Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HuCuhncGT12nli0sIYFFLfVTREk.roa
File: HuCuhncGT12nli0sIYFFLfVTREk.roa (raw, json)
Hash identifier: Aig/cyTxmFi4Btd6K888dq4NV9KGmKNO83phO8dgqpM=
Subject key identifier: 1E:E0:AE:86:77:06:4F:5D:A7:96:2D:2C:21:81:45:2D:F5:53:44:49
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019082CF3F8C8C5A5AA23F386C8358DB0E25
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HuCuhncGT12nli0sIYFFLfVTREk.roa
Signing time: Fri 05 Jul 2024 12:12:18 +0000
ROA not before: Fri 05 Jul 2024 12:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Jul 2024 15:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:cf:3f:8c:8c:5a:5a:a2:3f:38:6c:83:58:db:0e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 5 12:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ee0ae8677064f5da7962d2c2181452df5534449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:34:4f:b1:cb:d5:76:5c:68:87:9f:bf:e9:
6e:6a:3f:58:4d:cf:6c:cd:ea:1d:18:ec:77:e9:9f:
19:df:37:59:cb:b1:0f:a7:1b:20:50:cb:2d:bf:3a:
19:a5:60:5b:96:19:d8:9c:92:6f:ff:e3:b9:fc:9d:
3d:4a:2c:e3:3d:24:5b:58:2d:10:65:be:14:c1:7a:
6a:1a:32:55:a5:73:96:f5:f2:3b:d5:03:97:a4:5f:
10:e9:89:93:54:74:ee:34:2a:ef:3c:38:4b:57:94:
47:98:2a:a2:08:48:85:10:ed:15:5e:4f:e5:ca:1e:
9c:6e:c6:f1:99:d6:22:74:35:16:dd:5d:64:73:c2:
2d:81:d7:2f:e8:9c:2c:28:e7:22:d6:86:26:28:d1:
1f:86:fc:07:15:66:32:e9:0f:c5:7a:d5:63:15:d7:
ce:34:a9:0f:ac:3e:ab:5f:d0:01:cf:52:bc:09:f2:
61:a7:5e:8c:67:22:ce:39:d0:40:10:a0:5f:ca:24:
94:b6:c0:29:77:06:d2:66:c4:21:49:67:2a:38:dd:
07:8d:e9:58:2e:c5:ed:1d:19:f2:fe:a0:16:84:b5:
49:4f:03:b0:ad:22:bc:91:20:07:75:2a:c3:48:77:
71:9a:5c:de:97:8f:d1:42:7f:b3:12:89:16:c3:1f:
7c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E0:AE:86:77:06:4F:5D:A7:96:2D:2C:21:81:45:2D:F5:53:44:49
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HuCuhncGT12nli0sIYFFLfVTREk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
35:ea:3c:75:0e:10:94:60:f7:1a:c6:8a:b7:3b:c5:96:8f:66:
a3:ac:64:22:43:ae:89:0e:9b:d2:6f:22:b9:9f:b1:56:1e:b9:
06:02:01:e4:5a:38:c4:46:fc:49:60:e6:94:83:29:7b:70:f0:
d1:bd:ac:dd:73:a2:36:02:de:86:2d:c1:3a:85:5f:7d:df:43:
2f:6c:8f:75:10:52:be:02:24:42:de:c9:96:f9:aa:bc:eb:80:
01:66:22:fb:d5:75:0b:28:4f:ac:b9:fa:16:b2:e7:e3:4f:5e:
38:90:d7:37:dd:f1:c8:fd:90:f1:8f:1b:31:06:52:50:74:8c:
6f:03:09:81:71:ab:56:2d:1e:05:2a:72:9a:00:53:b4:b6:2b:
97:a9:78:ef:fb:bd:ec:e6:e9:12:9a:87:78:12:ec:49:98:5a:
9d:f1:82:fa:82:a3:96:11:01:fd:6c:00:fb:df:38:d1:02:6c:
36:d6:d4:bf:ed:39:3f:5c:97:37:cd:47:ae:49:03:b3:23:db:
2a:fd:c6:f3:c5:22:11:b2:52:d9:27:da:d7:2d:f4:c8:15:fa:
4d:bb:ac:f3:29:0d:86:0d:14:9f:24:ae:5a:1c:07:10:4d:c9:
da:43:64:07:4e:dd:bb:35:f2:45:c3:ba:85:02:60:ec:05:4f:
b9:a2:cc:b5
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZCCzz+MjFpaoj84bINY2w4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzA1MTIxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUwYWU4Njc3MDY0ZjVkYTc5NjJkMmMyMTgxNDUyZGY1NTM0NDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVw0T7HL1XZcaIefv+luaj9YTc9s
zeodGOx36Z8Z3zdZy7EPpxsgUMstvzoZpWBblhnYnJJv/+O5/J09SizjPSRbWC0Q
Zb4UwXpqGjJVpXOW9fI71QOXpF8Q6YmTVHTuNCrvPDhLV5RHmCqiCEiFEO0VXk/l
yh6cbsbxmdYidDUW3V1kc8Itgdcv6JwsKOci1oYmKNEfhvwHFWYy6Q/FetVjFdfO
NKkPrD6rX9ABz1K8CfJhp16MZyLOOdBAEKBfyiSUtsApdwbSZsQhSWcqON0HjelY
LsXtHRny/qAWhLVJTwOwrSK8kSAHdSrDSHdxmlzel4/RQn+zEokWwx981wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFB7groZ3Bk9dp5YtLCGBRS31U0RJMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSHVDdWhuY0dUMTJubGkwc0lZRkZMZlZUUkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAAtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOxQAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBADXqPHUOEJRg9xrGirc7xZaPZqOsZCJDrokOm9JvIrmfsVYeuQYCAeRa
OMRG/Elg5pSDKXtw8NG9rN1zojYC3oYtwTqFX33fQy9sj3UQUr4CJELeyZb5qrzr
gAFmIvvVdQsoT6y5+hay5+NPXjiQ1zfd8cj9kPGPGzEGUlB0jG8DCYFxq1YtHgUq
cpoAU7S2K5epeO/7vezm6RKah3gS7EmYWp3xgvqCo5YRAf1sAPvfONECbDbW1L/t
OT9clzfNR65JA7Mj2yr9xvPFIhGyUtkn2tct9MgV+k27rPMpDYYNFJ8krlocBxBN
ydpDZAdO3bs18kXDuoUCYOwFT7mizLU=
-----END CERTIFICATE-----
Generated at Mon Jul 15 18:57:41 2024 by rpki-client on console-fra.rpki-client.org