Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/HvEsgNgJOZi5a0blpC4R97FmWzE.roa
File: HvEsgNgJOZi5a0blpC4R97FmWzE.roa (raw, json)
Hash identifier: CTQycad6FpTV5Ob5xmXEYArMP8bzg3FFqD0WOn/UKyw=
Subject key identifier: 1E:F1:2C:80:D8:09:39:98:B9:6B:46:E5:A4:2E:11:F7:B1:66:5B:31
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 01856C9CD144EB76CEA7A52947A6CC21D527
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/HvEsgNgJOZi5a0blpC4R97FmWzE.roa
Signing time: Sun 01 Jan 2023 09:14:54 +0000
ROA not before: Sun 01 Jan 2023 09:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48176
IP address blocks: 81.177.228.0/22 maxlen: 22
81.177.240.0/21 maxlen: 21
81.177.248.0/22 maxlen: 22
81.177.252.0/23 maxlen: 23
81.177.184.0/24 maxlen: 24
81.177.188.0/22 maxlen: 22
81.177.195.0/24 maxlen: 24
81.177.200.0/22 maxlen: 22
81.177.200.0/21 maxlen: 21
81.177.226.0/23 maxlen: 23
81.177.224.0/20 maxlen: 20
81.177.224.0/23 maxlen: 23
185.8.20.0/22 maxlen: 22
178.237.176.0/20 maxlen: 20
178.237.176.0/21 maxlen: 21
178.237.176.0/22 maxlen: 22
178.237.184.0/21 maxlen: 21
178.237.180.0/22 maxlen: 22
178.237.190.0/23 maxlen: 23
178.237.188.0/23 maxlen: 23
81.177.56.0/21 maxlen: 21
81.177.56.0/22 maxlen: 22
91.207.136.0/23 maxlen: 23
62.122.240.0/21 maxlen: 21
37.18.152.0/21 maxlen: 21
37.18.156.0/22 maxlen: 22
213.222.240.0/21 maxlen: 21
213.222.240.0/20 maxlen: 20
213.59.150.0/24 maxlen: 24
213.59.148.0/23 maxlen: 23
213.59.146.0/24 maxlen: 24
213.59.154.0/24 maxlen: 24
213.222.248.0/21 maxlen: 21
213.59.186.0/23 maxlen: 23
213.59.186.0/24 maxlen: 24
149.255.24.0/21 maxlen: 21
213.59.190.0/23 maxlen: 23
213.59.188.0/22 maxlen: 22
213.222.224.0/22 maxlen: 22
213.222.224.0/21 maxlen: 21
213.222.232.0/22 maxlen: 22
213.222.232.0/21 maxlen: 21
213.222.236.0/22 maxlen: 22
213.59.144.0/22 maxlen: 22
2a03:aa00::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 10 Mar 2023 08:44:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d1:44:eb:76:ce:a7:a5:29:47:a6:cc:21:d5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 09:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ef12c80d8093998b96b46e5a42e11f7b1665b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:11:3f:e6:3a:92:17:69:b7:b1:01:0f:ad:
61:d8:2f:89:3e:56:94:95:4d:5c:37:a0:2a:77:70:
2c:d7:83:3d:48:a1:eb:62:ad:97:f5:ce:31:86:b4:
79:2d:3a:e7:31:b3:33:6f:53:ed:f4:25:12:0a:12:
2c:19:f9:3e:5a:7b:53:84:ba:01:cb:39:29:b1:23:
b8:af:ce:e8:3d:3c:a6:29:d5:5e:1d:b5:32:85:9e:
72:64:12:a3:1a:92:26:d9:84:2e:99:f7:b8:1c:02:
bd:e0:af:f3:95:b2:5a:bf:cd:00:d3:f4:18:87:69:
e7:e2:3a:aa:e8:1d:8a:f2:99:bf:9b:c1:d5:52:39:
22:bc:af:07:20:25:92:30:88:4a:b9:54:44:c8:b0:
0b:b2:32:5d:9c:f7:ab:83:4c:ce:29:39:68:04:c1:
47:af:9b:f1:22:63:29:89:ce:73:c4:44:bb:52:ec:
29:7b:53:32:80:ef:41:4c:9d:0a:35:71:03:df:6f:
16:9f:0d:9f:05:0f:c8:8a:9e:6c:92:26:db:a5:64:
10:65:7a:1a:5b:e6:4b:d1:4f:b2:bb:6b:23:cd:73:
c4:66:6d:b9:ec:ed:f4:2d:a7:e9:19:86:b1:ce:a8:
