Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hmkk7e5Z439o8o3envPAaKRvA9M.roa
File: hmkk7e5Z439o8o3envPAaKRvA9M.roa (raw, json)
Hash identifier: 2tcFsZ1yHsG8/2aVWgYWE2UB8D+eoMB3Q+zuG8GImhY=
Subject key identifier: 86:69:24:ED:EE:59:E3:7F:68:F2:8D:DE:9E:F3:C0:68:A4:6F:03:D3
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 018CC492F9088ADFD9814D8E97CC9979AC6F
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hmkk7e5Z439o8o3envPAaKRvA9M.roa
Signing time: Mon 01 Jan 2024 10:30:15 +0000
ROA not before: Mon 01 Jan 2024 10:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34244
IP address blocks: 94.46.136.0/22 maxlen: 22
178.236.65.48/29 maxlen: 29
178.255.112.0/22 maxlen: 22
178.236.73.112/29 maxlen: 29
178.236.73.176/29 maxlen: 29
193.221.219.0/24 maxlen: 24
178.236.72.28/30 maxlen: 30
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
178.236.72.48/28 maxlen: 28
178.236.72.88/29 maxlen: 29
178.236.74.88/29 maxlen: 29
185.121.44.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
94.46.240.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
178.236.73.160/29 maxlen: 29
178.236.73.224/29 maxlen: 29
185.247.236.0/22 maxlen: 22
92.39.32.0/20 maxlen: 20
31.170.28.0/22 maxlen: 22
31.170.26.0/23 maxlen: 23
81.92.196.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.73.200/29 maxlen: 29
193.221.93.0/24 maxlen: 24
37.221.104.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
178.236.73.80/29 maxlen: 29
141.98.236.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
5.180.0.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
195.210.52.0/23 maxlen: 23
178.236.73.128/29 maxlen: 29
45.131.188.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
185.4.8.0/22 maxlen: 22
178.236.64.0/20 maxlen: 24
45.14.4.0/22 maxlen: 22
2a02:80::/32 maxlen: 32
2a02:1610::/32 maxlen: 32
2a02:80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Jan 2024 15:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f9:08:8a:df:d9:81:4d:8e:97:cc:99:79:ac:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Jan 1 10:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=866924edee59e37f68f28dde9ef3c068a46f03d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:43:e0:5b:e4:8d:4c:c6:50:68:b9:c1:4a:
74:d7:39:ea:27:32:e5:82:b9:09:0f:71:33:7f:c8:
01:fc:16:ab:ff:e2:0c:d0:f4:15:1a:b5:65:f2:1a:
a7:aa:48:8c:26:90:42:8b:ad:84:83:5b:05:d7:6d:
c0:6b:a3:ac:bc:a9:ca:14:81:74:50:17:7e:3e:f8:
97:e2:71:5a:e8:1d:44:a6:db:6c:8d:d9:bb:81:a8:
b0:69:ca:e3:54:71:15:ab:19:96:07:c5:e5:b9:55:
d8:12:3a:84:de:85:c6:da:e1:1c:8c:96:67:14:ec:
1b:43:43:b6:a5:31:2a:8d:20:05:e2:d3:50:a6:fe:
ed:75:88:05:e8:48:3c:2f:3d:0c:5f:9d:ec:ed:c7:
d9:f9:f7:fc:1e:52:8b:44:a7:48:11:22:5c:c9:5a:
9e:b4:44:8c:79:b6:b6:f2:ce:d7:ee:c8:51:88:4b:
1d:8d:41:dd:3c:94:ca:2e:e8:a7:d4:46:a8:b7:43:
ad:b7:6f:b3:f2:38:01:3e:a4:09:aa:05:f4:3d:f1:
96:b9:7c:08:3a:eb:c9:b7:bd:8b:79:74:e8:2d:cb:
df:23:3e:49:ba:93:73:d7:5d:d4:40:9d:2f:f8:2f:
af:31:70:9a:10:23:d5:6a:59:55:db:72:1a:18:45:
00:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:69:24:ED:EE:59:E3:7F:68:F2:8D:DE:9E:F3:C0:68:A4:6F:03:D3
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/hmkk7e5Z439o8o3envPAaKRvA9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
74:b9:d5:da:49:69:e1:e9:27:f8:06:13:2f:8c:52:14:64:1f:
5b:b5:0b:76:97:c5:f4:87:d9:85:81:c1:3f:c1:14:a2:d4:41:
95:bf:38:95:e9:55:38:72:e1:ac:34:82:28:df:65:71:8c:98:
b2:b6:55:3a:4f:cf:4c:cb:86:91:a3:f2:b4:86:37:f4:9a:9e:
3a:8a:27:c7:8c:12:f0:5f:4f:93:b5:f1:44:32:80:e1:5d:e5:
f5:fe:98:d5:5a:cc:cf:85:4d:d2:75:63:ae:30:6c:1b:64:b7:
ac:76:db:4b:25:2b:f7:1d:0e:df:18:b6:55:0e:e1:4b:13:1f:
87:0e:68:88:27:54:2b:2e:60:c6:c2:52:10:21:5a:b1:98:eb:
d9:bf:ca:ad:b2:b8:a0:c1:bb:dc:39:33:04:b4:1e:95:05:df:
d3:e8:1d:ee:b5:55:30:57:36:70:b0:25:91:09:9b:b2:e2:d1:
e1:f2:f8:39:8b:4b:59:59:d1:a5:6f:b8:e4:d4:b9:74:30:5f:
46:a9:f5:f2:1c:62:79:ab:17:c7:72:f3:31:59:2e:02:4f:b3:
3a:0f:33:d7:cb:83:68:7d:08:30:40:80:ce:89:97:51:63:e3:
47:bf:3d:3a:f2:0c:cf:29:63:71:94:42:93:d7:79:3f:bc:13:
15:e5:ac:2c
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYzEkvkIit/ZgU2Ol8yZeaxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjQwMTAxMTAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY5MjRlZGVlNTllMzdmNjhmMjhkZGU5ZWYzYzA2OGE0NmYwM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig5D4FvkjUzGUGi5wUp01znqJzLl
grkJD3Ezf8gB/Bar/+IM0PQVGrVl8hqnqkiMJpBCi62Eg1sF123Aa6OsvKnKFIF0
UBd+PviX4nFa6B1Epttsjdm7gaiwacrjVHEVqxmWB8XluVXYEjqE3oXG2uEcjJZn
FOwbQ0O2pTEqjSAF4tNQpv7tdYgF6Eg8Lz0MX53s7cfZ+ff8HlKLRKdIESJcyVqe
tESMeba28s7X7shRiEsdjUHdPJTKLuin1Eaot0Ott2+z8jgBPqQJqgX0PfGWuXwI
OuvJt72LeXToLcvfIz5JupNz113UQJ0v+C+vMXCaECPVallV23IaGEUAAQIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFIZpJO3uWeN/aPKN3p7zwGikbwPTMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvaG1razdlNVo0MzlvOG8zZW52UEFhS1J2QTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB0wQCAAEwgcwDBAIF
tAADBAMfqhgDBAIl3WgDBAItCJgDBAItDgQDBAItXegDBAItg7wDBAItmKwDBAJR
XMQDBAJRXNwDBAZVHoADBARcJyADBAJeLogDBAJeLvADBAOAf7gDBAKNYuwDBAOb
iRgDBASy7EADBAKy/3ADBAK5BAgDBAK5eSwDBAK5sBwDBAK5uiADBAK5xeADBAK5
2JgDBAK53+wDBAK58NADBAK59+wDBAK8QjADBADB3V0DBADB3XgDBADB3XsDBADB
3dsDBAHD0jQwFAQCAAIwDgMFAyoCAIADBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQB0udXaSWnh6Sf4BhMvjFIUZB9btQt2l8X0h9mFgcE/wRSi1EGVvziV6VU4cuGs
NIIo32VxjJiytlU6T89My4aRo/K0hjf0mp46iifHjBLwX0+TtfFEMoDhXeX1/pjV
WszPhU3SdWOuMGwbZLesdttLJSv3HQ7fGLZVDuFLEx+HDmiIJ1QrLmDGwlIQIVqx
mOvZv8qtsrigwbvcOTMEtB6VBd/T6B3utVUwVzZwsCWRCZuy4tHh8vg5i0tZWdGl
b7jk1Ll0MF9GqfXyHGJ5qxfHcvMxWS4CT7M6DzPXy4NofQgwQIDOiZdRY+NHvz06
8gzPKWNxlEKT13k/vBMV5aws
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org