Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/htFcj_2nys0QVeXbOU-okqOecQ4.roa
File: htFcj_2nys0QVeXbOU-okqOecQ4.roa (raw, json)
Hash identifier: Fi/yMtx3pRwtlheUxgZpLvooKddzWz8S5r2z5FkwBps=
Subject key identifier: 86:D1:5C:8F:FD:A7:CA:CD:10:55:E5:DB:39:4F:A8:92:A3:9E:71:0E
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AD8C6091EA967891DC234EE800007
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/htFcj_2nys0QVeXbOU-okqOecQ4.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
193.231.226.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
217.156.41.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
81.181.64.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.106.0/23 maxlen: 23
217.156.92.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.82.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.12.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 07:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d8:c6:09:1e:a9:67:89:1d:c2:34:ee:80:00:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86d15c8ffda7cacd1055e5db394fa892a39e710e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:48:93:26:7f:a0:cd:43:8c:7f:57:76:1e:
49:0e:a5:4b:4d:ee:af:7d:76:d6:f0:2b:6a:38:7d:
37:e5:1f:7b:fc:e8:be:84:df:6a:01:11:2a:27:34:
c7:a0:a8:d9:3e:af:bb:bb:6d:f4:27:6a:3c:88:25:
ef:da:67:c8:20:75:8c:69:ca:73:83:f3:f7:ba:30:
74:7d:2c:b5:2a:f4:28:ea:c1:c6:b2:2d:cd:19:91:
35:c8:29:9d:e9:57:77:d4:5b:7d:81:de:b7:e4:f0:
8f:71:13:9b:bd:01:10:fd:43:d9:a3:c3:af:54:05:
9e:46:25:0e:be:73:7c:fd:b6:3f:30:fe:f8:01:f7:
d1:88:71:d4:9a:b3:9d:4c:1a:26:65:cc:d5:71:5b:
e9:98:97:4d:05:aa:38:7c:63:ab:1e:ed:a2:26:cf:
06:40:e9:89:d8:04:91:c7:3f:6f:f2:c6:4a:92:11:
14:0d:8e:7e:f0:b5:14:84:cc:3f:8d:b9:8c:62:34:
52:84:6a:19:68:6a:dd:35:49:fb:1e:29:d3:ff:e8:
d9:32:a8:6e:b5:81:90:cf:ae:e8:07:29:cc:24:f6:
ad:bf:06:0d:21:69:b6:7f:80:db:ab:28:45:d5:4b:
4d:e0:3f:4a:53:df:31:8a:26:fe:9e:1b:58:c7:38:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D1:5C:8F:FD:A7:CA:CD:10:55:E5:DB:39:4F:A8:92:A3:9E:71:0E
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/htFcj_2nys0QVeXbOU-okqOecQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.82.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.64.0/24
81.181.112.0/24
81.181.128.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.226.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.106.0/23
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:5d:c5:02:25:94:42:14:0d:a7:66:59:83:52:4e:de:78:4d:
a3:f8:f7:61:7f:c9:d5:3f:0d:26:bf:d5:4b:22:89:a2:1f:3a:
84:82:94:8a:89:c9:0a:3c:d9:27:0e:dc:15:2f:b9:92:04:3e:
1d:29:59:b1:8a:3b:3d:ee:7b:ad:cf:5e:4b:85:0c:d3:70:e5:
a9:e8:c4:96:a3:ed:d3:8c:ad:d0:19:df:50:e5:97:9b:0e:31:
5c:0b:f3:c7:d5:1b:c0:25:5e:c4:06:e1:13:63:9b:3e:9d:47:
72:0f:04:2f:39:5a:3f:89:5b:86:05:4b:5d:61:69:61:08:38:
c3:1b:10:2a:b6:15:7f:ce:01:f3:09:86:15:cb:28:88:b5:25:
78:a2:4b:48:e5:a8:cc:3d:6b:2b:64:e2:b2:9d:d5:4a:2d:8a:
37:c1:7c:3b:ef:12:89:74:0f:f6:c1:33:51:da:a9:d7:b4:d6:
71:ce:15:11:88:ff:75:04:34:c3:8c:01:48:c2:5a:bc:49:a3:
ab:17:a2:27:95:e4:e5:37:d6:a3:46:7e:44:3e:6d:f3:47:c8:
9f:ea:83:8e:3a:92:fc:98:d5:ed:30:e6:00:24:76:50:27:7d:
1d:a7:57:1b:03:5a:7b:9d:b1:05:f9:b4:50:3c:ff:89:f7:3b:
81:d2:21:56
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYzGStjGCR6pZ4kdwjTugAAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQxNWM4ZmZkYTdjYWNkMTA1NWU1ZGIzOTRmYTg5MmEzOWU3MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS5IkyZ/oM1DjH9Xdh5JDqVLTe6v
fXbW8CtqOH035R97/Oi+hN9qAREqJzTHoKjZPq+7u230J2o8iCXv2mfIIHWMacpz
g/P3ujB0fSy1KvQo6sHGsi3NGZE1yCmd6Vd31Ft9gd635PCPcRObvQEQ/UPZo8Ov
VAWeRiUOvnN8/bY/MP74AffRiHHUmrOdTBomZczVcVvpmJdNBao4fGOrHu2iJs8G
QOmJ2ASRxz9v8sZKkhEUDY5+8LUUhMw/jbmMYjRShGoZaGrdNUn7HinT/+jZMqhu
tYGQz67oBynMJPatvwYNIWm2f4DbqyhF1UtN4D9KU98xiib+nhtYxzhmhQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFIbRXI/9p8rNEFXl2zlPqJKjnnEOMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvaHRGY2pfMm55czBRVmVYYk9VLW9rcU9lY1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgQwMEAFBgRQMEAFBgSAMEAFBg
TwMEAFBgUgMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVAAwQA
UbVwAwQAUbWAAwQAUbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweJ0AwQAweJ9AwQA
weJ/AwQAweaeAwQAwebZAwQAweblAwQAwedLAwQAwedsAwQAwee4AwQAwefCAwQA
wefiAwQAwefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQBwmZqAwQAwmaGAwQA
wmblAwQAwpngAwQA2ZwOAwQA2ZwpAwQA2ZxcMA0GCSqGSIb3DQEBCwUAA4IBAQC5
XcUCJZRCFA2nZlmDUk7eeE2j+Pdhf8nVPw0mv9VLIomiHzqEgpSKickKPNknDtwV
L7mSBD4dKVmxijs97nutz15LhQzTcOWp6MSWo+3TjK3QGd9Q5ZebDjFcC/PH1RvA
JV7EBuETY5s+nUdyDwQvOVo/iVuGBUtdYWlhCDjDGxAqthV/zgHzCYYVyyiItSV4
oktI5ajMPWsrZOKyndVKLYo3wXw77xKJdA/2wTNR2qnXtNZxzhURiP91BDTDjAFI
wlq8SaOrF6InleTlN9ajRn5EPm3zR8if6oOOOpL8mNXtMOYAJHZQJ30dp1cbA1p7
nbEF+bRQPP+J9zuB0iFW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org