2e:72:fb:7b:df:2d:99:b1:b8:d7:12:ee:44:b1:88:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F1:2C:80:D8:09:39:98:B9:6B:46:E5:A4:2E:11:F7:B1:66:5B:31
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/HvEsgNgJOZi5a0blpC4R97FmWzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.152.0/21
62.122.240.0/21
81.177.56.0/21
81.177.184.0/24
81.177.188.0/22
81.177.195.0/24
81.177.200.0/21
81.177.224.0-81.177.253.255
91.207.136.0/23
149.255.24.0/21
178.237.176.0/20
185.8.20.0/22
213.59.144.0-213.59.150.255
213.59.154.0/24
213.59.186.0-213.59.191.255
213.222.224.0/19
IPv6:
2a03:aa00::/36
Signature Algorithm: sha256WithRSAEncryption
77:9d:71:f9:ea:40:17:f4:33:d4:0b:d0:78:d8:02:b7:3f:dd:
50:2b:2d:f6:fb:bd:d5:3b:d8:8f:d4:36:69:f4:f7:6b:00:b9:
0d:9f:2a:a9:41:68:5f:e1:79:98:fe:01:6a:89:b5:3a:f5:85:
9f:cc:0f:76:ab:fb:1c:2c:16:bf:7f:9d:57:4e:9a:28:77:1e:
0d:4b:ca:ea:5a:be:8a:ae:fd:c7:00:ff:fb:64:a8:6d:81:2d:
fc:f9:96:22:a1:c9:b6:72:db:7b:49:de:87:ca:5b:2e:48:55:
bb:88:87:03:35:49:0c:85:e2:0a:1c:f9:09:f6:47:7a:2e:92:
2b:13:90:2f:b6:c5:b8:e4:71:2d:78:c4:37:39:6a:94:fd:4c:
06:8f:c8:cf:11:70:c7:fd:61:f9:a6:94:0d:a6:e3:3a:a3:e1:
1d:6a:b6:bf:15:9d:c8:7d:11:af:de:12:f4:c7:1d:33:61:70:
b6:80:a1:5e:19:8e:b7:bf:54:09:7c:db:ea:ce:e3:a6:86:23:
66:93:19:32:e5:21:a1:e7:83:b3:e3:4a:67:29:59:3a:ee:11:
9f:43:81:48:c3:a5:31:ed:11:98:df:0b:9c:1b:85:80:52:6e:
c5:58:86:9e:ea:15:4b:76:5f:2e:f1:02:a3:c6:e7:ac:d8:64:
b7:90:ea:e8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYVsnNFE63bOp6UpR6bMIdUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjMwMTAxMDkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYxMmM4MGQ4MDkzOTk4Yjk2YjQ2ZTVhNDJlMTFmN2IxNjY1YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs68RP+Y6khdpt7EBD61h2C+JPlaU
lU1cN6Aqd3As14M9SKHrYq2X9c4xhrR5LTrnMbMzb1Pt9CUSChIsGfk+WntThLoB
yzkpsSO4r87oPTymKdVeHbUyhZ5yZBKjGpIm2YQumfe4HAK94K/zlbJav80A0/QY
h2nn4jqq6B2K8pm/m8HVUjkivK8HICWSMIhKuVREyLALsjJdnPerg0zOKTloBMFH
r5vxImMpic5zxES7Uuwpe1MygO9BTJ0KNXED328Wnw2fBQ/Iip5skibbpWQQZXoa
W+ZL0U+yu2sjzXPEZm257O30LafpGYaxzqgucvt73y2ZsbjXEu5EsYjq2wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFB7xLIDYCTmYuWtG5aQuEfexZlsxMB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvSHZFc2dOZ0pPWmk1YTBibHBDNFI5N0ZtV3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB+BAIAATB4AwQDJRKY
AwQDPnrwAwQDUbE4AwQAUbG4AwQCUbG8AwQAUbHDAwQDUbHIMAwDBAVRseADBAFR
sfwDBAFbz4gDBAOV/xgDBASy7bADBAK5CBQwDAMEBNU7kAMEANU7lgMEANU7mjAM
AwQB1Tu6AwQG1TuAAwQF1d7gMA4EAgACMAgDBgQqA6oAADANBgkqhkiG9w0BAQsF
AAOCAQEAd51x+epAF/Qz1AvQeNgCtz/dUCst9vu91TvYj9Q2afT3awC5DZ8qqUFo
X+F5mP4Baom1OvWFn8wPdqv7HCwWv3+dV06aKHceDUvK6lq+iq79xwD/+2SobYEt
/PmWIqHJtnLbe0neh8pbLkhVu4iHAzVJDIXiChz5CfZHei6SKxOQL7bFuORxLXjE
NzlqlP1MBo/IzxFwx/1h+aaUDabjOqPhHWq2vxWdyH0Rr94S9McdM2FwtoChXhmO
t79UCXzb6s7jpoYjZpMZMuUhoeeDs+NKZylZOu4Rn0OBSMOlMe0RmN8LnBuFgFJu
xViGnuoVS3ZfLvECo8bnrNhkt5Dq6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:49 2024 by rpki-client on console-fra.rpki-client.org