Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HQplsWtpUoIWIUpvZwWJc9PFXzs.roa
File: HQplsWtpUoIWIUpvZwWJc9PFXzs.roa (raw, json)
Hash identifier: hjiNHg9JocaRKaFUZAMdP5z0UjyvhNu+500Tl/9bIuo=
Subject key identifier: 1D:0A:65:B1:6B:69:52:82:16:21:4A:6F:67:05:89:73:D3:C5:5F:3B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018EE1F61F02DB4F4445AA544627BF8E0F23
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HQplsWtpUoIWIUpvZwWJc9PFXzs.roa
Signing time: Mon 15 Apr 2024 13:33:07 +0000
ROA not before: Mon 15 Apr 2024 13:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202636
IP address blocks: 37.32.96.0/23 maxlen: 23
45.134.87.0/24 maxlen: 24
93.189.121.0/24 maxlen: 24
93.189.122.0/24 maxlen: 24
185.150.77.0/24 maxlen: 24
185.150.78.0/23 maxlen: 23
185.179.233.0/24 maxlen: 24
185.179.235.0/24 maxlen: 24
185.191.44.0/22 maxlen: 22
185.218.18.0/24 maxlen: 24
185.227.205.0/24 maxlen: 24
185.239.254.0/24 maxlen: 24
185.248.200.0/22 maxlen: 24
185.252.44.0/22 maxlen: 22
194.35.41.0/24 maxlen: 24
194.41.116.0/23 maxlen: 23
194.41.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 May 2024 15:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:f6:1f:02:db:4f:44:45:aa:54:46:27:bf:8e:0f:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 15 13:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d0a65b16b69528216214a6f67058973d3c55f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:48:64:9a:d2:ab:0d:7f:8b:f2:f8:3a:95:
62:e9:d3:97:72:27:d9:9e:0b:6e:23:1c:8a:d1:73:
10:cc:59:89:9f:f1:3e:d4:be:39:ff:e3:d3:4d:f6:
f7:ad:5b:bd:2c:c4:4b:3f:9b:20:e5:bb:69:2e:4a:
d8:36:b9:ca:c2:8a:fa:75:a5:3f:b7:b8:d0:fd:7e:
80:33:55:fa:9e:50:3a:c4:96:a8:8d:ca:86:4f:b3:
ab:3d:af:7f:5d:0e:bf:f2:04:95:cc:ab:40:68:d4:
ff:7b:ec:63:b3:bf:49:8e:02:69:8b:10:ff:7d:4e:
2b:14:d2:b2:a4:a7:bf:f0:3b:ed:24:38:2d:e1:ab:
53:1c:84:14:bb:78:20:c1:bf:80:dd:f4:c8:2c:1c:
10:ea:21:0b:0d:1e:60:a7:df:05:ac:ed:eb:1c:93:
45:f1:90:99:9b:2b:9b:a4:38:32:78:89:86:f1:05:
95:c2:d8:38:ea:db:f6:89:47:f0:78:65:34:cf:08:
e8:c9:f9:5a:47:3a:68:40:d9:1b:29:3f:b2:16:f1:
e2:40:ef:21:7f:41:35:58:ac:55:99:26:3a:9f:ba:
01:9d:cb:d6:68:8f:57:60:52:07:f5:b1:c1:c6:8e:
f0:c0:d8:80:44:e3:2e:f2:5c:0a:40:81:aa:a6:26:
5c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0A:65:B1:6B:69:52:82:16:21:4A:6F:67:05:89:73:D3:C5:5F:3B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HQplsWtpUoIWIUpvZwWJc9PFXzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.96.0/23
45.134.87.0/24
93.189.121.0-93.189.122.255
