Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/HXc2WisDSNps1PXG_TtqpwSpHAo.roa
File: HXc2WisDSNps1PXG_TtqpwSpHAo.roa (raw, json)
Hash identifier: H+6Cfv+ZexaTjkqpTSpA9TElnOk8z509nbOAgjoyKpo=
Subject key identifier: 1D:77:36:5A:2B:03:48:DA:6C:D4:F5:C6:FD:3B:6A:A7:04:A9:1C:0A
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018AEA39EFC6091551F36B951FFFB7E2A4CE
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/HXc2WisDSNps1PXG_TtqpwSpHAo.roa
Signing time: Sun 01 Oct 2023 07:52:59 +0000
ROA not before: Sun 01 Oct 2023 07:52:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58074
IP address blocks: 195.245.82.0/23 maxlen: 23
193.138.99.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
195.78.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:39:ef:c6:09:15:51:f3:6b:95:1f:ff:b7:e2:a4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Oct 1 07:52:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d77365a2b0348da6cd4f5c6fd3b6aa704a91c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:7d:ca:3e:63:38:2d:5e:87:bb:0e:a4:3a:
74:9a:c9:f3:e6:0d:e3:9d:c5:72:31:3c:74:11:a4:
34:ab:d8:82:a9:33:40:39:4c:30:4a:e7:d2:81:2f:
76:83:bd:5c:4c:97:fa:92:52:0b:9b:60:50:72:cf:
5f:55:3a:2e:a0:b9:94:d9:a8:23:2c:1c:dc:58:76:
73:c9:b6:70:36:35:12:ee:74:34:2d:10:88:5a:90:
84:af:db:3d:10:6e:2a:f0:ab:57:cb:e0:12:bf:02:
ac:a0:22:d5:0a:37:c9:f4:ad:a2:a4:06:bb:84:93:
5b:32:f6:8c:fa:8c:59:04:ad:78:81:d8:57:ef:9b:
bf:1c:f7:4b:45:62:8a:14:6c:08:4d:4c:7d:3d:5b:
5f:7b:70:e2:c9:f5:f0:55:f1:e5:08:8b:fc:28:64:
27:8f:1b:77:15:da:4e:61:0a:cc:d7:54:7e:0a:0c:
17:76:35:c1:f1:f2:96:d8:9c:3c:38:c9:97:4d:38:
bc:8b:bc:cf:7e:69:a4:5d:75:28:01:a8:dc:2f:ef:
77:41:df:1d:29:18:1d:03:26:c7:7f:37:5b:7b:60:
7b:3e:c4:e3:61:50:b1:52:ae:45:07:6d:65:8b:38:
91:f5:4e:c1:ca:9b:3e:b7:fd:82:c6:a0:e9:db:92:
93:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:77:36:5A:2B:03:48:DA:6C:D4:F5:C6:FD:3B:6A:A7:04:A9:1C:0A
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/HXc2WisDSNps1PXG_TtqpwSpHAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.99.0/24
194.6.201.0/24
195.78.124.0/23
195.245.82.0/23
Signature Algorithm: sha256WithRSAEncryption
84:11:f2:8a:8d:57:0f:85:91:1a:84:4b:db:60:9e:5d:1a:e4:
e5:90:b8:be:0a:7c:f2:d3:c5:56:69:c5:5a:08:09:55:f7:e5:
9a:74:8d:fa:93:83:37:d3:7f:46:7b:7a:8e:e9:ec:37:fe:b8:
1a:3e:ce:3e:44:e6:ff:01:14:67:d5:ed:29:f2:ab:59:61:d9:
ba:02:f0:1d:3e:ed:5b:b0:0a:75:94:68:4f:a8:10:f3:19:c3:
4f:4f:c3:a6:76:7f:2c:71:1a:5b:2e:ae:33:6e:c0:95:de:ef:
e3:81:cb:d1:9f:d8:ba:c0:11:03:99:e6:ec:1c:69:1b:cd:e0:
41:08:09:75:12:6b:79:21:cc:c1:33:af:13:60:cd:4f:bb:f5:
26:6c:ef:e5:42:b6:cd:8e:6c:17:f7:74:83:e8:77:cf:99:d1:
3d:83:97:25:08:af:7d:66:be:67:ee:39:96:c7:01:80:a4:b7:
2a:d6:23:8e:4c:06:32:af:17:ee:27:65:d6:c8:e3:89:35:18:
a4:d3:1a:41:a9:ca:86:fa:ce:36:e4:52:f8:c3:3d:19:8e:c4:
c4:37:e9:19:b3:0c:b9:93:33:43:9b:79:0d:a2:72:bb:58:7e:
4a:d3:f5:7e:bc:88:f3:29:9f:7f:c3:85:19:fb:d3:f7:44:cf:
96:8b:11:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrqOe/GCRVR82uVH/+34qTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMxMDAxMDc1MjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc3MzY1YTJiMDM0OGRhNmNkNGY1YzZmZDNiNmFhNzA0YTkxYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszd9yj5jOC1eh7sOpDp0msnz5g3j
ncVyMTx0EaQ0q9iCqTNAOUwwSufSgS92g71cTJf6klILm2BQcs9fVTouoLmU2agj
LBzcWHZzybZwNjUS7nQ0LRCIWpCEr9s9EG4q8KtXy+ASvwKsoCLVCjfJ9K2ipAa7
hJNbMvaM+oxZBK14gdhX75u/HPdLRWKKFGwITUx9PVtfe3DiyfXwVfHlCIv8KGQn
jxt3FdpOYQrM11R+CgwXdjXB8fKW2Jw8OMmXTTi8i7zPfmmkXXUoAajcL+93Qd8d
KRgdAybHfzdbe2B7PsTjYVCxUq5FB21liziR9U7Byps+t/2CxqDp25KTzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB13NlorA0jabNT1xv07aqcEqRwKMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvSFhjMldpc0RTTnBzMVBYR19UdHFwd1NwSEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwYpjAwQA
wgbJAwQBw058AwQBw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQCEEfKKjVcPhZEahEvb
YJ5dGuTlkLi+Cnzy08VWacVaCAlV9+WadI36k4M3039Ge3qO6ew3/rgaPs4+ROb/
ARRn1e0p8qtZYdm6AvAdPu1bsAp1lGhPqBDzGcNPT8Omdn8scRpbLq4zbsCV3u/j
gcvRn9i6wBEDmebsHGkbzeBBCAl1Emt5IczBM68TYM1Pu/UmbO/lQrbNjmwX93SD
6HfPmdE9g5clCK99Zr5n7jmWxwGApLcq1iOOTAYyrxfuJ2XWyOOJNRik0xpBqcqG
+s425FL4wz0ZjsTEN+kZswy5kzNDm3kNonK7WH5K0/V+vIjzKZ9/w4UZ+9P3RM+W
ixHk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org