Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hHx3UiJsw6xEEfRyXfgiUPZvKtc.roa
File: hHx3UiJsw6xEEfRyXfgiUPZvKtc.roa (raw, json)
Hash identifier: KBqz17jXnEYgl0fR0x/sJmXxaAuHZLncz/cxFgcSBY4=
Subject key identifier: 84:7C:77:52:22:6C:C3:AC:44:11:F4:72:5D:F8:22:50:F6:6F:2A:D7
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 018EA99935A6A4DF223FDFB5661FC63C3F21
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hHx3UiJsw6xEEfRyXfgiUPZvKtc.roa
Signing time: Thu 04 Apr 2024 14:52:54 +0000
ROA not before: Thu 04 Apr 2024 14:52:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7342
IP address blocks: 81.19.193.0/24 maxlen: 24
81.19.196.0/24 maxlen: 24
81.19.197.0/24 maxlen: 24
81.19.204.0/24 maxlen: 24
81.19.206.0/24 maxlen: 24
81.19.207.0/24 maxlen: 24
193.109.220.0/24 maxlen: 24
217.30.81.0/24 maxlen: 24
217.30.82.0/24 maxlen: 24
217.30.84.0/24 maxlen: 24
217.30.87.0/24 maxlen: 24
2a10:eec0::/48 maxlen: 48
2a10:eec0:3::/48 maxlen: 48
2a10:eec0:4::/48 maxlen: 48
2a10:eec0:7::/48 maxlen: 48
2a10:eec0:8::/48 maxlen: 48
2a10:eec0:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:46:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:99:35:a6:a4:df:22:3f:df:b5:66:1f:c6:3c:3f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 4 14:52:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=847c7752226cc3ac4411f4725df82250f66f2ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8d:24:8c:77:45:8a:80:6f:88:bf:23:0a:3a:
91:88:d7:28:f4:bd:04:26:96:9d:46:1e:36:d3:f9:
26:ce:16:4c:82:b6:4f:85:c1:bd:2b:6d:39:04:f6:
64:fa:8e:7e:ce:bc:62:56:61:51:1f:cf:8a:a2:b7:
92:48:3c:59:0c:c6:d3:4e:20:fe:a7:f9:b0:e7:88:
47:b1:a7:dd:69:cf:99:4e:2e:5c:8a:cd:1d:17:b6:
36:b8:ff:55:c5:a7:92:0f:02:70:31:2b:ff:8e:04:
fc:7a:26:e4:d2:a8:5a:35:58:93:fa:a3:e1:c9:87:
7f:dd:57:d7:2a:5e:85:0f:56:a1:10:20:5e:1c:3f:
ff:31:25:7a:73:86:99:3a:6e:a4:14:ce:2d:29:73:
47:74:5a:05:b5:15:68:f7:73:7e:37:fa:ce:5c:9d:
bc:8f:f4:71:1e:03:f4:57:31:a9:70:91:8c:0c:93:
b8:72:ad:f6:8d:1c:e2:c2:96:96:06:ec:8a:10:02:
13:30:a2:0f:61:55:02:40:ea:37:ed:d7:8f:2b:62:
88:e0:e9:a3:26:01:e8:75:3c:39:14:54:61:52:c9:
cd:b7:10:fe:d3:4e:55:e9:76:98:86:25:2e:34:76:
cf:e7:41:65:20:ed:8d:23:ae:e9:b0:9c:65:59:e2:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7C:77:52:22:6C:C3:AC:44:11:F4:72:5D:F8:22:50:F6:6F:2A:D7
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hHx3UiJsw6xEEfRyXfgiUPZvKtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.193.0/24
81.19.196.0/23
81.19.204.0/24
81.19.206.0/23
193.109.220.0/24
