Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hbtXpEbFLxk7Qzu1AJ0hRkEMFJQ.roa
File: hbtXpEbFLxk7Qzu1AJ0hRkEMFJQ.roa (raw, json)
Hash identifier: dUlFuYoQTKbvktfZe7KH6psNreE2SNFhGIm3o5U9+hc=
Subject key identifier: 85:BB:57:A4:46:C5:2F:19:3B:43:3B:B5:00:9D:21:46:41:0C:14:94
Certificate issuer: /CN=ff5a29ccda1dc8a8a163ac27781e8ec597e76db9
Certificate serial: 01856CA5DFE98CA25C8D5705F7D46687674D
Authority key identifier: FF:5A:29:CC:DA:1D:C8:A8:A1:63:AC:27:78:1E:8E:C5:97:E7:6D:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1opzNodyKihY6wneB6OxZfnbbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hbtXpEbFLxk7Qzu1AJ0hRkEMFJQ.roa
Signing time: Sun 01 Jan 2023 09:24:48 +0000
ROA not before: Sun 01 Jan 2023 09:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205490
IP address blocks: 185.215.152.0/23 maxlen: 23
185.215.152.0/24 maxlen: 24
185.215.152.0/22 maxlen: 22
185.215.155.0/24 maxlen: 24
185.215.153.0/24 maxlen: 24
185.215.154.0/24 maxlen: 24
185.215.154.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:df:e9:8c:a2:5c:8d:57:05:f7:d4:66:87:67:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff5a29ccda1dc8a8a163ac27781e8ec597e76db9
Validity
Not Before: Jan 1 09:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85bb57a446c52f193b433bb5009d2146410c1494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:97:de:0e:5f:ca:44:fd:73:f6:7d:fd:f5:61:
23:0d:46:0e:6e:ce:77:55:6c:28:93:f8:ad:9b:64:
de:3e:5f:fb:ff:d9:9e:65:9c:62:e6:ae:ff:34:23:
07:18:96:cb:77:69:7e:87:03:17:b8:2e:6b:0b:72:
0c:50:e1:72:ad:f4:1d:93:39:be:f5:21:a2:c1:13:
45:4a:72:b5:42:f1:c8:7e:5b:eb:ad:05:f7:90:bf:
94:f8:8a:cf:f9:02:2c:99:5e:e8:39:05:87:53:b0:
37:77:ce:7c:d5:3e:a6:43:f5:78:3a:ec:c7:b1:27:
d7:cb:54:c4:e1:f9:4c:d6:49:13:e6:84:92:cf:10:
9e:e4:7d:5c:10:85:ea:09:ef:49:a3:7b:cc:1c:51:
5d:08:9a:e2:33:1a:40:87:ec:15:e2:99:7a:3f:b4:
50:2f:7b:0c:18:d6:84:39:5c:82:1a:45:77:71:5a:
d7:2b:d5:41:c6:ac:c4:37:0e:b5:94:16:a5:c2:f9:
1d:86:5c:b0:fa:7c:27:e0:a0:0f:f6:c4:12:1f:c7:
e8:07:da:0e:5d:67:3c:e9:99:d9:e9:5a:ed:86:e0:
b8:be:75:ac:c8:c1:64:ab:c0:a3:fd:df:db:98:cb:
72:a2:ad:77:a2:06:9f:e0:47:e1:02:70:14:9e:7a:
7d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BB:57:A4:46:C5:2F:19:3B:43:3B:B5:00:9D:21:46:41:0C:14:94
X509v3 Authority Key Identifier:
keyid:FF:5A:29:CC:DA:1D:C8:A8:A1:63:AC:27:78:1E:8E:C5:97:E7:6D:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1opzNodyKihY6wneB6OxZfnbbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hbtXpEbFLxk7Qzu1AJ0hRkEMFJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/_1opzNodyKihY6wneB6OxZfnbbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:ae:e3:9e:ce:d7:b5:84:e0:9e:ca:b2:53:e7:18:da:14:f4:
