Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hl4FsORveN4noMbuzq123JFmn0s.roa
File: hl4FsORveN4noMbuzq123JFmn0s.roa (raw, json)
Hash identifier: 5qFzMwKX3LL5iJTW7UiCEIDuXiALcyrmRn2S2iiI03Y=
Subject key identifier: 86:5E:05:B0:E4:6F:78:DE:27:A0:C6:EE:CE:AD:76:DC:91:66:9F:4B
Certificate issuer: /CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Certificate serial: 0189DEE37D61B886BBD8727DFADAF883167E
Authority key identifier: 78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hl4FsORveN4noMbuzq123JFmn0s.roa
Signing time: Thu 10 Aug 2023 09:59:57 +0000
ROA not before: Thu 10 Aug 2023 09:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51978
IP address blocks: 194.182.192.0/19 maxlen: 19
82.180.64.0/18 maxlen: 18
194.182.200.0/22 maxlen: 22
185.8.136.0/22 maxlen: 22
46.30.112.0/21 maxlen: 21
64.190.238.0/23 maxlen: 23
130.193.112.0/21 maxlen: 21
46.35.32.0/20 maxlen: 20
2a03:b580::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:e3:7d:61:b8:86:bb:d8:72:7d:fa:da:f8:83:16:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Validity
Not Before: Aug 10 09:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=865e05b0e46f78de27a0c6eecead76dc91669f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d2:ca:5d:cf:f9:84:3d:c3:a9:fc:f3:00:a4:
b2:29:5f:29:5c:9f:00:6e:7e:ef:34:51:1c:30:f6:
63:9c:10:b4:e1:f0:e2:92:6a:48:70:45:be:16:d9:
ae:bb:9b:c2:0a:27:32:d2:1b:1f:c1:9b:a8:c8:58:
65:23:46:ef:fa:5a:de:58:b0:9f:cb:97:62:79:89:
72:34:19:58:29:f3:5e:d0:c6:4f:06:cd:a3:24:d0:
d9:f6:1e:ce:3c:e9:69:da:c9:68:a8:04:05:ff:70:
ba:d2:a3:c6:08:c0:6f:79:e6:94:9b:7b:b8:14:d6:
5a:8e:aa:32:95:66:f3:ef:24:16:6b:0b:cd:b8:78:
a8:06:bf:9a:85:2a:09:fd:2b:b0:e3:4f:df:f9:84:
63:c3:6d:e4:02:ce:7f:27:83:6f:3a:3b:5e:60:02:
5b:b4:6d:f2:52:6c:6d:09:4d:ce:28:44:d4:bb:a4:
12:bf:d3:7b:7c:13:99:06:f1:8f:ce:ed:6d:fb:0c:
63:f3:58:42:95:30:8f:ca:8c:08:40:f0:37:81:8d:
9c:9b:65:86:e6:3e:09:91:cd:a9:2d:50:ca:05:d7:
6a:48:c3:ff:8f:ec:7c:bd:7e:b8:dd:78:62:55:3b:
91:96:0a:ca:e1:65:bd:16:8c:e2:41:13:d8:c7:0c:
33:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5E:05:B0:E4:6F:78:DE:27:A0:C6:EE:CE:AD:76:DC:91:66:9F:4B
X509v3 Authority Key Identifier:
keyid:78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hl4FsORveN4noMbuzq123JFmn0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.112.0/21
46.35.32.0/20
64.190.238.0/23
82.180.64.0/18
130.193.112.0/21
185.8.136.0/22
194.182.192.0/19
IPv6:
2a03:b580::/32