217.30.81.0-217.30.82.255
217.30.84.0/24
217.30.87.0/24
IPv6:
2a10:eec0::/48
2a10:eec0:3::-2a10:eec0:4:ffff:ffff:ffff:ffff:ffff
2a10:eec0:7::-2a10:eec0:8:ffff:ffff:ffff:ffff:ffff
2a10:eec0:c::/48
Signature Algorithm: sha256WithRSAEncryption
41:e5:5d:90:d5:76:19:0f:ad:08:5e:ca:b5:4e:0e:59:b7:df:
ed:99:b2:bc:0c:61:39:46:62:f7:82:4e:d8:2f:06:67:28:bc:
a2:56:0c:51:0d:7e:b6:89:0f:d6:56:b4:15:7d:b0:23:4e:f2:
3d:da:3c:fc:ce:20:7e:0e:db:7f:59:27:90:7a:c4:c1:ec:7d:
7e:40:f4:56:19:cf:a6:61:0f:6e:9c:ee:71:b6:9f:34:01:0d:
55:07:7e:ce:5c:30:1d:6d:50:0c:e4:62:20:4f:4c:57:2b:6e:
5d:ce:f5:54:e9:a9:75:4e:0e:7b:f1:bb:cb:fd:59:52:bd:c4:
c2:92:20:9e:a8:db:31:4e:69:f6:35:bf:02:59:5f:f4:51:b3:
d1:7a:12:d1:c7:09:a9:98:f9:88:86:15:3d:e7:d2:ec:ea:08:
2a:31:38:f9:cf:07:f5:3e:2c:e2:07:6b:9a:8c:ef:3b:87:dc:
09:6a:dc:d2:38:21:cc:b1:5b:78:8d:a3:cb:ae:3f:9d:9b:4f:
cb:fb:29:4c:8f:03:a4:49:16:12:a5:fa:04:a9:af:4c:dc:03:
5d:1c:6b:a4:02:a8:c2:86:63:2d:3c:5f:b2:74:01:35:32:8c:
c0:bd:b5:89:a4:51:a1:fd:2d:16:8c:e3:02:d9:68:08:46:29:
6b:58:ca:1a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAY6pmTWmpN8iP9+1Zh/GPD8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwNDA0MTQ1MjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdjNzc1MjIyNmNjM2FjNDQxMWY0NzI1ZGY4MjI1MGY2NmYyYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI0kjHdFioBviL8jCjqRiNco9L0E
JpadRh420/kmzhZMgrZPhcG9K205BPZk+o5+zrxiVmFRH8+KoreSSDxZDMbTTiD+
p/mw54hHsafdac+ZTi5cis0dF7Y2uP9VxaeSDwJwMSv/jgT8eibk0qhaNViT+qPh
yYd/3VfXKl6FD1ahECBeHD//MSV6c4aZOm6kFM4tKXNHdFoFtRVo93N+N/rOXJ28
j/RxHgP0VzGpcJGMDJO4cq32jRziwpaWBuyKEAITMKIPYVUCQOo37dePK2KI4Omj
JgHodTw5FFRhUsnNtxD+005V6XaYhiUuNHbP50FlIO2NI67psJxlWeIZ5QIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFIR8d1IibMOsRBH0cl34IlD2byrXMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaEh4M1VpSnN3NnhFRWZSeVhmZ2lVUFp2S3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjA+BAIAATA4AwQAURPB
AwQBURPEAwQAURPMAwQBURPOAwQAwW3cMAwDBADZHlEDBADZHlIDBADZHlQDBADZ
HlcwQAQCAAIwOgMHACoQ7sAAADASAwcAKhDuwAADAwcAKhDuwAAEMBIDBwAqEO7A
AAcDBwAqEO7AAAgDBwAqEO7AAAwwDQYJKoZIhvcNAQELBQADggEBAEHlXZDVdhkP
rQheyrVODlm33+2ZsrwMYTlGYveCTtgvBmcovKJWDFENfraJD9ZWtBV9sCNO8j3a
PPzOIH4O239ZJ5B6xMHsfX5A9FYZz6ZhD26c7nG2nzQBDVUHfs5cMB1tUAzkYiBP
TFcrbl3O9VTpqXVODnvxu8v9WVK9xMKSIJ6o2zFOafY1vwJZX/RRs9F6EtHHCamY
+YiGFT3n0uzqCCoxOPnPB/U+LOIHa5qM7zuH3Alq3NI4IcyxW3iNo8uuP52bT8v7
KUyPA6RJFhKl+gSpr0zcA10ca6QCqMKGYy08X7J0ATUyjMC9tYmkUaH9LRaM4wLZ
aAhGKWtYyho=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:44 2025 by rpki-client