Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hgGV7d4lj6ZX9MCLy9llWLWQUxA.roa
File: hgGV7d4lj6ZX9MCLy9llWLWQUxA.roa (raw, json)
Hash identifier: jTtAIl0R9P37nSTph6LeiX/+8jdTrioX+csDGO2BHok=
Subject key identifier: 86:01:95:ED:DE:25:8F:A6:57:F4:C0:8B:CB:D9:65:58:B5:90:53:10
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018C45332963AE211F9E660D8BDBEC93B214
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hgGV7d4lj6ZX9MCLy9llWLWQUxA.roa
Signing time: Thu 07 Dec 2023 16:53:49 +0000
ROA not before: Thu 07 Dec 2023 16:53:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.16.0/24 maxlen: 24
185.201.19.0/24 maxlen: 24
45.140.132.0/24 maxlen: 24
45.131.180.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
45.91.121.0/24 maxlen: 24
45.93.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:33:29:63:ae:21:1f:9e:66:0d:8b:db:ec:93:b2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Dec 7 16:53:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=860195edde258fa657f4c08bcbd96558b5905310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:23:97:8a:5f:d9:a2:15:ba:af:fa:89:c4:
ac:c7:4d:e3:ae:2d:c2:4b:cf:6a:f2:91:c7:d7:6b:
00:06:2d:16:e8:0c:d1:e4:4e:30:b7:67:38:cd:bf:
87:c7:8e:5a:f7:3f:c4:03:ce:ab:39:53:6e:dc:1a:
f2:fe:fc:c1:79:57:d2:00:8d:80:02:61:46:64:03:
a9:3b:14:b9:32:ef:24:00:6d:c0:28:d4:f8:4c:53:
e6:8d:90:e0:52:35:ca:0b:32:7f:df:ee:9b:84:bc:
17:87:a5:47:50:29:b1:8e:a7:37:4f:90:73:60:42:
e0:2c:ef:9f:77:bc:48:4e:19:24:54:dc:41:32:4a:
f1:4e:dc:48:a3:57:be:c0:60:f1:79:32:26:08:f6:
c8:a3:b2:87:b2:49:2d:98:84:7e:da:11:f1:5c:74:
93:22:5f:75:35:10:04:f7:eb:98:5b:8f:fb:3f:7e:
60:e8:6c:5e:0f:ec:97:4e:e4:91:20:1e:d2:db:e2:
10:2e:b1:01:22:6a:45:46:6b:5d:68:72:86:f3:bc:
23:cd:3c:79:f3:27:19:4d:7b:52:d4:b8:d6:56:c6:
6e:99:b0:de:2a:17:5d:71:ed:73:f1:ee:e2:71:31:
47:f4:ec:be:b0:fa:ea:b0:26:7e:08:6f:7c:da:91:
5a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:01:95:ED:DE:25:8F:A6:57:F4:C0:8B:CB:D9:65:58:B5:90:53:10
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hgGV7d4lj6ZX9MCLy9llWLWQUxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.121.0/24
45.93.148.0/24
45.131.180.0/24
45.140.132.0/24
45.147.95.0/24
46.229.240.0/24
185.201.16.0/23
185.201.19.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d3:06:3c:a3:9e:c2:39:9e:e8:9a:9d:a2:46:84:4a:97:5a:
fe:ed:9a:f3:d4:df:98:05:33:40:0e:8b:ec:c6:23:01:f1:ec:
ae:c3:07:4d:18:95:b0:b8:a9:d7:0d:a4:10:4f:0f:a2:9d:e4:
4e:52:6c:9c:ea:86:8c:89:54:bf:90:9d:e3:ed:91:8d:10:8c:
17:b4:0b:a2:f0:76:53:89:7f:9d:65:b4:61:0d:a5:e6:e1:14:
27:4b:05:41:d9:b4:39:ed:37:25:d0:d3:a2:c0:4d:57:49:1a:
98:d1:70:dd:b5:aa:50:63:ca:77:93:07:db:cd:1b:77:91:7b:
3f:80:4a:2e:db:db:94:12:4a:ff:23:6d:d6:bd:30:d0:9e:71:
ca:4f:5b:21:18:e3:57:e6:0d:b4:c2:0a:d3:72:d8:1d:c0:b9:
17:c1:5a:95:8b:ff:61:ee:6b:c4:1f:74:61:5c:10:5b:f6:16:
92:7e:38:e9:73:bf:1f:18:c4:7a:04:b8:9b:8b:d5:e4:da:c4:
08:fc:eb:f4:38:15:91:3d:a0:37:6c:3c:e5:b0:f2:06:cd:c2:
d1:63:0e:97:1d:a3:3e:fe:09:e4:7e:b7:b0:6a:80:14:33:fa:
77:64:fd:a9:99:8f:63:f2:62:eb:b1:0c:80:bb:ba:a0:3a:11:
d4:d1:e9:82
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYxFMyljriEfnmYNi9vsk7IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMxMjA3MTY1MzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAxOTVlZGRlMjU4ZmE2NTdmNGMwOGJjYmQ5NjU1OGI1OTA1MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5wjl4pf2aIVuq/6icSsx03jri3C
S89q8pHH12sABi0W6AzR5E4wt2c4zb+Hx45a9z/EA86rOVNu3Bry/vzBeVfSAI2A
AmFGZAOpOxS5Mu8kAG3AKNT4TFPmjZDgUjXKCzJ/3+6bhLwXh6VHUCmxjqc3T5Bz
YELgLO+fd7xIThkkVNxBMkrxTtxIo1e+wGDxeTImCPbIo7KHskktmIR+2hHxXHST
Il91NRAE9+uYW4/7P35g6GxeD+yXTuSRIB7S2+IQLrEBImpFRmtdaHKG87wjzTx5
8ycZTXtS1LjWVsZumbDeKhddce1z8e7icTFH9Oy+sPrqsCZ+CG982pFaRwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIYBle3eJY+mV/TAi8vZZVi1kFMQMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvaGdHVjdkNGxqNlpYOU1DTHk5bGxXTFdRVXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVt5AwQA
LV2UAwQALYO0AwQALYyEAwQALZNfAwQALuXwAwQBuckQAwQAuckTMA0GCSqGSIb3
DQEBCwUAA4IBAQBH0wY8o57COZ7omp2iRoRKl1r+7Zrz1N+YBTNADovsxiMB8eyu
wwdNGJWwuKnXDaQQTw+ineROUmyc6oaMiVS/kJ3j7ZGNEIwXtAui8HZTiX+dZbRh
DaXm4RQnSwVB2bQ57Tcl0NOiwE1XSRqY0XDdtapQY8p3kwfbzRt3kXs/gEou29uU
Ekr/I23WvTDQnnHKT1shGONX5g20wgrTctgdwLkXwVqVi/9h7mvEH3RhXBBb9haS
fjjpc78fGMR6BLibi9Xk2sQI/Ov0OBWRPaA3bDzlsPIGzcLRYw6XHaM+/gnkfrew
aoAUM/p3ZP2pmY9j8mLrsQyAu7qgOhHU0emC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org