Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HgpyqqLVb86PVkBA3q1cPqFSjX0.roa
File: HgpyqqLVb86PVkBA3q1cPqFSjX0.roa (raw, json)
Hash identifier: 4LVLl7gwwnb1ZtrUMmX8sQ8wg7vCNF23AYLQ+IkKp1o=
Subject key identifier: 1E:0A:72:AA:A2:D5:6F:CE:8F:56:40:40:DE:AD:5C:3E:A1:52:8D:7D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01872D73B1B32238E6DBE91F5BC121B657E7
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HgpyqqLVb86PVkBA3q1cPqFSjX0.roa
Signing time: Wed 29 Mar 2023 12:59:29 +0000
ROA not before: Wed 29 Mar 2023 12:59:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.87.120.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
91.194.55.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
2a0b:2780::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a05:bf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Apr 2023 09:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:73:b1:b3:22:38:e6:db:e9:1f:5b:c1:21:b6:57:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 29 12:59:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e0a72aaa2d56fce8f564040dead5c3ea1528d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:b7:f1:86:02:96:b0:cd:c9:82:c5:25:69:
58:33:20:7b:20:c2:c8:9b:ee:2c:a7:a6:ad:55:f9:
23:ea:c1:ad:84:6c:16:27:14:3e:6c:a6:03:c6:34:
89:24:2e:fa:bd:99:a3:d5:23:d8:4a:1c:6e:22:a7:
ea:02:0c:4a:a3:7f:f7:5b:af:d9:f3:55:88:40:08:
c8:fe:65:ec:2e:27:20:28:8e:80:57:42:68:32:53:
1d:69:c9:2d:0d:0f:8e:bf:ac:c9:30:9d:0f:46:1f:
ec:b6:41:e8:30:96:06:c0:37:75:52:a0:35:87:2a:
73:23:58:30:44:36:85:e1:fe:60:80:02:a4:26:01:
2a:ae:30:bb:e0:55:85:18:b9:7f:79:5f:cf:85:20:
01:67:12:59:17:41:85:a8:f6:52:0f:04:f8:49:3b:
78:57:91:f1:13:19:16:48:59:80:d3:a5:e3:28:b4:
9a:08:30:c5:00:bc:d2:ee:7b:76:bf:b9:b5:fd:57:
a0:9b:05:7a:4d:4e:22:dd:f4:ff:c8:74:0f:fb:cb:
8e:26:98:9a:51:45:f8:41:ec:dc:8f:ee:e5:ef:65:
1c:6b:20:d6:17:45:cd:95:6e:fe:bf:a0:90:96:0d:
f6:45:65:4f:fd:ad:47:8f:7d:6f:8f:2c:e1:ba:2d:
fd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0A:72:AA:A2:D5:6F:CE:8F:56:40:40:DE:AD:5C:3E:A1:52:8D:7D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HgpyqqLVb86PVkBA3q1cPqFSjX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/22
185.254.236.0/22
193.35.152.0/22
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
Signature Algorithm: sha256WithRSAEncryption
18:4a:41:71:8d:29:5c:e1:62:c4:b7:26:34:38:bb:82:ac:52:
3d:96:05:4d:c2:6d:2e:26:74:31:07:f3:fd:35:9b:21:09:05:
fc:e4:6a:43:0b:9f:dc:a0:4f:eb:f7:03:4d:c2:9e:44:40:25:
12:38:5c:72:4e:01:57:f1:54:84:52:59:23:7b:88:ae:cb:6c:
36:93:e1:7f:1d:d8:ee:11:d1:59:3f:7c:b5:42:23:85:54:3c:
4c:70:8b:16:63:17:be:cb:10:2f:4b:15:82:5f:dd:69:b9:2d:
c3:3b:fd:cb:32:0c:f9:f4:5e:36:6e:05:68:ff:6c:d9:54:d4:
46:a6:c3:5a:1f:4f:d6:bd:1a:33:3e:55:3d:67:c4:5a:10:a3:
1a:2d:34:24:1a:1d:ed:7e:d3:d1:88:2a:cc:3d:4c:d9:97:24:
72:69:64:de:2f:2b:55:5e:df:b7:bb:bc:33:36:e9:3b:b5:8f:
96:e7:03:12:9c:1d:26:1f:4a:20:39:10:c1:e0:80:37:dd:4d:
6c:1d:7c:31:61:46:7a:69:2a:fa:59:04:7b:75:9c:57:64:8a:
82:47:5b:65:a2:b8:26:15:3b:39:ea:aa:dc:fc:e6:0b:d4:2e:
a9:dd:e6:d9:c2:61:02:b5:ec:ef:2c:5a:c0:c0:92:f2:41:84:
93:6b:18:0d
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYctc7GzIjjm2+kfW8EhtlfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzI5MTI1OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBhNzJhYWEyZDU2ZmNlOGY1NjQwNDBkZWFkNWMzZWExNTI4ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ238YYClrDNyYLFJWlYMyB7IMLI
m+4sp6atVfkj6sGthGwWJxQ+bKYDxjSJJC76vZmj1SPYShxuIqfqAgxKo3/3W6/Z
81WIQAjI/mXsLicgKI6AV0JoMlMdacktDQ+Ov6zJMJ0PRh/stkHoMJYGwDd1UqA1
hypzI1gwRDaF4f5ggAKkJgEqrjC74FWFGLl/eV/PhSABZxJZF0GFqPZSDwT4STt4
V5HxExkWSFmA06XjKLSaCDDFALzS7nt2v7m1/VegmwV6TU4i3fT/yHQP+8uOJpia
UUX4Qezcj+7l72UcayDWF0XNlW7+v6CQlg32RWVP/a1Hj31vjyzhui393wIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFB4Kcqqi1W/Oj1ZAQN6tXD6hUo19MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvSGdweXFxTFZiODZQVmtCQTNxMWNQcUZTalgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAK5
/hwDBAK5/uwDBALBI5gDBALBoIwDBALB32gDBALCPjQwGwQCAAIwFQMFAyoFvwAD
BQMqB+cAAwUDKgsngDANBgkqhkiG9w0BAQsFAAOCAQEAGEpBcY0pXOFixLcmNDi7
gqxSPZYFTcJtLiZ0MQfz/TWbIQkF/ORqQwuf3KBP6/cDTcKeREAlEjhcck4BV/FU
hFJZI3uIrstsNpPhfx3Y7hHRWT98tUIjhVQ8THCLFmMXvssQL0sVgl/dabktwzv9
yzIM+fReNm4FaP9s2VTURqbDWh9P1r0aMz5VPWfEWhCjGi00JBod7X7T0YgqzD1M
2Zckcmlk3i8rVV7ft7u8MzbpO7WPlucDEpwdJh9KIDkQweCAN91NbB18MWFGemkq
+lkEe3WcV2SKgkdbZaK4JhU7Oeqq3PzmC9Quqd3m2cJhArXs7yxawMCS8kGEk2sY
DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org