185.150.77.0-185.150.79.255
185.179.233.0/24
185.179.235.0/24
185.191.44.0/22
185.218.18.0/24
185.227.205.0/24
185.239.254.0/24
185.248.200.0/22
185.252.44.0/22
194.35.41.0/24
194.41.116.0/22
Signature Algorithm: sha256WithRSAEncryption
83:e6:b7:55:8d:75:b5:23:5a:08:8c:26:51:d8:3b:64:3e:a5:
35:a1:e1:b8:c0:ee:52:9a:20:5e:81:a8:d9:21:77:33:0c:8b:
20:66:01:28:57:ad:dc:7f:5f:bd:7b:20:b2:a1:92:46:2e:7a:
8a:5c:c8:9f:61:1d:48:67:09:1d:97:75:59:62:74:ea:17:75:
47:a8:78:26:cf:45:e3:19:58:e7:48:93:0b:ce:ad:e5:6c:41:
9c:03:b6:fc:5e:22:82:c3:aa:c7:0e:da:64:ac:b9:ef:c0:82:
c8:e9:b9:34:eb:27:0c:17:9c:3a:13:03:bb:a5:f1:bb:ab:fc:
28:03:6e:d4:e4:5b:c0:08:10:f6:83:d4:86:23:e2:58:b1:45:
43:fd:bd:20:2e:68:1c:58:bd:6b:aa:5b:08:37:9e:95:f4:05:
f7:b8:72:42:3b:59:0e:31:a9:03:9f:f3:29:56:ab:b4:a0:97:
78:35:ad:35:b1:30:16:cc:d6:df:2f:a5:71:7a:49:d5:65:a2:
ad:36:20:24:84:1f:a7:59:fc:ef:2e:b7:e8:9f:1d:ae:95:f5:
41:c0:94:3d:ea:35:70:60:44:f9:6c:34:2a:41:a1:53:5d:35:
51:12:fa:19:4b:97:a2:b0:b6:92:8b:f6:2e:3e:29:cc:52:37:
44:0b:3f:0a
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY7h9h8C209ERapURie/jg8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDE1MTMzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBhNjViMTZiNjk1MjgyMTYyMTRhNmY2NzA1ODk3M2QzYzU1ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU5IZJrSqw1/i/L4OpVi6dOXcifZ
ngtuIxyK0XMQzFmJn/E+1L45/+PTTfb3rVu9LMRLP5sg5btpLkrYNrnKwor6daU/
t7jQ/X6AM1X6nlA6xJaojcqGT7OrPa9/XQ6/8gSVzKtAaNT/e+xjs79JjgJpixD/
fU4rFNKypKe/8DvtJDgt4atTHIQUu3ggwb+A3fTILBwQ6iELDR5gp98FrO3rHJNF
8ZCZmyubpDgyeImG8QWVwtg46tv2iUfweGU0zwjoyflaRzpoQNkbKT+yFvHiQO8h
f0E1WKxVmSY6n7oBncvWaI9XYFIH9bHBxo7wwNiAROMu8lwKQIGqpiZcYwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB0KZbFraVKCFiFKb2cFiXPTxV87MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSFFwbHNXdHBVb0lXSVVwdlp3V0pjOVBGWHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBJSBgAwQA
LYZXMAwDBABdvXkDBABdvXowDAMEALmWTQMEBLmWQAMEALmz6QMEALmz6wMEArm/
LAMEALnaEgMEALnjzQMEALnv/gMEArn4yAMEArn8LAMEAMIjKQMEAsIpdDANBgkq
hkiG9w0BAQsFAAOCAQEAg+a3VY11tSNaCIwmUdg7ZD6lNaHhuMDuUpogXoGo2SF3
MwyLIGYBKFet3H9fvXsgsqGSRi56ilzIn2EdSGcJHZd1WWJ06hd1R6h4Js9F4xlY
50iTC86t5WxBnAO2/F4igsOqxw7aZKy578CCyOm5NOsnDBecOhMDu6Xxu6v8KANu
1ORbwAgQ9oPUhiPiWLFFQ/29IC5oHFi9a6pbCDeelfQF97hyQjtZDjGpA5/zKVar
tKCXeDWtNbEwFszW3y+lcXpJ1WWirTYgJIQfp1n87y636J8drpX1QcCUPeo1cGBE
+Ww0KkGhU101URL6GUuXorC2kov2Lj4pzFI3RAs/Cg==
-----END CERTIFICATE-----
Generated at Thu May 2 18:54:45 2024 by rpki-client on console-ams.rpki-client.org