Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/hQre9WxzOUQdak3-qSt7BPyo4KM.roa
File: hQre9WxzOUQdak3-qSt7BPyo4KM.roa (raw, json)
Hash identifier: 1gpMg95Xsg3O0c8CUZ3zdMy2gD1v9bzQwfuNDE56uiU=
Subject key identifier: 85:0A:DE:F5:6C:73:39:44:1D:6A:4D:FE:A9:2B:7B:04:FC:A8:E0:A3
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 018CC56DED0A109F864457031B53F33704F9
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/hQre9WxzOUQdak3-qSt7BPyo4KM.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49305
IP address blocks: 178.255.217.0/24 maxlen: 24
185.228.251.0/24 maxlen: 24
94.247.136.0/24 maxlen: 24
2a0e:3ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 03 Jan 2024 21:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ed:0a:10:9f:86:44:57:03:1b:53:f3:37:04:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=850adef56c7339441d6a4dfea92b7b04fca8e0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:c9:19:1a:f4:36:1e:c5:ee:6f:3a:d5:c9:
7a:c6:14:b7:5f:67:50:45:3a:10:2c:73:87:ed:fb:
50:4f:3c:a7:58:c4:cc:00:32:0d:99:79:95:02:41:
59:90:1d:b9:5a:04:a3:67:d6:c0:85:fe:ca:01:98:
3f:0c:0f:f3:74:4a:97:28:dd:d6:35:90:48:d8:61:
3e:59:7f:c9:ab:c2:31:a9:b5:20:54:0f:9c:82:d6:
92:a3:83:1f:6e:28:b9:ac:66:1e:4a:1a:77:1b:64:
0d:62:eb:1f:d4:af:db:19:63:a4:1d:93:40:2f:ce:
42:45:da:3b:f5:d1:47:58:f4:c3:94:87:75:7a:42:
c7:da:da:bb:c2:a6:61:d1:dc:11:f7:ba:3c:b2:27:
55:c1:7c:a9:51:89:4f:8b:47:b1:de:ce:87:2d:c1:
90:a1:19:f1:59:29:29:78:5f:17:c6:70:ed:c1:63:
84:03:0f:c8:d6:fb:bd:bf:8b:6a:75:b8:43:33:0b:
e0:38:66:e4:a6:47:c2:71:3a:d3:52:5b:cc:8d:c4:
d6:55:dc:b9:94:c1:8c:29:33:54:cf:73:fa:39:d1:
51:92:96:a7:55:bf:6c:89:94:47:90:40:b3:d6:35:
b4:4f:1f:11:d6:8b:3a:dc:ef:81:6b:b7:30:ba:bc:
2c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0A:DE:F5:6C:73:39:44:1D:6A:4D:FE:A9:2B:7B:04:FC:A8:E0:A3
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/hQre9WxzOUQdak3-qSt7BPyo4KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.136.0/24
178.255.217.0/24
185.228.251.0/24
IPv6:
2a0e:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:ac:9b:d6:e6:37:f3:2c:d8:08:cc:7b:69:3f:07:b8:70:04:
3c:d7:9b:11:85:29:d3:f9:e7:57:9b:39:40:78:d8:8d:f5:16:
18:bb:5d:18:2e:8c:1a:64:5b:e8:e0:33:3f:a8:c5:61:61:a8:
62:2c:75:6a:eb:71:d2:b7:71:57:f5:d6:73:79:e8:8e:ba:06:
d4:67:36:1e:7e:74:e2:c9:6c:d7:04:4b:cb:83:78:dd:25:c3:
fc:55:98:c4:cd:40:a3:bb:9f:22:25:d4:6f:fe:b4:b6:cd:1f:
f9:24:ad:46:a3:2d:98:0c:5d:8e:c3:8b:18:3f:0c:ce:ae:1d:
f8:0e:bf:01:a5:2a:39:46:6d:5d:47:ed:5f:10:f7:64:b9:f4:
51:d9:02:15:e6:7a:e4:6e:70:8d:b3:0f:26:39:c8:a0:1b:55:
34:36:77:77:94:86:ca:e9:78:85:cb:65:62:86:5e:b4:af:d9:
44:34:5d:a1:be:99:a8:d2:9c:20:e2:81:0d:b7:5b:09:a0:b9:
ac:c9:7f:55:59:11:a6:0a:89:75:bb:94:a0:45:09:9c:e6:e5:
a1:0d:0a:a7:e8:2a:74:14:2a:e0:f2:cf:4a:68:0a:5f:e4:8f:
20:cd:12:78:41:29:aa:3e:4c:17:ef:f7:37:db:ee:ce:15:ef:
88:45:26:8d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbe0KEJ+GRFcDG1PzNwT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBhZGVmNTZjNzMzOTQ0MWQ2YTRkZmVhOTJiN2IwNGZjYThlMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXrJGRr0Nh7F7m861cl6xhS3X2dQ
RToQLHOH7ftQTzynWMTMADINmXmVAkFZkB25WgSjZ9bAhf7KAZg/DA/zdEqXKN3W
NZBI2GE+WX/Jq8IxqbUgVA+cgtaSo4Mfbii5rGYeShp3G2QNYusf1K/bGWOkHZNA
L85CRdo79dFHWPTDlId1ekLH2tq7wqZh0dwR97o8sidVwXypUYlPi0ex3s6HLcGQ
oRnxWSkpeF8XxnDtwWOEAw/I1vu9v4tqdbhDMwvgOGbkpkfCcTrTUlvMjcTWVdy5
lMGMKTNUz3P6OdFRkpanVb9siZRHkECz1jW0Tx8R1os63O+Ba7cwurwsHwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIUK3vVsczlEHWpN/qkrewT8qOCjMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvaFFyZTlXeHpPVVFkYWszLXFTdDdCUHlvNEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXveIAwQA
sv/ZAwQAueT7MA0EAgACMAcDBQMqDj7AMA0GCSqGSIb3DQEBCwUAA4IBAQAurJvW
5jfzLNgIzHtpPwe4cAQ815sRhSnT+edXmzlAeNiN9RYYu10YLowaZFvo4DM/qMVh
YahiLHVq63HSt3FX9dZzeeiOugbUZzYefnTiyWzXBEvLg3jdJcP8VZjEzUCju58i
JdRv/rS2zR/5JK1Goy2YDF2Ow4sYPwzOrh34Dr8BpSo5Rm1dR+1fEPdkufRR2QIV
5nrkbnCNsw8mOcigG1U0Nnd3lIbK6XiFy2Vihl60r9lENF2hvpmo0pwg4oENt1sJ
oLmsyX9VWRGmCol1u5SgRQmc5uWhDQqn6Cp0FCrg8s9KaApf5I8gzRJ4QSmqPkwX
7/c32+7OFe+IRSaN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:39 2024 by rpki-client on console-fra.rpki-client.org