Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hkm-L7EHTS6qr_H8s3wy7fH5euU.roa
File: hkm-L7EHTS6qr_H8s3wy7fH5euU.roa (raw, json)
Hash identifier: F+wYtdMwfzAxRHmdzSp0EVE63dtfTMMSgbvANyEkqLk=
Subject key identifier: 86:49:BE:2F:B1:07:4D:2E:AA:AF:F1:FC:B3:7C:32:ED:F1:F9:7A:E5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018ADFE4DB08B79BBEE6E07F68B39602FCDF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hkm-L7EHTS6qr_H8s3wy7fH5euU.roa
Signing time: Fri 29 Sep 2023 07:43:52 +0000
ROA not before: Fri 29 Sep 2023 07:43:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:e4:db:08:b7:9b:be:e6:e0:7f:68:b3:96:02:fc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 29 07:43:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8649be2fb1074d2eaaaff1fcb37c32edf1f97ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:4d:1d:ee:92:3d:43:80:89:49:58:bc:ad:
62:a4:e5:28:84:ca:1d:a0:4a:a1:b2:3d:81:6e:9d:
7a:af:e7:e3:84:b6:0e:d1:5f:bf:52:4b:f3:18:d6:
85:19:d9:92:47:78:89:4f:92:a9:dd:d7:5a:1d:dc:
34:4b:f2:78:6d:c4:53:19:e1:0b:f9:77:3f:4d:19:
fc:5a:18:ee:98:93:b0:d6:1e:7c:13:ab:a3:92:c2:
74:29:e7:05:ee:26:85:91:83:8c:ec:94:8d:a4:d9:
02:4a:d9:2e:54:c9:b7:4d:5a:0c:5d:7b:bf:84:55:
18:55:0a:eb:0d:33:ab:d6:2d:17:0b:fc:19:6e:0a:
07:8c:cd:91:04:64:a5:92:fd:aa:64:11:f0:d4:9c:
ce:ec:d7:45:58:cc:88:83:11:08:a7:1f:f3:6f:70:
52:6a:d0:91:a2:e1:81:fe:40:cb:42:c3:1b:61:ac:
b6:b3:3c:ba:95:2d:e7:a2:bb:af:c3:5f:f9:9f:5d:
2a:aa:14:4a:d7:7f:0c:e9:22:40:34:e9:ac:aa:b2:
06:5f:2c:0c:c3:67:e1:fe:76:6e:7a:bc:14:0f:04:
4e:f1:eb:c3:5d:6a:03:31:3a:3e:40:d9:7b:01:ac:
e4:bd:f6:ab:6e:80:fa:c1:98:7d:db:3d:33:d0:00:
b7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:49:BE:2F:B1:07:4D:2E:AA:AF:F1:FC:B3:7C:32:ED:F1:F9:7A:E5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hkm-L7EHTS6qr_H8s3wy7fH5euU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
af:2a:6e:53:0f:3d:ed:b6:96:cd:4d:30:fb:d8:ea:8c:1f:4c:
40:6a:2a:53:e7:48:f0:17:a3:f5:48:c1:36:2c:7a:b5:10:ed:
20:ef:cc:c0:1a:6e:1a:40:7c:8e:0c:17:6f:17:88:e1:af:48:
06:a6:74:df:f6:62:4c:03:d6:c7:ce:1d:19:09:f5:26:c9:10:
80:25:06:58:6d:b1:25:f5:e0:30:0c:6c:cc:38:c4:3b:7a:ff:
db:3e:a2:e4:91:99:3b:4a:6d:21:ad:b8:0c:34:27:e0:33:64:
68:5e:cf:e8:b7:fc:f4:fa:f5:1c:b1:e4:3d:e7:7d:f1:1c:6b:
2f:ee:7d:f7:2a:fa:c3:50:b7:55:13:77:46:18:ed:03:9c:ed:
e0:f3:21:31:7d:cb:d9:b9:32:42:a5:5f:86:a1:f4:17:ba:f3:
ec:ae:5f:9f:a3:19:87:20:a7:bb:ed:4a:23:08:a4:7e:dd:71:
77:41:31:99:91:c6:55:d7:74:41:d7:2d:9b:64:6a:9f:af:a6:
f7:ae:52:b8:61:21:d9:17:98:ac:3a:ab:bd:a2:70:38:f4:c9:
2a:e5:e7:37:c0:57:de:17:22:76:b1:8b:87:dc:0f:cd:0c:cb:
0f:29:9a:df:34:44:85:d3:d4:77:e9:36:84:8d:e5:59:26:2e:
e7:14:a6:ad
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYrf5NsIt5u+5uB/aLOWAvzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI5MDc0MzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ5YmUyZmIxMDc0ZDJlYWFhZmYxZmNiMzdjMzJlZGYxZjk3YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8NNHe6SPUOAiUlYvK1ipOUohMod
oEqhsj2Bbp16r+fjhLYO0V+/UkvzGNaFGdmSR3iJT5Kp3ddaHdw0S/J4bcRTGeEL
+Xc/TRn8WhjumJOw1h58E6ujksJ0KecF7iaFkYOM7JSNpNkCStkuVMm3TVoMXXu/
hFUYVQrrDTOr1i0XC/wZbgoHjM2RBGSlkv2qZBHw1JzO7NdFWMyIgxEIpx/zb3BS
atCRouGB/kDLQsMbYay2szy6lS3noruvw1/5n10qqhRK138M6SJANOmsqrIGXywM
w2fh/nZuerwUDwRO8evDXWoDMTo+QNl7AazkvfarboD6wZh92z0z0AC3QQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFIZJvi+xB00uqq/x/LN8Mu3x+XrlMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaGttLUw3RUhUUzZxcl9IOHMzd3k3Zkg1ZXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAC
OG0DBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wME
AbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEArypuUw897baWzU0w+9jqjB9MQGoqU+dI8Bej9UjBNix6
tRDtIO/MwBpuGkB8jgwXbxeI4a9IBqZ03/ZiTAPWx84dGQn1JskQgCUGWG2xJfXg
MAxszDjEO3r/2z6i5JGZO0ptIa24DDQn4DNkaF7P6Lf89Pr1HLHkPed98RxrL+59
9yr6w1C3VRN3RhjtA5zt4PMhMX3L2bkyQqVfhqH0F7rz7K5fn6MZhyCnu+1KIwik
ft1xd0ExmZHGVdd0Qdctm2Rqn6+m965SuGEh2ReYrDqrvaJwOPTJKuXnN8BX3hci
drGLh9wPzQzLDyma3zREhdPUd+k2hI3lWSYu5xSmrQ==
-----END CERTIFICATE-----
Generated at Fri Sep 29 17:06:21 2023 by rpki-client on console-ams.rpki-client.org