Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/HYsUHQC-apiEQv0h87qH_y18M0g.roa
File: HYsUHQC-apiEQv0h87qH_y18M0g.roa (raw, json)
Hash identifier: 8tXv+LMyblBGFe1TgllgDPnwH2/RntE3o+sLvxR0/Tg=
Subject key identifier: 1D:8B:14:1D:00:BE:6A:98:84:42:FD:21:F3:BA:87:FF:2D:7C:33:48
Certificate issuer: /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial: 019320B2345BA18C45015CD245DC388485ED
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/HYsUHQC-apiEQv0h87qH_y18M0g.roa
Signing time: Tue 12 Nov 2024 14:06:09 +0000
ROA not before: Tue 12 Nov 2024 14:06:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12956
IP address blocks: 2.57.224.0/22 maxlen: 22
5.53.0.0/21 maxlen: 21
5.255.144.0/21 maxlen: 21
45.135.52.0/22 maxlen: 22
80.76.8.0/21 maxlen: 21
81.173.104.0/21 maxlen: 21
84.16.0.0/19 maxlen: 19
89.32.176.0/21 maxlen: 21
94.142.96.0/19 maxlen: 19
103.244.236.0/22 maxlen: 22
176.52.248.0/21 maxlen: 21
185.43.180.0/22 maxlen: 22
185.153.168.0/22 maxlen: 22
185.190.8.0/22 maxlen: 22
185.210.28.0/22 maxlen: 22
188.214.148.0/23 maxlen: 23
193.36.134.0/23 maxlen: 23
213.140.32.0/19 maxlen: 19
2001:1498::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 15 Nov 2024 11:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:b2:34:5b:a1:8c:45:01:5c:d2:45:dc:38:84:85:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Validity
Not Before: Nov 12 14:06:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d8b141d00be6a988442fd21f3ba87ff2d7c3348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:5d:58:8a:1f:8a:4f:77:41:9f:99:a1:69:
1f:b5:3c:e6:2a:c4:b2:e1:65:f0:60:d1:a5:2c:a9:
7a:fc:56:ee:68:78:12:0d:85:24:b9:6e:c6:21:40:
af:89:ab:a7:8b:46:0a:15:97:03:f6:b1:6f:2e:a5:
db:10:d1:a3:a6:90:49:a9:b8:a0:ba:2b:71:e7:0b:
2c:bb:43:1d:52:78:fa:f5:41:40:d5:7d:ec:ab:7f:
1f:89:ff:59:9f:ef:64:b7:f4:bf:68:83:ef:06:07:
8a:35:4c:b6:fc:e9:d9:b0:de:b2:9d:1b:18:72:40:
54:c8:a4:5c:f4:86:90:fd:69:4c:04:17:72:9c:06:
89:9c:dc:0f:4a:bc:25:c3:8d:21:65:b6:21:37:b5:
c1:9f:66:f0:61:e5:c9:57:bd:46:3f:74:23:d8:00:
c5:85:4a:c6:b8:c2:13:5a:47:c7:5f:5c:2e:92:3b:
01:ed:a5:03:9e:0b:cc:ff:6f:4c:f8:eb:8e:8e:cf:
3c:79:b4:b2:39:f0:b4:8e:de:c3:37:aa:37:52:89:
10:c2:98:7e:3e:b9:d7:3b:10:74:ec:13:4e:aa:c4:
f7:c8:5c:3e:5e:a8:15:4f:30:07:b8:6a:f1:86:44:
27:9d:b1:ac:e4:27:fc:73:6e:dd:bb:21:ea:29:e7:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8B:14:1D:00:BE:6A:98:84:42:FD:21:F3:BA:87:FF:2D:7C:33:48
X509v3 Authority Key Identifier:
keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/HYsUHQC-apiEQv0h87qH_y18M0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.224.0/22
5.53.0.0/21
5.255.144.0/21
45.135.52.0/22
80.76.8.0/21
81.173.104.0/21
84.16.0.0/19
89.32.176.0/21
94.142.96.0/19
