Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/HcOmyemLcX32p8JYFg3j2cW-tv4.roa
File: HcOmyemLcX32p8JYFg3j2cW-tv4.roa (raw, json)
Hash identifier: TZW1Yhj2LiljK52Tx2BUFZUbNEgpCPnJXpD1+3R+T74=
Subject key identifier: 1D:C3:A6:C9:E9:8B:71:7D:F6:A7:C2:58:16:0D:E3:D9:C5:BE:B6:FE
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 0192F6CE80DC3D6FFF46FE3800E2F8A1ACC9
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/HcOmyemLcX32p8JYFg3j2cW-tv4.roa
Signing time: Mon 04 Nov 2024 10:53:01 +0000
ROA not before: Mon 04 Nov 2024 10:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56329
IP address blocks: 46.227.144.0/21 maxlen: 21
78.143.192.0/19 maxlen: 19
82.163.144.0/20 maxlen: 20
82.163.184.0/21 maxlen: 21
82.163.252.0/22 maxlen: 22
83.151.200.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
88.202.192.0/20 maxlen: 20
88.202.232.0/22 maxlen: 22
88.202.240.0/20 maxlen: 20
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
185.111.224.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
188.95.40.0/21 maxlen: 21
194.233.152.0/21 maxlen: 21
194.233.152.0/22 maxlen: 22
194.233.156.0/22 maxlen: 22
194.233.224.0/20 maxlen: 20
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.32.0/22 maxlen: 22
195.180.36.0/22 maxlen: 22
195.180.48.0/20 maxlen: 20
212.132.32.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
2a00:d200::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a06:61c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:ce:80:dc:3d:6f:ff:46:fe:38:00:e2:f8:a1:ac:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: Nov 4 10:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dc3a6c9e98b717df6a7c258160de3d9c5beb6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f1:08:45:60:cd:c0:08:9d:69:97:45:f0:06:
59:c0:69:15:b0:a7:85:b2:ff:68:f4:a3:99:7c:6e:
64:2a:b8:a6:23:e4:ba:48:8a:4f:f1:ef:15:d6:12:
aa:b7:46:c4:ce:cb:9c:e2:1a:2b:89:71:17:97:48:
e3:37:ee:c1:6c:26:6a:05:7d:c5:48:7f:4a:e6:b1:
04:ad:bb:58:bc:f9:2f:c2:96:50:14:30:b3:54:8b:
e0:d4:a9:4f:d2:04:77:aa:22:31:b7:e2:75:f3:73:
9c:8f:14:b9:b8:a4:c6:b1:7b:af:6e:ee:cd:ec:77:
57:ef:0b:ed:f2:88:e1:cf:38:5a:d3:7d:a9:26:8d:
1a:44:a9:68:4b:48:2c:16:23:97:5f:c8:93:1d:b2:
fa:68:7f:46:ff:31:37:20:9b:b5:16:c8:b1:9e:e1:
67:27:c0:c2:db:5b:18:42:0d:b5:76:ed:b9:a6:92:
8c:bb:3f:92:00:5e:94:99:8f:21:de:7c:b1:39:0f:
01:6b:26:1b:bb:02:dd:f2:8f:83:5b:dd:11:43:2f:
72:85:34:15:64:2a:a6:d7:e2:51:af:59:24:22:a4:
46:c4:f3:7d:11:74:8d:ff:cc:67:6a:19:30:4f:63:
41:bb:cf:d7:6e:b1:e7:bf:75:75:d8:ae:f7:4a:1e:
8e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C3:A6:C9:E9:8B:71:7D:F6:A7:C2:58:16:0D:E3:D9:C5:BE:B6:FE
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/HcOmyemLcX32p8JYFg3j2cW-tv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.132.32.0/19
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:2f:c0:6b:35:f9:20:ce:6d:a0:0a:b6:59:7e:00:94:2a:cb:
b3:a7:ad:66:cd:48:4b:52:c4:c0:d0:1b:aa:06:c8:db:d5:1f:
bf:11:b3:46:22:3b:ef:15:dd:39:cc:55:c9:29:21:b8:88:a5:
be:69:2b:f4:f1:80:d6:ea:21:2b:8f:25:a1:d2:51:3d:a1:45:
08:c7:12:c0:af:ab:ec:9b:8d:fe:e1:71:da:9f:a1:f4:0a:02:
43:e0:55:2f:9e:05:f1:73:35:41:ad:db:5f:d5:a7:40:b3:6f:
34:5b:cc:60:95:28:da:27:91:b3:ae:07:ff:8b:c9:55:54:7a:
31:6c:5a:84:43:eb:18:4d:c6:24:b4:b8:13:04:f8:db:02:a5:
11:75:ce:74:9e:3f:ea:be:51:38:1e:34:78:96:e4:d9:c2:cd:
28:58:b6:7f:08:58:3d:8d:00:32:ca:a0:8d:72:90:f3:9b:6d:
50:c4:68:dc:94:60:7a:47:43:75:1d:db:c5:81:a3:2e:9d:5a:
46:1b:1f:db:7f:8a:1b:b3:28:c3:d6:12:ed:2c:96:39:99:14:
61:52:23:47:04:75:f8:aa:23:f4:57:de:aa:1f:6b:bd:a6:f9:
1b:41:78:b7:8c:8f:db:09:75:a5:7e:80:f6:a1:b9:97:31:b0:
aa:72:2a:b3
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZL2zoDcPW//Rv44AOL4oazJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjQxMTA0MTA1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMzYTZjOWU5OGI3MTdkZjZhN2MyNTgxNjBkZTNkOWM1YmViNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvEIRWDNwAidaZdF8AZZwGkVsKeF
sv9o9KOZfG5kKrimI+S6SIpP8e8V1hKqt0bEzsuc4horiXEXl0jjN+7BbCZqBX3F
SH9K5rEErbtYvPkvwpZQFDCzVIvg1KlP0gR3qiIxt+J183OcjxS5uKTGsXuvbu7N
7HdX7wvt8ojhzzha032pJo0aRKloS0gsFiOXX8iTHbL6aH9G/zE3IJu1FsixnuFn
J8DC21sYQg21du25ppKMuz+SAF6UmY8h3nyxOQ8BayYbuwLd8o+DW90RQy9yhTQV
ZCqm1+JRr1kkIqRGxPN9EXSN/8xnahkwT2NBu8/XbrHnv3V12K73Sh6OMwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFB3Dpsnpi3F99qfCWBYN49nFvrb+MB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvSGNPbXllbUxjWDMycDhKWUZnM2oyY1ctdHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA
AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL
BQADggEBAL8vwGs1+SDObaAKtll+AJQqy7OnrWbNSEtSxMDQG6oGyNvVH78Rs0Yi
O+8V3TnMVckpIbiIpb5pK/TxgNbqISuPJaHSUT2hRQjHEsCvq+ybjf7hcdqfofQK
AkPgVS+eBfFzNUGt21/Vp0CzbzRbzGCVKNonkbOuB/+LyVVUejFsWoRD6xhNxiS0
uBME+NsCpRF1znSeP+q+UTgeNHiW5NnCzShYtn8IWD2NADLKoI1ykPObbVDEaNyU
YHpHQ3Ud28WBoy6dWkYbH9t/ihuzKMPWEu0sljmZFGFSI0cEdfiqI/RX3qofa72m
+RtBeLeMj9sJdaV+gPahuZcxsKpyKrM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:37:41 2025 by rpki-client