Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/hNea_AMMuUZmXCZBEkczYEdhMYU.roa
File: hNea_AMMuUZmXCZBEkczYEdhMYU.roa (raw, json)
Hash identifier: V60yy4OxERBgO1doCJJA0f5RXgsbGILmiw1LY+F9j0E=
Subject key identifier: 84:D7:9A:FC:03:0C:B9:46:66:5C:26:41:12:47:33:60:47:61:31:85
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 0186030558D56087CC2E2C81176A0E7C9372
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/hNea_AMMuUZmXCZBEkczYEdhMYU.roa
Signing time: Mon 30 Jan 2023 14:12:07 +0000
ROA not before: Mon 30 Jan 2023 14:12:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41564
IP address blocks: 23.92.127.0/24 maxlen: 24
192.40.88.0/24 maxlen: 24
158.222.0.0/20 maxlen: 20
158.222.3.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
5.157.4.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
104.160.4.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
104.160.20.0/24 maxlen: 24
5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
2a02:5740:3::/48 maxlen: 48
2a02:5740::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:5::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:2::/48 maxlen: 48
2a02:5740:6::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:4::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:05:58:d5:60:87:cc:2e:2c:81:17:6a:0e:7c:93:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 30 14:12:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d79afc030cb946665c26411247336047613185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:27:22:2a:c7:c4:37:79:7e:4b:83:7b:d4:bf:
49:d5:8c:e6:02:81:85:eb:33:88:1a:ca:9e:b7:b2:
3d:47:4d:5a:eb:04:ea:93:d9:4c:9e:07:3f:26:c2:
1d:0e:a7:e3:94:65:41:d2:eb:2b:5a:ae:19:53:4d:
28:d2:d9:b5:fd:fa:22:bc:94:a4:b8:6e:4b:3e:c3:
a5:f1:45:98:91:85:ba:b0:d0:55:7f:2a:4a:69:80:
9d:8b:a0:00:0d:7f:9c:a8:c0:8e:81:cc:34:3a:8d:
74:5e:97:96:a9:e3:58:10:2c:9a:07:ea:4f:44:8a:
f0:7a:bb:49:a5:8a:f3:b4:46:a1:01:29:f9:ec:d6:
4a:2f:6e:78:98:be:00:9f:3c:19:b0:93:71:bb:bc:
48:8a:db:da:f8:9c:fc:66:3d:29:f0:59:91:02:4d:
b4:a0:e6:10:2c:16:ea:e5:4f:aa:e4:70:da:b2:3c:
0f:57:14:85:54:c2:7a:80:5a:d0:4b:fc:97:1b:6f:
b2:7f:c3:a4:20:2d:aa:08:30:4b:c0:e0:45:c7:10:
e4:d9:cb:15:b0:34:00:5b:46:77:8e:6a:f3:fd:1b:
32:de:41:5a:b5:06:f9:21:03:69:97:7b:b1:5c:09:
89:70:1b:15:65:7e:d5:7a:fa:7f:39:8c:52:77:a9:
81:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D7:9A:FC:03:0C:B9:46:66:5C:26:41:12:47:33:60:47:61:31:85
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/hNea_AMMuUZmXCZBEkczYEdhMYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.4.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.4.0/24
104.160.6.0/24
104.160.10.0/24