Signature Algorithm: sha256WithRSAEncryption
0e:58:0f:70:ea:90:ec:3a:59:e3:ec:9f:ba:34:d6:2a:04:71:
3d:57:2b:44:8b:20:f9:aa:95:65:9b:04:85:47:22:96:b9:5a:
fe:c3:40:bc:ed:cb:79:cf:7a:d1:95:5e:4f:be:d1:bb:2f:0a:
c1:9c:ec:ff:2b:30:d5:3b:b2:b6:1c:c2:05:3c:aa:d8:a3:28:
4e:c6:65:2e:73:40:06:e4:70:97:32:d5:61:fd:80:77:2d:c9:
d1:1f:72:52:79:77:69:52:4b:5c:5e:71:d6:48:18:ed:5b:99:
18:bf:5c:2c:f7:97:4a:7f:93:12:8f:84:34:7a:c6:78:5e:48:
f8:a7:5a:3e:1f:95:4b:ff:f8:1b:a6:d3:44:6f:e2:0d:c9:5f:
0d:14:fe:07:ab:d9:ac:e0:68:28:e0:01:b1:f3:92:a8:3e:35:
34:5d:45:15:e3:ce:ca:24:b4:93:9c:c3:63:6d:ae:f4:ee:c1:
48:3e:65:0b:71:cd:4d:d3:73:82:e2:da:0f:0c:62:be:e6:2a:
ec:db:e4:92:92:6f:67:ea:d5:1f:5f:4c:22:33:b4:21:6b:7a:
4d:fb:1d:86:ad:6f:86:1f:a3:3f:0a:1d:25:48:d0:ec:93:fd:
ea:56:86:dc:14:8a:ec:e8:8f:10:0a:f1:7c:51:fa:15:73:e0:
45:f3:13:6e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYne431huIa72HJ9+tr4gxZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YTRjNGVhZWY2ZmUxNzA1Njk4YjAwZTYxOTE1Njc3YTJm
YjhkNWIwHhcNMjMwODEwMDk1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVlMDViMGU0NmY3OGRlMjdhMGM2ZWVjZWFkNzZkYzkxNjY5ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dLKXc/5hD3DqfzzAKSyKV8pXJ8A
bn7vNFEcMPZjnBC04fDikmpIcEW+Ftmuu5vCCicy0hsfwZuoyFhlI0bv+lreWLCf
y5dieYlyNBlYKfNe0MZPBs2jJNDZ9h7OPOlp2sloqAQF/3C60qPGCMBveeaUm3u4
FNZajqoylWbz7yQWawvNuHioBr+ahSoJ/Suw40/f+YRjw23kAs5/J4NvOjteYAJb
tG3yUmxtCU3OKETUu6QSv9N7fBOZBvGPzu1t+wxj81hClTCPyowIQPA3gY2cm2WG
5j4Jkc2pLVDKBddqSMP/j+x8vX643XhiVTuRlgrK4WW9FoziQRPYxwwzNwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIZeBbDkb3jeJ6DG7s6tdtyRZp9LMB8GA1UdIwQY
MBaAFHikxOrvb+FwVpiwDmGRVnei+41bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzct
NDI5MzA3ZjI0MzIwLzEvaGw0RnNPUnZlTjRub01idXpxMTIzSkZtbjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzctNDI5MzA3ZjI0MzIw
LzEvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLh5wAwQE
LiMgAwQBQL7uAwQGUrRAAwQDgsFwAwQCuQiIAwQFwrbAMA0EAgACMAcDBQAqA7WA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOWA9w6pDsOlnj7J+6NNYqBHE9VytEiyD5qpVl
mwSFRyKWuVr+w0C87ct5z3rRlV5PvtG7LwrBnOz/KzDVO7K2HMIFPKrYoyhOxmUu
c0AG5HCXMtVh/YB3LcnRH3JSeXdpUktcXnHWSBjtW5kYv1ws95dKf5MSj4Q0esZ4
Xkj4p1o+H5VL//gbptNEb+INyV8NFP4Hq9ms4Ggo4AGx85KoPjU0XUUV487KJLST
nMNjba707sFIPmULcc1N03OC4toPDGK+5irs2+SSkm9n6tUfX0wiM7Qha3pN+x2G
rW+GH6M/Ch0lSNDsk/3qVobcFIrs6I8QCvF8UfoVc+BF8xNu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org