103.244.236.0/22
176.52.248.0/21
185.43.180.0/22
185.153.168.0/22
185.190.8.0/22
185.210.28.0/22
188.214.148.0/23
193.36.134.0/23
213.140.32.0/19
IPv6:
2001:1498::/32
Signature Algorithm: sha256WithRSAEncryption
9a:04:a3:36:97:f4:d3:99:c8:46:ee:6a:73:11:0e:8b:d9:15:
5c:45:30:59:db:8a:08:ea:e1:37:7e:30:83:62:de:de:ea:88:
b1:8d:6e:cf:81:73:f0:ff:7a:f5:0a:01:05:bd:38:dd:74:b2:
9d:ac:c6:3b:94:39:2c:2e:52:2a:6e:b5:51:68:86:c5:c0:2b:
54:73:46:4d:1a:25:a7:4c:d8:f3:ee:e4:27:8c:7d:24:a7:63:
56:8f:ce:ae:e8:31:63:7c:a4:63:e8:15:b3:a9:41:7b:64:60:
8a:6e:b7:5a:03:3e:bc:9d:17:49:f5:c3:80:a0:2a:c7:e4:bf:
e0:8f:27:78:57:a1:34:9a:0d:f3:05:81:3e:3f:08:b9:82:0d:
0d:7e:6d:60:f4:b5:55:68:06:4f:05:5a:74:2e:e0:c8:ee:35:
8b:43:27:c6:fb:c5:a6:6b:e5:d2:f7:e6:3f:57:39:e7:6c:6c:
a7:68:90:6b:7f:53:c0:84:85:13:ab:e1:51:58:7a:7f:78:ca:
98:e1:66:a5:21:72:ab:cd:03:0a:78:2f:56:43:4b:65:ae:2d:
aa:74:90:1e:85:c0:42:8f:85:89:df:d5:45:3c:47:6d:ed:00:
7c:9c:f1:af:45:18:88:ee:4b:d4:da:1b:19:44:eb:d4:1b:87:
d7:4a:fe:48
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZMgsjRboYxFAVzSRdw4hIXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTA1YmMyMWIyYTZmMTAzMzcxMWZmY2E2NDkxYzZjMzBj
ZTVhNGEwHhcNMjQxMTEyMTQwNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhiMTQxZDAwYmU2YTk4ODQ0MmZkMjFmM2JhODdmZjJkN2MzMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH9dWIofik93QZ+ZoWkftTzmKsSy
4WXwYNGlLKl6/FbuaHgSDYUkuW7GIUCviauni0YKFZcD9rFvLqXbENGjppBJqbig
uitx5wssu0MdUnj69UFA1X3sq38fif9Zn+9kt/S/aIPvBgeKNUy2/OnZsN6ynRsY
ckBUyKRc9IaQ/WlMBBdynAaJnNwPSrwlw40hZbYhN7XBn2bwYeXJV71GP3Qj2ADF
hUrGuMITWkfHX1wukjsB7aUDngvM/29M+OuOjs88ebSyOfC0jt7DN6o3UokQwph+
PrnXOxB07BNOqsT3yFw+XqgVTzAHuGrxhkQnnbGs5Cf8c27duyHqKedhSQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFB2LFB0AvmqYhEL9IfO6h/8tfDNIMB8GA1UdIwQY
MBaAFHXgW8IbKm8QM3Ef/KZJHGwwzlpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDct
ZDQ1YWI3ZGYyZGUxLzEvSFlzVUhRQy1hcGlFUXYwaDg3cUhfeTE4TTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDctZDQ1YWI3ZGYyZGUx
LzEvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCAjng
AwQDBTUAAwQDBf+QAwQCLYc0AwQDUEwIAwQDUa1oAwQFVBAAAwQDWSCwAwQFXo5g
AwQCZ/TsAwQDsDT4AwQCuSu0AwQCuZmoAwQCub4IAwQCudIcAwQBvNaUAwQBwSSG
AwQF1YwgMA0EAgACMAcDBQAgARSYMA0GCSqGSIb3DQEBCwUAA4IBAQCaBKM2l/TT
mchG7mpzEQ6L2RVcRTBZ24oI6uE3fjCDYt7e6oixjW7PgXPw/3r1CgEFvTjddLKd
rMY7lDksLlIqbrVRaIbFwCtUc0ZNGiWnTNjz7uQnjH0kp2NWj86u6DFjfKRj6BWz
qUF7ZGCKbrdaAz68nRdJ9cOAoCrH5L/gjyd4V6E0mg3zBYE+Pwi5gg0Nfm1g9LVV
aAZPBVp0LuDI7jWLQyfG+8Wma+XS9+Y/VznnbGynaJBrf1PAhIUTq+FRWHp/eMqY
4WalIXKrzQMKeC9WQ0tlri2qdJAehcBCj4WJ39VFPEdt7QB8nPGvRRiI7kvU2hsZ
ROvUG4fXSv5I
-----END CERTIFICATE-----
Generated at Fri Nov 15 14:43:26 2024 by rpki-client on console-ams.rpki-client.org