Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hPPxHamPpLPXVsrjrq0Y4p4cUmE.roa
File: hPPxHamPpLPXVsrjrq0Y4p4cUmE.roa (raw, json)
Hash identifier: 0u8eN3ZFbXmq5qJZef20/UYMmayE0bJ/wYLH2sfbBGo=
Subject key identifier: 84:F3:F1:1D:A9:8F:A4:B3:D7:56:CA:E3:AE:AD:18:E2:9E:1C:52:61
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018DBC01A92F371C0876AE00FABF1A5A27A4
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hPPxHamPpLPXVsrjrq0Y4p4cUmE.roa
Signing time: Sun 18 Feb 2024 11:37:21 +0000
ROA not before: Sun 18 Feb 2024 11:37:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202029
IP address blocks: 85.9.104.0/24 maxlen: 24
91.239.214.0/24 maxlen: 24
185.83.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 10:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bc:01:a9:2f:37:1c:08:76:ae:00:fa:bf:1a:5a:27:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Feb 18 11:37:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84f3f11da98fa4b3d756cae3aead18e29e1c5261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b7:c8:7d:fa:54:ec:56:46:3d:6b:26:82:bc:
c9:ee:55:25:74:e9:3a:e7:1e:a6:ed:b1:b9:31:6f:
6c:fb:6c:1e:af:0a:53:af:43:f6:a6:73:c3:b2:97:
55:b9:ec:0a:78:0e:b8:f6:92:38:a0:3a:a0:69:bd:
32:d0:ec:32:8a:e5:cc:69:42:d9:40:59:ed:0a:00:
1b:4c:70:ac:12:71:1f:0e:d9:f6:6e:9a:cc:33:75:
e6:b4:7f:43:8a:f5:d3:0b:54:0d:ed:ba:2a:e7:82:
e5:9d:9a:c1:61:b8:ee:82:c2:ce:a3:b2:a1:f9:81:
b1:a4:36:18:03:3f:8a:b4:95:ec:3b:eb:ad:cd:98:
4d:ac:d5:90:f2:f8:60:fa:09:72:63:63:55:00:31:
2e:16:4e:0a:46:7d:0a:48:81:1c:64:46:ad:58:ce:
37:74:c5:9e:06:73:da:85:aa:55:93:b7:52:29:d7:
1c:3b:19:6f:9e:c2:c1:d5:b9:d1:d7:cd:8c:46:92:
7c:88:04:71:fe:17:06:3b:3d:89:23:36:8e:a8:ab:
8d:82:0e:55:88:5e:b7:02:55:92:b0:48:eb:7e:86:
58:25:67:13:59:80:86:cb:b9:10:34:5f:ef:35:f4:
5b:bc:16:d6:e1:15:43:a8:61:e1:3f:7a:3a:56:ed:
07:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F3:F1:1D:A9:8F:A4:B3:D7:56:CA:E3:AE:AD:18:E2:9E:1C:52:61
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hPPxHamPpLPXVsrjrq0Y4p4cUmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.104.0/24
91.239.214.0/24
185.83.90.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:60:22:66:6c:38:89:96:1f:7c:b7:e5:84:52:0c:ea:9f:6a:
82:74:eb:a0:83:27:86:ed:4a:a9:39:21:d4:d6:06:02:d2:61:
34:49:c3:28:48:93:b2:54:65:4e:2a:33:9f:c8:ba:9d:2b:a7:
bf:39:f1:da:45:1e:ff:cf:70:85:45:1d:79:40:ed:d4:ea:18:
6c:ef:af:8b:9e:05:5a:35:b5:f5:4e:d9:e5:ad:b1:bb:ea:61:
a7:f7:62:e0:01:18:8f:d5:a9:06:3a:2a:7e:fe:8f:4e:44:03:
44:a2:1f:c6:bb:15:91:c2:a3:1a:9d:44:72:7b:6f:8f:2f:05:
36:0f:fc:4e:4b:b9:bd:10:cc:fb:96:4d:3e:41:f7:ea:63:d4:
e4:4b:fe:7c:69:22:f6:9f:2a:a1:b7:c6:0e:40:b0:67:13:b1:
67:09:65:04:6e:d7:c0:1c:35:ec:61:5f:ca:ca:05:a2:62:62:
9e:81:1b:ac:08:35:dc:6b:2a:9e:36:dd:ca:4c:87:0c:2c:6d:
c0:7a:c9:45:b4:07:cf:32:77:53:4d:e2:03:fc:3f:6a:ac:50:
d2:0c:1e:50:63:e4:20:96:0a:e5:0f:c7:12:af:e6:81:41:5b:
7d:0f:3c:69:9b:af:a7:83:05:14:c9:d7:52:39:0c:76:ee:e8:
4e:db:60:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY28AakvNxwIdq4A+r8aWiekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMjE4MTEzNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYzZjExZGE5OGZhNGIzZDc1NmNhZTNhZWFkMThlMjllMWM1MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLfIffpU7FZGPWsmgrzJ7lUldOk6
5x6m7bG5MW9s+2werwpTr0P2pnPDspdVuewKeA649pI4oDqgab0y0OwyiuXMaULZ
QFntCgAbTHCsEnEfDtn2bprMM3XmtH9DivXTC1QN7boq54LlnZrBYbjugsLOo7Kh
+YGxpDYYAz+KtJXsO+utzZhNrNWQ8vhg+glyY2NVADEuFk4KRn0KSIEcZEatWM43
dMWeBnPahapVk7dSKdccOxlvnsLB1bnR182MRpJ8iARx/hcGOz2JIzaOqKuNgg5V
iF63AlWSsEjrfoZYJWcTWYCGy7kQNF/vNfRbvBbW4RVDqGHhP3o6Vu0H1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITz8R2pj6Sz11bK466tGOKeHFJhMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvaFBQeEhhbVBwTFBYVnNyanJxMFk0cDRjVW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQloAwQA
W+/WAwQAuVNaMA0GCSqGSIb3DQEBCwUAA4IBAQAKYCJmbDiJlh98t+WEUgzqn2qC
dOuggyeG7UqpOSHU1gYC0mE0ScMoSJOyVGVOKjOfyLqdK6e/OfHaRR7/z3CFRR15
QO3U6hhs76+LngVaNbX1TtnlrbG76mGn92LgARiP1akGOip+/o9ORANEoh/GuxWR
wqManURye2+PLwU2D/xOS7m9EMz7lk0+QffqY9TkS/58aSL2nyqht8YOQLBnE7Fn
CWUEbtfAHDXsYV/KygWiYmKegRusCDXcayqeNt3KTIcMLG3AeslFtAfPMndTTeID
/D9qrFDSDB5QY+QglgrlD8cSr+aBQVt9Dzxpm6+ngwUUyddSOQx27uhO22Co
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org