104.160.20.0/24
151.237.186.0/24
158.222.0.0/20
192.40.88.0/24
IPv6:
2a02:5740::-2a02:5740:6:ffff:ffff:ffff:ffff:ffff
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::/48
Signature Algorithm: sha256WithRSAEncryption
2a:ac:29:07:4c:d7:5e:20:20:af:97:35:3a:74:9b:0e:51:9b:
7b:75:24:0f:e1:ec:0c:33:31:c0:74:82:b7:c2:f3:ea:c2:17:
ef:9e:84:01:80:cf:b6:9f:4e:8b:53:85:ad:85:67:c1:6c:c2:
56:43:01:02:1c:29:f4:93:f0:79:a2:83:39:7c:7b:f4:53:46:
71:ef:8d:18:ff:c6:a0:fd:9a:84:60:be:44:08:84:fa:29:90:
0c:49:e1:8b:98:d8:a8:1f:d3:f2:d7:3c:57:44:63:d2:b6:c8:
9e:4e:63:06:9a:27:03:5a:7a:6c:b2:b9:91:05:94:c0:2e:8f:
52:bd:b5:18:40:95:43:c8:65:d3:9b:11:0f:73:93:4e:25:79:
4f:69:73:e7:4c:d0:e7:aa:47:46:ae:cb:b0:00:cd:a8:bb:1c:
a9:71:5d:f4:76:b7:d4:0b:ca:e2:92:bc:b8:d2:18:1f:50:c6:
f1:4e:57:c9:bc:22:b1:ab:48:a0:63:59:5f:99:25:6c:fc:b1:
42:e8:11:0a:dd:56:16:8b:03:51:a8:c5:90:21:ba:69:ef:03:
96:81:e4:d9:cf:e7:c3:bd:c0:43:03:17:3f:3b:42:4f:79:6a:
0a:ee:4b:fd:de:32:4c:a7:44:4c:5b:68:59:11:68:9b:10:43:
ff:8e:36:4b
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYYDBVjVYIfMLiyBF2oOfJNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTMwMTQxMjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ3OWFmYzAzMGNiOTQ2NjY1YzI2NDExMjQ3MzM2MDQ3NjEzMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliciKsfEN3l+S4N71L9J1YzmAoGF
6zOIGsqet7I9R01a6wTqk9lMngc/JsIdDqfjlGVB0usrWq4ZU00o0tm1/foivJSk
uG5LPsOl8UWYkYW6sNBVfypKaYCdi6AADX+cqMCOgcw0Oo10XpeWqeNYECyaB+pP
RIrwertJpYrztEahASn57NZKL254mL4AnzwZsJNxu7xIitva+Jz8Zj0p8FmRAk20
oOYQLBbq5U+q5HDasjwPVxSFVMJ6gFrQS/yXG2+yf8OkIC2qCDBLwOBFxxDk2csV
sDQAW0Z3jmrz/Rsy3kFatQb5IQNpl3uxXAmJcBsVZX7Vevp/OYxSd6mBuQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFITXmvwDDLlGZlwmQRJHM2BHYTGFMB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvaE5lYV9BTU11VVptWENaQkVrY3pZRWRoTVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBnQQCAAEwgZYDBAAF
mewDBAAFme8DBAAFnQQDBAAFnQgwDAMEAAWdDQMEAAWdDgMEAAWdEQMEAAWdFgME
AAWdGzAMAwQABZ0pAwQABZ0qAwQABZ0tAwQABZ04MAwDBAEFnToDBAYFnQADBAAX
XH8DBABooAIDBABooAQDBABooAYDBABooAoDBABooBQDBACX7boDBASe3gADBADA
KFgwMwQCAAIwLTAQAwUGKgJXQAMHACoCV0AABgMHACoCV0AAEQMHACoCV0AAGAMH
ACoCV0AAITANBgkqhkiG9w0BAQsFAAOCAQEAKqwpB0zXXiAgr5c1OnSbDlGbe3Uk
D+HsDDMxwHSCt8Lz6sIX756EAYDPtp9Oi1OFrYVnwWzCVkMBAhwp9JPweaKDOXx7
9FNGce+NGP/GoP2ahGC+RAiE+imQDEnhi5jYqB/T8tc8V0Rj0rbInk5jBponA1p6
bLK5kQWUwC6PUr21GECVQ8hl05sRD3OTTiV5T2lz50zQ56pHRq7LsADNqLscqXFd
9Ha31AvK4pK8uNIYH1DG8U5XybwisatIoGNZX5klbPyxQugRCt1WFosDUajFkCG6
ae8DloHk2c/nw73AQwMXPztCT3lqCu5L/d4yTKdETFtoWRFomxBD/442Sw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:31 2023 by rpki-client on console-fra.rpki-client.org