LUx3nPbcqs4Yj8TM4g+KqBocra/SgNH8cJUZjseXZ
w2tNvqinlSxPMNUmEAuHtdhINsDsvPC52apbqanwpq5mA3I/KyVSNJox17PMbMD9
pZcd+t2E5Pc1nvksD0kNJsDB7kGnKL8NmMJDmLQgKoZ/rjngxQI4zkaOCapM9HYw
+fZym1q/Al4LzGCGR0SNuYZeWX7EfaoLuOQPUbxibSgSn0IAce4cipx6mQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBzEYG8HvIfKgNAbNgLQzhy1G5rwMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvSE1SZ2J3ZThoOHFBMEJzMkF0RE9ITFVibXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALQu6AwQC
LVEQAwQAuckxMBgEAgACMBIDBwAqBZCAAAMDBwAqBZCAAAUwDQYJKoZIhvcNAQEL
BQADggEBAK1xEa8ZZZnR7+RI5l4IK28ill9hPilXIT+RWXp5BRSg6LVbwOPYfiBJ
U0wEYLt1RaAUPb1InmZcOuNdz56YqMVxIB3MEpak/+9Mgm7KX74ezA9yr7oAwMnP
vllnS64XLwgQUFvwtkdeaXU3VIbNWXDjDk79ganjYJknOL2+Gs6kjuSY3gs+mL7M
mOyGhM09FrPKhPMHXtNeNG1MUQRsr1XWUMlECVJbH0hPPbFt9IOES0ulW4/Ca7Nu
cz2kXDBrIjeQCfKkxQvMu+GnGeNxOv9uz3eP5VcOFm8jR7pfkHAgZIe9SIwvNIko
9Ugc0M7E1LY2Ei8FS4woCwbNtj5uQWA=
Generated at Sun Oct 13 09:11:21 2024 by rpki-client on console-ams.rpki-client.org