Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hlNjGousVuArIR63Akc-u6fHChs.roa
File: hlNjGousVuArIR63Akc-u6fHChs.roa (raw, json)
Hash identifier: xHqrpxV06pCq/94UD97HQNYV9gEmkRY3rEVYjviZb0o=
Subject key identifier: 86:53:63:1A:8B:AC:56:E0:2B:21:1E:B7:02:47:3E:BB:A7:C7:0A:1B
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0185F9B1430731C21948D552081F0CC992A8
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hlNjGousVuArIR63Akc-u6fHChs.roa
Signing time: Sat 28 Jan 2023 18:43:41 +0000
ROA not before: Sat 28 Jan 2023 18:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
178.253.250.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
77.105.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f9:b1:43:07:31:c2:19:48:d5:52:08:1f:0c:c9:92:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 28 18:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8653631a8bac56e02b211eb702473ebba7c70a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:89:17:c1:ca:60:95:3f:10:e7:47:54:4d:70:
57:b6:04:e1:7c:fb:75:e6:86:b2:a9:5c:82:ce:89:
8d:2d:e0:66:96:d8:37:32:13:f3:da:93:23:a8:c7:
e8:e7:0c:4c:f7:5c:f4:8a:88:86:a8:dd:64:64:3e:
39:6c:d6:7c:9e:74:d3:b6:38:4a:24:0f:6c:aa:34:
f4:f1:f3:67:12:5a:01:fa:46:6a:f6:13:3b:24:36:
de:88:89:a2:65:62:bb:6e:c7:39:0c:ee:65:af:f8:
15:8a:4d:2c:3e:c1:99:fa:22:35:bd:ed:4e:c6:e1:
ba:cf:99:44:34:ee:92:87:39:82:91:28:6c:42:3f:
53:55:cd:f7:62:34:40:98:ba:b9:be:ed:1e:b2:5b:
e8:e1:ac:2b:f7:ba:b7:40:f7:f4:aa:2a:91:7d:5e:
fe:59:ac:13:28:75:6e:bf:76:4c:b9:79:67:7b:93:
cf:51:34:0c:4f:c7:f5:3e:79:32:43:ce:a2:6a:13:
86:21:3b:1a:b0:92:d4:6a:60:23:f0:f6:3c:9a:2e:
4d:ac:1d:92:2b:38:3b:d8:21:dd:d8:22:4a:ab:a8:
cd:d7:9d:f9:c9:c1:7b:48:82:e9:3c:df:73:12:43:
72:bf:a5:f0:35:c6:c5:06:c7:de:44:92:45:77:42:
cd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:53:63:1A:8B:AC:56:E0:2B:21:1E:B7:02:47:3E:BB:A7:C7:0A:1B
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hlNjGousVuArIR63Akc-u6fHChs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.39.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.238.0/24
178.253.244.0-178.253.246.255
178.253.250.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.205.0/24
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.3.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
63:45:15:a6:99:2c:eb:5c:2f:50:a6:79:13:83:98:07:d7:26:
49:58:49:3d:62:96:de:df:6b:b8:07:e3:2f:d3:d4:d5:61:c0:
88:ba:8d:02:d7:e4:f2:04:f2:f1:60:dd:c0:4c:54:9f:b8:aa:
b5:db:7f:b2:0d:a5:ee:ce:d3:2c:b5:d0:af:e6:f7:4f:5d:a7:
c1:e3:53:50:35:f6:78:59:a3:1a:ff:4b:d1:51:6a:eb:36:25:
6a:8b:ec:24:d8:05:45:c0:72:0b:76:22:80:3c:45:58:dc:ab:
b9:52:81:73:1f:41:ac:db:84:dd:ef:5b:9c:c7:1d:dc:2c:03:
d4:62:1e:fc:e7:aa:8a:b8:96:b9:07:0c:a9:99:b8:e3:a7:9c:
ef:cb:6a:2a:57:6c:5f:4e:50:0a:ec:40:54:37:84:54:9e:0f:
20:3b:c8:64:c0:8a:52:f2:ab:77:1a:43:90:e9:58:8c:d8:4d:
6a:b6:82:0c:14:74:6b:be:dd:7f:78:27:2f:20:28:31:86:4e:
87:6c:0f:4c:13:a6:2e:c7:aa:93:b7:42:ef:fc:14:61:a4:11:
5e:78:3d:b0:1e:cf:78:b8:ac:5e:1b:0d:8a:b3:57:e7:ae:dc:
16:6d:7d:e1:bd:69:3c:4e:58:de:3b:47:ed:fc:af:b2:c8:e6:
7a:49:02:59
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYX5sUMHMcIZSNVSCB8MyZKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMTI4MTg0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUzNjMxYThiYWM1NmUwMmIyMTFlYjcwMjQ3M2ViYmE3YzcwYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlokXwcpglT8Q50dUTXBXtgThfPt1
5oayqVyCzomNLeBmltg3MhPz2pMjqMfo5wxM91z0ioiGqN1kZD45bNZ8nnTTtjhK
JA9sqjT08fNnEloB+kZq9hM7JDbeiImiZWK7bsc5DO5lr/gVik0sPsGZ+iI1ve1O
xuG6z5lENO6ShzmCkShsQj9TVc33YjRAmLq5vu0eslvo4awr97q3QPf0qiqRfV7+
WawTKHVuv3ZMuXlne5PPUTQMT8f1PnkyQ86iahOGITsasJLUamAj8PY8mi5NrB2S
Kzg72CHd2CJKq6jN1535ycF7SILpPN9zEkNyv6XwNcbFBsfeRJJFd0LNpQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFIZTYxqLrFbgKyEetwJHPrunxwobMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaGxOakdvdXNWdUFySVI2M0FrYy11NmZIQ2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAbem+AwQAstsCAwQCstsEAwQB
stsMAwQAstsPAwQAsv3BAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/e4w
DAMEArL99AMEALL99gMEALL9+gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQD
vP/AAwQAvP/NAwQAvP/PAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBADURQMD
BAHURQQDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBAGNFFaaZ
LOtcL1CmeRODmAfXJklYST1ilt7fa7gH4y/T1NVhwIi6jQLX5PIE8vFg3cBMVJ+4
qrXbf7INpe7O0yy10K/m909dp8HjU1A19nhZoxr/S9FRaus2JWqL7CTYBUXAcgt2
IoA8RVjcq7lSgXMfQazbhN3vW5zHHdwsA9RiHvznqoq4lrkHDKmZuOOnnO/LaipX
bF9OUArsQFQ3hFSeDyA7yGTAilLyq3caQ5DpWIzYTWq2ggwUdGu+3X94Jy8gKDGG
TodsD0wTpi7HqpO3Qu/8FGGkEV54PbAez3i4rF4bDYqzV+eu3BZtfeG9aTxOWN47
R+38r7LI5npJAlk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org