Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HTHveautTuLIv4SjU_wWfx2EosY.roa
File: HTHveautTuLIv4SjU_wWfx2EosY.roa (raw, json)
Hash identifier: kW+JSaTnsDFcbIhLK8NaUSog0sBX30tiSdXmCoZM0FY=
Subject key identifier: 1D:31:EF:79:AB:AD:4E:E2:C8:BF:84:A3:53:FC:16:7F:1D:84:A2:C6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194075FB09CE215B927C904A1B20C646186
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HTHveautTuLIv4SjU_wWfx2EosY.roa
Signing time: Fri 27 Dec 2024 09:08:19 +0000
ROA not before: Fri 27 Dec 2024 09:08:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.122.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 11:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:5f:b0:9c:e2:15:b9:27:c9:04:a1:b2:0c:64:61:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 27 09:08:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d31ef79abad4ee2c8bf84a353fc167f1d84a2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:67:b1:cf:86:0b:a0:69:08:76:9d:42:f2:4c:
cc:0b:8e:7d:b2:1e:cb:79:4c:11:7b:1a:e0:78:d9:
df:be:3c:26:07:02:a5:ff:de:3d:b6:d0:d6:63:89:
21:e0:b2:1f:a9:fc:1a:47:2b:8e:01:14:b3:ba:76:
7f:57:7b:10:41:e4:c7:46:b0:b2:30:c8:5e:c0:d5:
ce:f2:d8:b8:49:86:49:3e:5c:4b:30:ea:53:68:77:
d0:5f:8a:bd:4d:83:be:b1:0c:7f:6b:1b:f0:a4:77:
b4:e9:5d:61:71:eb:b4:f1:20:d6:07:05:da:f8:e7:
1f:de:ce:32:2b:c0:49:e8:16:5e:ce:75:4c:b8:14:
f2:e8:a4:2d:97:c2:15:29:7a:98:f0:4e:31:85:28:
43:c7:2c:45:90:0c:e9:0d:59:c0:9e:82:2b:53:f0:
d5:bc:03:47:aa:85:87:f0:71:ff:cc:2a:e7:b2:ca:
fd:9f:5e:07:77:c4:51:0e:83:e1:e8:a3:59:64:16:
07:d1:94:06:61:12:cf:ee:b3:7e:54:94:ed:bf:cc:
2b:85:b1:94:42:7a:6a:86:15:b9:47:99:d8:0e:8b:
6e:38:f9:13:65:63:fc:6b:b4:19:fa:34:60:fc:97:
ac:45:04:e8:10:43:d7:17:cc:9c:aa:18:81:da:6c:
44:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:31:EF:79:AB:AD:4E:E2:C8:BF:84:A3:53:FC:16:7F:1D:84:A2:C6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HTHveautTuLIv4SjU_wWfx2EosY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.230.53.0/24
185.234.22.0/24
185.240.122.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
97:d1:f3:40:2a:87:b9:e2:77:87:80:55:f0:5b:e4:4c:b5:ec:
62:e8:1f:98:bb:f3:df:cd:31:96:30:4c:81:06:ba:67:1b:f2:
42:14:65:6c:53:f5:d5:a5:f9:5a:85:8f:44:db:74:13:13:1e:
23:79:eb:73:7b:e5:8b:dc:ef:5a:82:bd:bc:3d:09:8a:64:ee:
e3:a2:55:7c:6f:b4:1d:94:a2:33:a6:bf:33:fc:c0:b7:3d:40:
98:45:bd:a1:5b:19:2a:e4:30:8c:9a:3f:78:4e:5d:01:7d:b4:
fc:c3:91:3c:11:8e:f5:03:9e:8f:e6:2c:5c:51:ec:ce:ce:20:
6b:7f:f9:a5:fa:e1:dd:8b:90:b9:2e:05:17:bd:94:06:e0:29:
74:bc:6c:58:81:03:13:a7:46:57:7f:c3:ca:c6:c7:83:67:f8:
59:e0:96:27:76:74:b1:06:17:8c:fc:40:91:22:1b:23:6d:d6:
8a:ae:77:43:2d:5c:ed:9e:bc:90:8a:fe:03:d7:1f:51:5f:b7:
82:72:a4:73:cb:88:d5:e1:6e:39:ca:80:66:b1:3f:5e:17:b8:
44:d5:62:c2:7e:9d:66:0e:f2:ac:51:1f:e7:2f:0e:2b:12:b1:
5f:63:ab:33:fa:32:ec:a9:5b:d6:c4:99:b6:80:6a:9e:d5:f4:
38:0f:22:7b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQHX7Cc4hW5J8kEobIMZGGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjI3MDkwODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMxZWY3OWFiYWQ0ZWUyYzhiZjg0YTM1M2ZjMTY3ZjFkODRhMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWexz4YLoGkIdp1C8kzMC459sh7L
eUwRexrgeNnfvjwmBwKl/949ttDWY4kh4LIfqfwaRyuOARSzunZ/V3sQQeTHRrCy
MMhewNXO8ti4SYZJPlxLMOpTaHfQX4q9TYO+sQx/axvwpHe06V1hceu08SDWBwXa
+Ocf3s4yK8BJ6BZeznVMuBTy6KQtl8IVKXqY8E4xhShDxyxFkAzpDVnAnoIrU/DV
vANHqoWH8HH/zCrnssr9n14Hd8RRDoPh6KNZZBYH0ZQGYRLP7rN+VJTtv8wrhbGU
QnpqhhW5R5nYDotuOPkTZWP8a7QZ+jRg/JesRQToEEPXF8ycqhiB2mxEXwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB0x73mrrU7iyL+Eo1P8Fn8dhKLGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSFRIdmVhdXRUdUxJdjRTalVfd1dmeDJFb3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQAueY1AwQAueoWAwQAufB6AwQBwQhwAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQCX0fNAKoe54neHgFXwW+RMtexi6B+Yu/Pf
zTGWMEyBBrpnG/JCFGVsU/XVpflahY9E23QTEx4jeetze+WL3O9agr28PQmKZO7j
olV8b7QdlKIzpr8z/MC3PUCYRb2hWxkq5DCMmj94Tl0BfbT8w5E8EY71A56P5ixc
UezOziBrf/ml+uHdi5C5LgUXvZQG4Cl0vGxYgQMTp0ZXf8PKxseDZ/hZ4JYndnSx
BheM/ECRIhsjbdaKrndDLVztnryQiv4D1x9RX7eCcqRzy4jV4W45yoBmsT9eF7hE
1WLCfp1mDvKsUR/nLw4rErFfY6sz+jLsqVvWxJm2gGqe1fQ4DyJ7
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:33 2025 by rpki-client