Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/h2h5xuIhkyasKFI4Jm3BAZHTZK0.roa
File: h2h5xuIhkyasKFI4Jm3BAZHTZK0.roa (raw, json)
Hash identifier: ThlzI+BiDxDnaIuanVXPhBGvz/fRAAWPBtk0Fe/wtuo=
Subject key identifier: 87:68:79:C6:E2:21:93:26:AC:28:52:38:26:6D:C1:01:91:D3:64:AD
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 018AFC221861B324B76E1123A2178B25FDC7
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/h2h5xuIhkyasKFI4Jm3BAZHTZK0.roa
Signing time: Wed 04 Oct 2023 19:20:07 +0000
ROA not before: Wed 04 Oct 2023 19:20:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46261
IP address blocks: 185.225.12.0/23 maxlen: 23
185.214.242.0/23 maxlen: 23
185.225.14.0/23 maxlen: 23
195.245.74.0/23 maxlen: 23
185.147.156.0/22 maxlen: 22
185.147.158.0/24 maxlen: 24
79.110.176.0/21 maxlen: 21
79.110.181.0/24 maxlen: 24
160.238.96.0/22 maxlen: 22
185.238.115.0/24 maxlen: 24
121.46.124.0/22 maxlen: 22
185.214.240.0/24 maxlen: 24
185.214.240.0/23 maxlen: 23
103.205.84.0/22 maxlen: 22
185.157.232.0/22 maxlen: 22
185.235.120.0/22 maxlen: 22
185.235.123.0/24 maxlen: 24
185.235.122.0/24 maxlen: 24
85.8.148.0/22 maxlen: 22
185.227.254.0/23 maxlen: 23
185.227.254.0/24 maxlen: 24
185.214.140.0/22 maxlen: 22
185.214.142.0/23 maxlen: 23
193.187.180.0/22 maxlen: 22
185.228.44.0/22 maxlen: 22
103.207.160.0/22 maxlen: 22
103.207.163.0/24 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.252.0/23 maxlen: 23
103.203.40.0/22 maxlen: 22
193.31.112.0/22 maxlen: 22
193.31.114.0/24 maxlen: 24
185.176.88.0/22 maxlen: 22
185.176.90.0/24 maxlen: 24
185.213.16.0/23 maxlen: 23
185.213.18.0/23 maxlen: 23
59.152.124.0/22 maxlen: 22
91.132.84.0/24 maxlen: 24
91.132.85.0/24 maxlen: 24
91.132.86.0/24 maxlen: 24
91.132.87.0/24 maxlen: 24
195.216.148.0/22 maxlen: 22
185.190.56.0/22 maxlen: 22
193.176.116.0/22 maxlen: 22
217.18.56.0/22 maxlen: 22
61.14.224.0/22 maxlen: 22
193.163.35.0/24 maxlen: 24
185.158.136.0/22 maxlen: 22
194.50.192.0/22 maxlen: 22
185.145.44.0/22 maxlen: 22
185.202.44.0/23 maxlen: 23
185.202.44.0/24 maxlen: 24
185.202.46.0/23 maxlen: 23
185.219.20.0/22 maxlen: 22
185.219.23.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
185.118.135.0/24 maxlen: 24
185.209.128.0/23 maxlen: 23
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 23
185.196.24.0/23 maxlen: 23
185.196.26.0/23 maxlen: 23
185.196.26.0/24 maxlen: 24
85.202.172.0/22 maxlen: 22
85.202.173.0/24 maxlen: 24
185.206.22.0/23 maxlen: 23
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 22
185.206.20.0/23 maxlen: 23
185.206.20.0/24 maxlen: 24
2a07:a900::/29 maxlen: 128
2a07:4580::/29 maxlen: 29
2a07:4580:b0d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Oct 2023 23:24:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:22:18:61:b3:24:b7:6e:11:23:a2:17:8b:25:fd:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Oct 4 19:20:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=876879c6e2219326ac285238266dc10191d364ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a4:52:ac:0f:df:62:fd:e7:35:1f:ae:e5:4b:
e5:3c:bc:b4:2d:8c:84:0a:d9:c8:d6:03:9f:7d:73:
21:41:49:13:b8:f5:0f:11:7c:2a:f0:1f:15:68:dd:
ef:ef:97:89:38:02:3e:c4:67:c7:6e:ce:7b:4f:8f:
f8:2f:7e:89:4e:d0:c0:1f:a1:de:c6:13:a9:99:c8:
86:ab:67:89:30:05:06:b7:25:07:b4:93:8a:3d:70:
e6:ff:93:87:e5:d1:ce:19:56:19:6f:cd:c5:8b:2c:
