Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hbdi_IeKPfmpCX6k17WoFlkwgQ.roa
File: 1-Hbdi_IeKPfmpCX6k17WoFlkwgQ.roa (raw, json)
Hash identifier: wccPcCyg87FZHAbkwZ/JHXV+HMaDwWWhfC34WeOJYOc=
Subject key identifier: F8:76:DD:8B:F2:1E:28:F7:E6:A4:25:FA:93:5E:D6:A0:59:64:C2:04
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018D661607ADEFEF77D7FBCD942AA474BA87
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hbdi_IeKPfmpCX6k17WoFlkwgQ.roa
Signing time: Thu 01 Feb 2024 19:12:16 +0000
ROA not before: Thu 01 Feb 2024 19:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 84.234.16.0/20 maxlen: 24
194.58.64.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
194.88.112.0/20 maxlen: 24
195.133.202.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 04:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:16:07:ad:ef:ef:77:d7:fb:cd:94:2a:a4:74:ba:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 1 19:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f876dd8bf21e28f7e6a425fa935ed6a05964c204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:9f:26:bb:6f:6d:b2:3b:71:71:6c:d0:b7:
90:04:13:2d:dc:32:3d:3a:0e:3c:ac:c3:d9:88:1e:
dd:c8:5d:16:a6:6e:f9:fd:b5:60:b1:e7:d3:24:0d:
11:d1:ec:39:e8:a8:6c:fa:c3:b1:15:b8:53:69:33:
5f:92:75:2c:8f:2a:71:04:3b:4c:58:b5:f1:8a:15:
07:a9:12:f3:98:ad:00:88:97:2d:dd:66:52:90:b6:
4e:89:c5:92:c3:c0:ed:92:e4:ad:3e:da:80:30:60:
8d:f4:2f:2c:58:c2:ae:db:0d:5d:ca:8f:1f:ba:e8:
cb:c7:46:81:e0:01:ce:30:1f:ef:cc:b9:78:5d:da:
c6:96:96:84:af:fe:96:ac:be:6f:c5:f7:29:39:63:
fc:81:87:58:ed:46:e6:91:46:5a:c5:b5:63:4f:c6:
67:53:9a:5a:f4:f9:03:eb:da:fd:4a:4b:5e:64:ed:
3d:a9:1f:c0:54:69:74:78:18:83:e4:dc:18:ca:d5:
32:a3:c5:04:17:01:1d:91:47:12:66:c3:c0:a3:68:
00:d2:30:24:fc:bc:ec:a8:3b:68:bb:fa:de:86:1c:
bc:18:19:63:69:d8:44:ac:ae:12:17:93:36:5a:0c:
98:a2:eb:1d:ec:1b:98:7b:99:af:9c:e0:a4:82:79:
ab:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:76:DD:8B:F2:1E:28:F7:E6:A4:25:FA:93:5E:D6:A0:59:64:C2:04
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-Hbdi_IeKPfmpCX6k17WoFlkwgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.16.0/20
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:0f:41:7e:49:1f:88:37:f3:32:87:5b:98:e2:a9:6f:37:14:
59:54:ef:21:0e:2c:9e:52:c8:a2:92:81:82:b0:87:a9:ed:18:
30:7e:a1:76:3b:49:62:10:ed:2a:6d:7a:a6:df:b5:06:77:bc:
d2:48:80:8f:67:07:e0:15:67:a9:ad:14:99:01:f7:de:3a:12:
31:91:48:b2:76:e9:06:a0:0d:f3:bb:8f:27:72:fe:4d:a2:91:
b0:88:ef:f8:51:12:c6:fa:2b:3e:89:5f:53:f5:0f:9d:78:f4:
3a:b0:62:3e:fd:91:e5:a5:c1:8a:f6:c2:92:39:e2:2b:fb:74:
02:ca:0f:1e:ef:16:2e:f7:15:2e:10:54:15:21:4e:c0:6d:cd:
cb:7b:ae:71:3e:64:dd:f0:d2:40:51:b3:6a:81:8a:67:33:b2:
5d:0d:6d:58:8e:2e:3f:72:15:6e:2f:94:d1:57:45:e6:9c:cd:
cc:28:a1:93:6c:97:bf:a9:3a:3a:b5:4a:1e:13:35:40:79:7d:
a5:03:ff:9e:5c:39:03:57:cc:c7:cf:43:41:90:d4:76:f9:42:
04:d1:a3:fc:68:0b:b4:54:7e:6a:bc:d8:61:bb:66:45:a0:24:
6c:31:56:cd:cb:31:78:cd:24:9f:36:2c:37:d0:70:6d:c6:3a:
b7:01:2a:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY1mFget7+931/vNlCqkdLqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjAxMTkxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc2ZGQ4YmYyMWUyOGY3ZTZhNDI1ZmE5MzVlZDZhMDU5NjRjMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdufJrtvbbI7cXFs0LeQBBMt3DI9
Og48rMPZiB7dyF0Wpm75/bVgsefTJA0R0ew56Khs+sOxFbhTaTNfknUsjypxBDtM
WLXxihUHqRLzmK0AiJct3WZSkLZOicWSw8DtkuStPtqAMGCN9C8sWMKu2w1dyo8f
uujLx0aB4AHOMB/vzLl4XdrGlpaEr/6WrL5vxfcpOWP8gYdY7UbmkUZaxbVjT8Zn
U5pa9PkD69r9SkteZO09qR/AVGl0eBiD5NwYytUyo8UEFwEdkUcSZsPAo2gA0jAk
/LzsqDtou/rehhy8GBljadhErK4SF5M2WgyYousd7BuYe5mvnOCkgnmrqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPh23YvyHij35qQl+pNe1qBZZMIEMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMS1IYmRpX0llS1BmbXBDWDZrMTdXb0Zsa3dnUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1
ZS8xLzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBFTqEAME
AcI6QAMEA8JYYAMEBMJYcAMEAcOFyjANBgkqhkiG9w0BAQsFAAOCAQEAjA9Bfkkf
iDfzModbmOKpbzcUWVTvIQ4snlLIopKBgrCHqe0YMH6hdjtJYhDtKm16pt+1Bne8
0kiAj2cH4BVnqa0UmQH33joSMZFIsnbpBqAN87uPJ3L+TaKRsIjv+FESxvorPolf
U/UPnXj0OrBiPv2R5aXBivbCkjniK/t0AsoPHu8WLvcVLhBUFSFOwG3Ny3uucT5k
3fDSQFGzaoGKZzOyXQ1tWI4uP3IVbi+U0VdF5pzNzCihk2yXv6k6OrVKHhM1QHl9
pQP/nlw5A1fMx89DQZDUdvlCBNGj/GgLtFR+arzYYbtmRaAkbDFWzcsxeM0knzYs
N9BwbcY6twEquQ==
-----END CERTIFICATE-----
Generated at Mon Mar 4 06:07:26 2024 by rpki-client on console-ams.rpki-client.org