Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2HRi4WbzYbEwRvNhihSVNy409Ss.roa
File: 2HRi4WbzYbEwRvNhihSVNy409Ss.roa (raw, json)
Hash identifier: YVTK3AO6LItbCCyN8Bqu8hLgbxE3x1/2uILAHyiAsxE=
Subject key identifier: D8:74:62:E1:66:F3:61:B1:30:46:F3:61:8A:14:95:37:2E:34:F5:2B
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0191EF72E0B023ABECFAA485ECAC6676B6EC
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2HRi4WbzYbEwRvNhihSVNy409Ss.roa
Signing time: Sat 14 Sep 2024 07:32:48 +0000
ROA not before: Sat 14 Sep 2024 07:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 21 Sep 2024 21:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ef:72:e0:b0:23:ab:ec:fa:a4:85:ec:ac:66:76:b6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Sep 14 07:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d87462e166f361b13046f3618a1495372e34f52b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:46:b4:93:88:8a:b8:2d:7d:a4:8e:9b:d1:
f7:99:af:dd:0e:70:66:07:f2:06:f9:89:d3:bc:af:
42:ce:ed:c3:d9:59:0b:1f:6e:24:e0:44:a1:77:d4:
c2:eb:d0:ae:b0:70:9b:c3:30:4f:ed:56:07:a7:a2:
3c:77:3e:b7:44:14:93:49:b9:df:65:9d:f2:6f:71:
27:26:d5:85:da:a7:4b:b2:ed:d6:e7:40:71:3d:49:
c7:2f:05:0f:c4:cd:df:5b:e4:9f:33:63:98:3b:e0:
13:4a:ad:3a:71:6b:c6:91:b4:b0:c1:e3:01:f9:ba:
38:70:14:92:b0:f2:27:f0:bc:69:60:5a:54:28:68:
cf:fa:c3:a0:10:00:60:13:08:32:d5:56:61:fd:75:
77:7e:44:ae:37:f5:29:23:23:6a:68:be:25:75:7f:
94:30:f0:83:8d:99:b1:f0:6f:a0:7e:db:c8:c8:41:
6a:1a:07:2d:2b:4a:02:db:df:3c:0a:ba:87:64:69:
ac:e6:99:48:c3:0f:f1:64:82:b5:68:57:9c:7d:34:
91:3e:01:ce:20:3c:27:c0:45:f6:61:4a:b8:6f:39:
ac:79:ce:d5:03:de:fd:b4:e6:81:c0:07:be:cb:ab:
e3:7b:5c:2b:e0:af:5e:1d:9e:e0:79:c1:6b:df:f5:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:74:62:E1:66:F3:61:B1:30:46:F3:61:8A:14:95:37:2E:34:F5:2B
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/2HRi4WbzYbEwRvNhihSVNy409Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/23
45.136.4.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
18:0f:52:a6:15:c9:8b:82:d2:db:6f:8d:f3:c9:eb:e6:f8:f3:
3b:1c:4f:97:40:37:1e:58:ee:2f:a0:13:91:64:14:58:9f:19:
06:ac:d5:9d:3a:cb:20:60:6a:10:8f:5a:6b:33:15:17:69:34:
c0:f4:28:ce:60:8a:c3:92:0e:5b:dd:ea:d8:54:23:78:52:dc:
b6:82:3b:5f:6c:3c:a0:4e:a1:aa:44:83:49:b3:6a:ac:3c:4f:
33:a0:14:11:b8:4b:3d:63:4a:d9:ec:6b:ed:6c:c5:35:bc:1c:
49:02:1c:50:f8:a2:54:1c:c6:71:66:96:af:78:c3:ac:ae:ec:
a6:23:47:a5:b9:c1:f0:47:a7:1f:38:4f:af:90:a5:9d:da:39:
48:69:03:ee:70:53:5b:fe:35:a5:48:dd:aa:27:3e:32:92:52:
f3:fb:e3:d2:c9:04:b5:09:6c:d7:f7:0c:e6:41:1e:cb:b1:22:
a6:f4:d0:92:91:28:c0:50:a0:82:30:15:ec:fe:1b:21:dd:3d:
87:22:de:fc:bd:7b:40:98:8a:e4:df:41:4c:7f:18:54:1c:20:
17:91:55:78:44:82:d7:38:6f:c1:96:31:e6:8d:78:6c:0e:91:
91:0e:ad:fc:ae:3b:d4:e6:2f:ab:1c:9b:dc:6d:d7:d4:f2:15:
3b:3d:7c:13
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZHvcuCwI6vs+qSF7KxmdrbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwOTE0MDczMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc0NjJlMTY2ZjM2MWIxMzA0NmYzNjE4YTE0OTUzNzJlMzRmNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW1GtJOIirgtfaSOm9H3ma/dDnBm
B/IG+YnTvK9Czu3D2VkLH24k4EShd9TC69CusHCbwzBP7VYHp6I8dz63RBSTSbnf
ZZ3yb3EnJtWF2qdLsu3W50BxPUnHLwUPxM3fW+SfM2OYO+ATSq06cWvGkbSwweMB
+bo4cBSSsPIn8LxpYFpUKGjP+sOgEABgEwgy1VZh/XV3fkSuN/UpIyNqaL4ldX+U
MPCDjZmx8G+gftvIyEFqGgctK0oC2988CrqHZGms5plIww/xZIK1aFecfTSRPgHO
IDwnwEX2YUq4bzmsec7VA979tOaBwAe+y6vje1wr4K9eHZ7gecFr3/XB2wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFNh0YuFm82GxMEbzYYoUlTcuNPUrMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvMkhSaTRXYnpZYkV3UnZOaGloU1ZOeTQwOVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTBQBAIAATBKMAwDBAAF
tGkDBAIFtGgDBAEtgwADBAAtiAQDBAAtjZQDBAAtkywDBAJNU8gDBADCdOQDBAHC
dOwDBADCkhoDBADCkiQDBADCki8wRQQCAAIwPwMFAyoJh4ADBQMqD7cAAwUDKg/p
AAMFAyoP6wADBQMqD+0AAwUDKg/5AAMFACoTpEEDBQAqE6RFAwUAKhOkRzANBgkq
hkiG9w0BAQsFAAOCAQEAGA9SphXJi4LS22+N88nr5vjzOxxPl0A3HljuL6ATkWQU
WJ8ZBqzVnTrLIGBqEI9aazMVF2k0wPQozmCKw5IOW93q2FQjeFLctoI7X2w8oE6h
qkSDSbNqrDxPM6AUEbhLPWNK2exr7WzFNbwcSQIcUPiiVBzGcWaWr3jDrK7spiNH
pbnB8EenHzhPr5Clndo5SGkD7nBTW/41pUjdqic+MpJS8/vj0skEtQls1/cM5kEe
y7EipvTQkpEowFCggjAV7P4bId09hyLe/L17QJiK5N9BTH8YVBwgF5FVeESC1zhv
wZYx5o14bA6RkQ6t/K471OYvqxyb3G3X1PIVOz18Ew==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:24 2025 by rpki-client