Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/hABJX6FGyhGu6QVrIKVtid3IO3k.roa
File: hABJX6FGyhGu6QVrIKVtid3IO3k.roa (raw, json)
Hash identifier: Kzp7NxEdNY++8eQa+NjlWYb3VGEsu4V/S0rZXV+zITk=
Subject key identifier: 84:00:49:5F:A1:46:CA:11:AE:E9:05:6B:20:A5:6D:89:DD:C8:3B:79
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018D5AC86849192102BEF7D1C047BD59058B
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/hABJX6FGyhGu6QVrIKVtid3IO3k.roa
Signing time: Tue 30 Jan 2024 14:31:39 +0000
ROA not before: Tue 30 Jan 2024 14:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 11 May 2024 19:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:c8:68:49:19:21:02:be:f7:d1:c0:47:bd:59:05:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Jan 30 14:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8400495fa146ca11aee9056b20a56d89ddc83b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:f3:e9:98:2e:30:99:73:5a:61:77:69:03:
dd:95:c0:26:44:1b:49:c5:e5:87:ca:1b:47:23:70:
3d:eb:f3:07:7b:41:20:0c:00:b1:0d:20:13:52:7d:
dc:6c:81:d4:bf:84:5a:1d:fc:91:69:5f:5b:93:07:
07:eb:08:49:57:29:40:e6:84:d8:60:13:4a:2a:08:
ef:de:3d:e5:b7:9b:29:32:27:72:d5:9a:a8:02:0c:
be:4d:aa:e2:13:f2:49:1c:01:3d:39:75:11:8e:fe:
21:aa:16:7b:07:cb:1d:d7:8a:8c:47:c4:ae:50:06:
0e:18:33:d8:99:4b:47:3d:c1:23:06:a0:f8:f0:71:
d1:41:89:95:93:82:90:11:f6:30:c1:55:79:c7:b9:
50:b6:b6:a5:ee:51:86:cc:93:46:c4:9d:e2:da:ee:
b2:c8:85:b2:eb:eb:14:8f:f6:c8:79:3f:19:75:a4:
a0:38:54:2d:cc:9a:bc:d1:46:0f:b4:0c:0e:4e:43:
a0:fc:33:e7:a9:08:f7:a8:a3:6e:73:20:e3:91:e1:
13:b7:68:d8:85:b7:e2:2f:c0:70:ee:59:bb:15:b6:
ce:4e:8e:d0:95:78:16:c0:93:be:49:53:f8:22:38:
38:17:b1:a2:0e:51:3a:9c:ae:9a:d5:01:f8:c5:29:
d2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:00:49:5F:A1:46:CA:11:AE:E9:05:6B:20:A5:6D:89:DD:C8:3B:79
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/hABJX6FGyhGu6QVrIKVtid3IO3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
98:85:12:4b:8a:ad:0e:a7:31:fb:be:7a:04:2f:55:00:a0:b9:
7f:6a:5a:bc:d3:48:27:89:69:9c:b7:df:cb:00:36:5b:5b:2d:
d5:91:ec:88:dc:e2:ff:81:d8:09:32:10:49:fb:ad:28:3e:74:
59:62:68:e6:30:dc:d1:9e:6b:57:63:ff:e8:59:ba:f2:71:26:
75:73:53:50:69:7c:49:70:d7:e3:9a:44:61:3b:e9:1b:d7:6a:
4c:8e:25:06:95:b9:5e:93:74:72:20:63:77:75:80:9e:2c:13:
61:b3:3e:0d:a7:8b:7e:8f:2f:53:07:2e:4f:43:a9:cf:a8:1f:
f3:e3:4c:9e:d7:39:8a:98:ab:4f:da:ce:f6:84:11:35:5a:77:
c0:54:ef:46:31:af:fc:3d:b0:e9:0e:76:30:be:be:b6:49:9a:
61:8d:91:71:39:51:06:b3:c4:f0:8a:ed:2b:79:d8:ed:f5:45:
c3:9e:53:1b:32:8e:cd:09:c6:35:79:8d:d4:7a:d5:49:4b:86:
70:f9:9f:45:77:cc:b8:b8:a6:e5:5c:c0:da:17:5a:3e:7a:fa:
21:81:21:30:bf:54:a5:6a:86:32:4e:64:c5:99:ce:4f:cc:24:
bf:c3:59:4c:e7:db:d8:83:ce:3c:d1:7f:a9:6d:d2:61:40:05:
7f:6f:f5:3e
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAY1ayGhJGSECvvfRwEe9WQWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjQwMTMwMTQzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDAwNDk1ZmExNDZjYTExYWVlOTA1NmIyMGE1NmQ4OWRkYzgzYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocbz6ZguMJlzWmF3aQPdlcAmRBtJ
xeWHyhtHI3A96/MHe0EgDACxDSATUn3cbIHUv4RaHfyRaV9bkwcH6whJVylA5oTY
YBNKKgjv3j3lt5spMidy1ZqoAgy+TariE/JJHAE9OXURjv4hqhZ7B8sd14qMR8Su
UAYOGDPYmUtHPcEjBqD48HHRQYmVk4KQEfYwwVV5x7lQtral7lGGzJNGxJ3i2u6y
yIWy6+sUj/bIeT8ZdaSgOFQtzJq80UYPtAwOTkOg/DPnqQj3qKNucyDjkeETt2jY
hbfiL8Bw7lm7FbbOTo7QlXgWwJO+SVP4Ijg4F7GiDlE6nK6a1QH4xSnSbQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFIQASV+hRsoRrukFayClbYndyDt5MB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvaEFCSlg2Rkd5aEd1NlFWcklLVnRpZDNJTzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MIHNBAIAATCBxgME
AgI41AMEAB8O7gMEAB/e5QMEAi2JlAMEAi2ZuAMEAD4DIAMEAFZp/AMEAFZqtQME
AFZrxQMEAlkmgAMEAFkmhwMEAFkrIQMEAVvjKAMEAVv6+AMEAF1ygAMEAF1yhQME
A11zEAMEAF6wtgMEAF7nzQMEAF+pwAMEAF+pyQMEALKdUgMEAbKdWgMEALlgowME
Armq1AMEALnqNAMEAbnz1gMEAbzUfAMEAMHJDwMEAMIa1QMEAsIgTAMEAMI/kQME
AsJjFDArBAIAAjAlAwUAKgWCgAMFAioJzUAwDgMFACoJzUUDBQAqCc1GAwUBKgy5
wDANBgkqhkiG9w0BAQsFAAOCAQEAmIUSS4qtDqcx+756BC9VAKC5f2pavNNIJ4lp
nLffywA2W1st1ZHsiNzi/4HYCTIQSfutKD50WWJo5jDc0Z5rV2P/6Fm68nEmdXNT
UGl8SXDX45pEYTvpG9dqTI4lBpW5XpN0ciBjd3WAniwTYbM+DaeLfo8vUwcuT0Op
z6gf8+NMntc5ipirT9rO9oQRNVp3wFTvRjGv/D2w6Q52ML6+tkmaYY2RcTlRBrPE
8IrtK3nY7fVFw55TGzKOzQnGNXmN1HrVSUuGcPmfRXfMuLim5VzA2hdaPnr6IYEh
ML9UpWqGMk5kxZnOT8wkv8NZTOfb2IPOPNF/qW3SYUAFf2/1Pg==
-----END CERTIFICATE-----
Generated at Sat May 11 22:00:52 2024 by rpki-client on console-ams.rpki-client.org