3e:d3:08:b6:ab:74:d4:16:25:cd:2b:46:fd:cc:8d:89:7d:15:
f7:f3:f5:77:00:8d:b4:c3:20:95:83:d1:a1:a0:c9:b0:b6:d4:
9f:fb:cb:48:a5:4d:ed:81:87:a5:ac:34:c3:e4:3b:bf:78:55:
8c:d8:5f:5a:3f:39:a5:31:53:a6:30:95:ca:59:e1:3d:36:bb:
5d:f0:1a:ee:a7:50:ca:5f:6c:45:2b:4e:82:0c:a6:7d:5a:c7:
ea:cf:0f:8c:79:12:a4:64:45:be:69:07:c8:51:62:37:fb:83:
93:a6:7a:21:cf:3b:c2:1a:b5:a8:8f:26:2a:a3:e3:3c:b2:a5:
08:8a:74:ee:64:ba:53:df:bf:2c:8c:c7:c0:0c:ba:73:85:91:
1d:f2:33:8b:15:37:a2:7f:ce:16:b0:ff:d8:b9:e1:73:9b:d3:
f2:6b:bd:6c:86:e1:19:f8:6d:4f:b1:e0:07:c1:0c:c0:5d:5d:
65:34:0a:5b:77:7c:1a:09:88:46:c4:fb:d1:59:d1:05:79:ee:
da:6a:5b:b9:cc:2b:86:e5:da:74:be:78:68:0a:53:3a:17:c7:
5f:86:50:4d:b5:c4:2d:9a:e9:01:17:c8:6f:4c:5a:de:87:e5:
b0:d9:13:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVspd/pjKJcjVcF99Rmh2dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNWEyOWNjZGExZGM4YThhMTYzYWMyNzc4MWU4ZWM1OTdl
NzZkYjkwHhcNMjMwMTAxMDkyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJiNTdhNDQ2YzUyZjE5M2I0MzNiYjUwMDlkMjE0NjQxMGMxNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZfeDl/KRP1z9n399WEjDUYObs53
VWwok/itm2TePl/7/9meZZxi5q7/NCMHGJbLd2l+hwMXuC5rC3IMUOFyrfQdkzm+
9SGiwRNFSnK1QvHIflvrrQX3kL+U+IrP+QIsmV7oOQWHU7A3d8581T6mQ/V4OuzH
sSfXy1TE4flM1kkT5oSSzxCe5H1cEIXqCe9Jo3vMHFFdCJriMxpAh+wV4pl6P7RQ
L3sMGNaEOVyCGkV3cVrXK9VBxqzENw61lBalwvkdhlyw+nwn4KAP9sQSH8foB9oO
XWc86ZnZ6VrthuC4vnWsyMFkq8Cj/d/bmMtyoq13ogaf4EfhAnAUnnp9MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW7V6RGxS8ZO0M7tQCdIUZBDBSUMB8GA1UdIwQY
MBaAFP9aKczaHciooWOsJ3gejsWX5225MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFvcHpOb2R5S2loWTZ3bmVCNk94WmZuYmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9iZjE3YTYtZDYxYi00OTNkLTlhODQt
OWJjNTVmNjJkYWJhLzEvaGJ0WHBFYkZMeGs3UXp1MUFKMGhSa0VNRkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9iZjE3YTYtZDYxYi00OTNkLTlhODQtOWJjNTVmNjJkYWJh
LzEvXzFvcHpOb2R5S2loWTZ3bmVCNk94WmZuYmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudeYMA0G
CSqGSIb3DQEBCwUAA4IBAQBtruOezte1hOCeyrJT5xjaFPQ+0wi2q3TUFiXNK0b9
zI2JfRX38/V3AI20wyCVg9GhoMmwttSf+8tIpU3tgYelrDTD5Du/eFWM2F9aPzml
MVOmMJXKWeE9Nrtd8Brup1DKX2xFK06CDKZ9Wsfqzw+MeRKkZEW+aQfIUWI3+4OT
pnohzzvCGrWojyYqo+M8sqUIinTuZLpT378sjMfADLpzhZEd8jOLFTeif84WsP/Y
ueFzm9Pya71shuEZ+G1PseAHwQzAXV1lNApbd3waCYhGxPvRWdEFee7aalu5zCuG
5dp0vnhoClM6F8dfhlBNtcQtmukBF8hvTFreh+Ww2RMA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:44 2024 by rpki-client on console-ams.rpki-client.org