Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/HewZPa2yyIIspv1JzLVbhO5ENhE.roa
File: HewZPa2yyIIspv1JzLVbhO5ENhE.roa (raw, json)
Hash identifier: SCYG9AvJdTT5ATGX4Cs9FWg1UyzCIAOCaEcvbj0gu0g=
Subject key identifier: 1D:EC:19:3D:AD:B2:C8:82:2C:A6:FD:49:CC:B5:5B:84:EE:44:36:11
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018C3B3740663442C9B7F32C1AED45E2546A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/HewZPa2yyIIspv1JzLVbhO5ENhE.roa
Signing time: Tue 05 Dec 2023 18:22:05 +0000
ROA not before: Tue 05 Dec 2023 18:22:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202766
IP address blocks: 94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
45.80.80.0/24 maxlen: 24
45.80.82.0/24 maxlen: 24
45.80.82.0/23 maxlen: 23
45.80.83.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
185.229.212.0/22 maxlen: 22
185.229.212.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.114.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:37:40:66:34:42:c9:b7:f3:2c:1a:ed:45:e2:54:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Dec 5 18:22:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dec193dadb2c8822ca6fd49ccb55b84ee443611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:92:e3:0a:4a:01:8a:34:2d:f0:c1:a1:e2:
41:1d:c9:27:37:26:6e:de:2b:00:9e:6e:03:2d:64:
1b:35:9e:41:f4:7f:a1:ba:57:6b:22:51:2d:63:70:
67:a3:47:da:45:9e:2b:36:83:f5:57:58:f4:b7:41:
fb:1d:d1:a9:e3:98:77:1e:b2:cf:75:77:e6:94:0c:
c2:7b:2f:d9:31:0b:1c:2d:e5:67:d7:68:59:da:a8:
1b:db:71:d3:4d:2c:ff:4f:89:3b:88:fb:4d:97:06:
63:28:8c:a4:46:47:55:c8:f1:a8:4e:f6:cc:1c:ea:
24:c1:c6:ee:89:cf:87:93:2b:a4:98:50:38:0a:b8:
0f:cb:e0:c0:56:3e:94:ec:2b:6f:d4:7d:82:b0:f0:
bc:7b:89:03:8d:74:fb:ac:b3:ca:08:0b:2e:65:7d:
43:9c:ad:4c:64:bd:c1:a4:a0:5a:b2:3e:a7:f7:23:
70:9c:f7:80:80:90:2f:84:0c:85:bc:40:89:7b:34:
2a:d5:9e:eb:a3:97:cb:f9:d7:66:15:28:37:b5:72:
4a:d9:07:01:68:98:71:c6:d7:fc:57:08:eb:1a:f2:
df:3e:08:15:d4:76:e1:24:e3:17:76:f5:bf:03:c1:
88:bf:94:ab:4e:dc:9c:a8:55:0c:2d:fe:50:02:f6:
d3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EC:19:3D:AD:B2:C8:82:2C:A6:FD:49:CC:B5:5B:84:EE:44:36:11
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/HewZPa2yyIIspv1JzLVbhO5ENhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.80.0/24
45.80.82.0/23
45.83.50.0/23
80.66.112.0-80.66.121.255
80.66.123.0-80.66.127.255
89.42.70.0/24
89.44.150.0/23
94.198.46.0/23
178.19.32.0/23
178.19.44.0/24
178.19.47.0/24
185.203.23.0/24
185.229.212.0/22
185.242.175.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:bc:4c:c3:0c:1a:72:74:cf:a2:73:1d:2d:9e:86:7c:26:60:
e6:a5:09:b5:28:08:5f:31:04:9f:89:a8:28:c2:71:70:aa:5a:
56:82:ce:0c:e9:f2:f9:43:0d:ce:c8:95:6a:93:ba:9a:2a:5e:
e3:27:28:a8:36:73:5b:0a:7d:08:2d:76:38:79:ba:eb:23:77:
ae:aa:b4:8d:fe:ac:28:6a:57:7c:42:fc:31:91:61:ab:84:86:
08:6b:9b:9b:4e:19:7b:6b:4f:08:6b:67:a1:6d:01:63:4b:e2:
0d:45:44:f9:e7:12:d4:35:00:41:61:47:8f:7c:f2:5d:2d:ec:
25:34:d8:ae:61:a3:f9:20:33:81:47:1d:18:a3:70:78:44:2f:
36:c9:aa:70:b5:18:b9:2a:5a:43:50:b8:61:47:9f:38:ac:0f:
57:ee:ea:02:2e:2d:5f:b4:9e:e2:0f:f7:f6:fa:a9:53:e2:d8:
11:c3:16:01:11:80:98:83:a7:36:fd:2e:cc:4a:72:aa:02:01:
5b:70:57:4c:b7:b7:69:b0:80:3f:c7:1e:21:38:fb:c4:b6:7e:
6b:e9:a6:2c:d0:6c:76:05:79:d3:d1:4b:a6:8b:51:a7:0b:a1:
ac:e6:cf:a6:d4:77:34:1d:f8:bb:a3:ff:b1:98:fb:90:dd:f6:
23:a3:f6:2e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYw7N0BmNELJt/MsGu1F4lRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMjA1MTgyMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVjMTkzZGFkYjJjODgyMmNhNmZkNDljY2I1NWI4NGVlNDQzNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFeS4wpKAYo0LfDBoeJBHcknNyZu
3isAnm4DLWQbNZ5B9H+huldrIlEtY3Bno0faRZ4rNoP1V1j0t0H7HdGp45h3HrLP
dXfmlAzCey/ZMQscLeVn12hZ2qgb23HTTSz/T4k7iPtNlwZjKIykRkdVyPGoTvbM
HOokwcbuic+HkyukmFA4CrgPy+DAVj6U7Ctv1H2CsPC8e4kDjXT7rLPKCAsuZX1D
nK1MZL3BpKBasj6n9yNwnPeAgJAvhAyFvECJezQq1Z7ro5fL+ddmFSg3tXJK2QcB
aJhxxtf8VwjrGvLfPggV1HbhJOMXdvW/A8GIv5SrTtycqFUMLf5QAvbT6QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB3sGT2tssiCLKb9Scy1W4TuRDYRMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSGV3WlBhMnl5SUlzcHYxSnpMVmJoTzVFTmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALVBQAwQB
LVBSAwQBLVMyMAwDBARQQnADBAFQQngwDAMEAFBCewMEB1BCAAMEAFkqRgMEAVks
lgMEAV7GLgMEAbITIAMEALITLAMEALITLwMEALnLFwMEArnl1AMEALnyrzANBgkq
hkiG9w0BAQsFAAOCAQEAsbxMwwwacnTPonMdLZ6GfCZg5qUJtSgIXzEEn4moKMJx
cKpaVoLODOny+UMNzsiVapO6mipe4ycoqDZzWwp9CC12OHm66yN3rqq0jf6sKGpX
fEL8MZFhq4SGCGubm04Ze2tPCGtnoW0BY0viDUVE+ecS1DUAQWFHj3zyXS3sJTTY
rmGj+SAzgUcdGKNweEQvNsmqcLUYuSpaQ1C4YUefOKwPV+7qAi4tX7Se4g/39vqp
U+LYEcMWARGAmIOnNv0uzEpyqgIBW3BXTLe3abCAP8ceITj7xLZ+a+mmLNBsdgV5
09FLpotRpwuhrObPptR3NB34u6P/sZj7kN32I6P2Lg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:08 2024 by rpki-client on console-ams.rpki-client.org