16:8a:cf:3a:b8:e4:e3:2d:f6:d4:44:91:dd:69:ca:
b4:7c:3f:b3:03:4a:db:32:46:84:c6:f7:1e:82:57:
29:6f:a6:a3:c2:2f:f9:bc:a2:ff:b9:4b:f3:5a:aa:
e4:39:d7:d3:5d:5c:6f:61:37:8d:5f:6a:0d:14:80:
34:05:1d:aa:b4:75:a5:08:d4:90:38:47:fb:bb:2d:
f0:35:ec:01:cb:df:2a:8f:e3:23:1c:ec:b6:37:d2:
5a:aa:24:39:e8:0c:36:43:6c:1a:36:49:49:29:ff:
df:03:44:63:77:9f:d4:6f:ee:00:66:de:09:d9:55:
c4:46:a3:97:a3:2b:af:8f:43:e7:45:c8:d8:7b:1b:
d0:8c:2e:ef:80:73:f6:58:66:e8:b1:f1:e3:0f:19:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:79:C6:E2:21:93:26:AC:28:52:38:26:6D:C1:01:91:D3:64:AD
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/h2h5xuIhkyasKFI4Jm3BAZHTZK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.152.124.0/22
61.14.224.0/22
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
2a07:a900::/29
Signature Algorithm: sha256WithRSAEncryption
a4:16:ea:94:99:d2:45:a9:70:06:03:b0:71:2f:10:9a:6b:49:
ea:db:32:1d:49:b8:d1:6c:34:3f:4c:08:09:58:c1:2c:b8:cf:
e8:a7:62:1e:ce:b8:44:62:cb:a6:3b:1b:72:25:5d:ea:17:d8:
d9:a4:f7:92:cd:62:cd:70:bf:0b:a2:2d:c2:f6:c0:15:20:b5:
b5:1f:4f:2e:e4:9c:51:01:1b:15:08:64:55:63:78:84:8f:eb:
6f:e2:f4:44:4a:63:be:5c:db:97:d9:98:0a:6b:ba:1b:1a:b1:
28:a2:49:b7:f3:8d:d8:16:0e:c7:e9:fd:0b:55:39:1b:38:16:
de:28:e8:33:41:ae:a2:cf:22:0c:90:75:2e:83:ab:87:64:1f:
b1:27:28:e6:1e:3a:fb:24:cc:cd:7e:6b:7e:66:95:d4:1e:58:
46:b0:cc:7c:6f:21:ce:08:b4:d5:8d:f2:ac:f8:99:31:33:e2:
a4:9b:25:ce:84:6f:a2:08:59:45:95:e0:c0:93:1c:fb:7b:a2:
52:8f:84:7e:c3:55:03:94:24:2a:97:44:18:ce:8c:3e:5a:4a:
21:20:40:bf:aa:3d:6a:41:57:3c:7c:27:14:37:e9:f6:8f:5a:
ec:15:80:9d:ec:56:7e:1c:17:05:38:0d:44:d7:b7:d2:fc:4b:
f3:62:37:ff
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYr8IhhhsyS3bhEjoheLJf3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjMxMDA0MTkyMDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4NzljNmUyMjE5MzI2YWMyODUyMzgyNjZkYzEwMTkxZDM2NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6RSrA/fYv3nNR+u5UvlPLy0LYyE
CtnI1gOffXMhQUkTuPUPEXwq8B8VaN3v75eJOAI+xGfHbs57T4/4L36JTtDAH6He
xhOpmciGq2eJMAUGtyUHtJOKPXDm/5OH5dHOGVYZb83FiywWis86uOTjLfbURJHd
acq0fD+zA0rbMkaExvceglcpb6ajwi/5vKL/uUvzWqrkOdfTXVxvYTeNX2oNFIA0
BR2qtHWlCNSQOEf7uy3wNewBy98qj+MjHOy2N9JaqiQ56Aw2Q2waNklJKf/fA0Rj
d5/Ub+4AZt4J2VXERqOXoyuvj0PnRcjYexvQjC7vgHP2WGbosfHjDxnkPwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFIdoecbiIZMmrChSOCZtwQGR02StMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvaDJoNXh1SWhreWFzS0ZJNEptM0JBWkhUWkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCB/QQCAAEwgfYD
BAI7mHwDBAI9DuADBANPbrADBAJVCJQDBAJVyqwDBAJbhFQDBAJnyygDBAJnzVQD
BAJnz6ADBAJ5LnwDBAKg7mADBAC5aQoDBAK5doQDBAK5kSwDBAK5k5wDBAK5negD
BAK5nogDBAK5sFgDBAK5vjgDBAK5xBgDBAK5yiwDBAK5zhQDBAK50YADBAK51RAD
BAK51owDBAK51vADBAK52xQDBAK54QwDBAK54/wDBAK55CwDBAK563gDBAC57nMD
BAC58rkDBALBH3ADBADBoyMDBALBsHQDBALBu7QDBALCMsADBALD2JQDBAHD9UoD
BALZEjgwFAQCAAIwDgMFAyoHRYADBQMqB6kAMA0GCSqGSIb3DQEBCwUAA4IBAQCk
FuqUmdJFqXAGA7BxLxCaa0nq2zIdSbjRbDQ/TAgJWMEsuM/op2IezrhEYsumOxty
JV3qF9jZpPeSzWLNcL8Loi3C9sAVILW1H08u5JxRARsVCGRVY3iEj+tv4vRESmO+
XNuX2ZgKa7obGrEookm3843YFg7H6f0LVTkbOBbeKOgzQa6izyIMkHUug6uHZB+x
JyjmHjr7JMzNfmt+ZpXUHlhGsMx8byHOCLTVjfKs+JkxM+KkmyXOhG+iCFlFleDA
kxz7e6JSj4R+w1UDlCQql0QYzow+WkohIEC/qj1qQVc8fCcUN+n2j1rsFYCd7FZ+
HBcFOA1E17fS/EvzYjf/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:24 2024 by rpki-client on console-ams.rpki-client.org