Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Hjz8Jn64BpKfxlB_oSxTfSic548.roa
File: Hjz8Jn64BpKfxlB_oSxTfSic548.roa (raw, json)
Hash identifier: RhtfHjbA1WglLJXm2bRm+UOn6/FK2Nn6e/Q6n+dLkVk=
Subject key identifier: 1E:3C:FC:26:7E:B8:06:92:9F:C6:50:7F:A1:2C:53:7D:28:9C:E7:8F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF01F12046B2E5A0A889F5F5B767EF
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Hjz8Jn64BpKfxlB_oSxTfSic548.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Feb 2023 13:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:01:f1:20:46:b2:e5:a0:a8:89:f5:f5:b7:67:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e3cfc267eb806929fc6507fa12c537d289ce78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:c5:fa:a7:81:c0:8c:af:83:c9:9e:86:4e:
55:4c:c8:37:db:a3:54:19:94:64:21:9a:8b:49:21:
48:d6:39:e7:93:31:c6:9c:9b:16:19:4b:f2:a1:d4:
4b:5e:ea:fb:5f:d6:e9:82:5b:12:58:ab:3c:f8:65:
31:a1:42:c9:b9:dc:99:30:69:c6:00:2a:15:d9:2f:
41:a6:14:ae:2c:47:81:56:7a:f1:dc:68:5f:c4:33:
50:32:77:9a:a0:9b:58:e0:0c:da:5c:b7:80:c8:25:
01:4c:2c:c3:b6:e3:92:33:74:f4:ef:22:54:54:3d:
7f:81:9c:a6:e0:cd:aa:af:d2:f2:60:5b:49:17:29:
ec:c9:9b:1f:a7:9d:14:59:43:e2:1f:f4:c9:14:e9:
b8:8f:f0:e9:99:dd:2c:e1:4e:f0:10:1f:dc:b3:96:
52:3c:8c:a0:a7:b5:62:f9:33:5e:fd:e4:eb:4f:da:
ce:56:aa:91:4a:40:b6:07:cf:97:41:f0:90:d8:f7:
45:15:80:a9:86:8c:5d:ce:54:6c:ed:74:d2:9c:79:
b6:b4:8d:ac:a4:e2:32:26:a4:87:94:56:41:d7:86:
df:27:56:2f:47:41:f7:c1:43:b8:22:e1:cd:09:88:
ff:26:bd:92:d1:9c:4d:3c:7d:61:7d:61:4b:0f:bb:
8b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3C:FC:26:7E:B8:06:92:9F:C6:50:7F:A1:2C:53:7D:28:9C:E7:8F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Hjz8Jn64BpKfxlB_oSxTfSic548.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
83.243.120.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.237.0/24
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
5c:50:5b:8d:5f:db:d2:6a:d8:94:23:90:ab:e4:32:a7:64:58:
38:c7:1f:28:8b:bc:d7:63:35:a0:0f:04:cf:ef:0d:b1:76:5e:
22:49:eb:3a:e8:1e:7e:6a:3d:f3:d3:ed:ed:2d:a4:33:ec:a5:
62:81:94:52:84:24:9a:f3:44:45:9c:d0:7c:46:e3:ec:ca:5d:
c8:7b:e3:8a:b3:51:ee:9e:a1:3b:06:26:86:da:dd:e4:ef:50:
b9:8b:0d:e2:d1:a7:2c:d4:59:61:7a:1c:73:cd:8d:99:a9:6f:
0d:cd:c4:db:b5:29:97:58:1f:53:8c:3f:f6:26:b4:2d:b6:c4:
a1:1a:2a:7a:b7:ab:1d:e0:b5:99:ec:74:9d:a0:4b:c9:e9:81:
13:c8:8f:0e:b9:ec:0f:a6:a7:4b:c6:d5:24:1c:df:4f:f2:df:
19:09:e8:bf:cd:ce:72:5c:f7:92:e6:ed:4e:88:29:77:93:90:
37:bc:8c:06:8d:a9:63:c5:4f:58:e5:95:b9:7b:49:c3:8b:b9:
94:bf:59:64:9c:ba:45:8e:2d:65:6f:da:4e:e5:f1:27:a4:e1:
54:65:a0:13:1e:6c:2d:c0:36:3e:7c:b9:ae:a7:55:a4:00:26:
17:36:1e:d7:a1:e8:bd:83:1e:e6:bd:c4:e9:75:f6:24:49:a4:
8f:b4:58:65
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYVsrwHxIEay5aCoifX1t2fvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNjZmMyNjdlYjgwNjkyOWZjNjUwN2ZhMTJjNTM3ZDI4OWNlNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGbF+qeBwIyvg8mehk5VTMg326NU
GZRkIZqLSSFI1jnnkzHGnJsWGUvyodRLXur7X9bpglsSWKs8+GUxoULJudyZMGnG
ACoV2S9BphSuLEeBVnrx3GhfxDNQMneaoJtY4AzaXLeAyCUBTCzDtuOSM3T07yJU
VD1/gZym4M2qr9LyYFtJFynsyZsfp50UWUPiH/TJFOm4j/Dpmd0s4U7wEB/cs5ZS
PIygp7Vi+TNe/eTrT9rOVqqRSkC2B8+XQfCQ2PdFFYCphoxdzlRs7XTSnHm2tI2s
pOIyJqSHlFZB14bfJ1YvR0H3wUO4IuHNCYj/Jr2S0ZxNPH1hfWFLD7uL+QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFB48/CZ+uAaSn8ZQf6EsU30onOePMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSGp6OEpuNjRCcEtmeGxCX29TeFRmU2ljNTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQEJeswAwQA
U/N4AwQAWR97AwQAW4ReAwQBW+PMMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/
0QMEAJ7/1AMEALka7TANBAIAAjAHAwUDKgMPgDANBgkqhkiG9w0BAQsFAAOCAQEA
XFBbjV/b0mrYlCOQq+Qyp2RYOMcfKIu812M1oA8Ez+8NsXZeIknrOugefmo989Pt
7S2kM+ylYoGUUoQkmvNERZzQfEbj7MpdyHvjirNR7p6hOwYmhtrd5O9QuYsN4tGn
LNRZYXocc82NmalvDc3E27Upl1gfU4w/9ia0LbbEoRoqererHeC1mex0naBLyemB
E8iPDrnsD6anS8bVJBzfT/LfGQnov83Oclz3kubtTogpd5OQN7yMBo2pY8VPWOWV
uXtJw4u5lL9ZZJy6RY4tZW/aTuXxJ6ThVGWgEx5sLcA2Pny5rqdVpAAmFzYe16Ho
vYMe5r3E6XX2JEmkj7RYZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org