Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/hRBVPL2xfAKqqjyV2opV2bWg544.roa
File: hRBVPL2xfAKqqjyV2opV2bWg544.roa (raw, json)
Hash identifier: H1MstUyGxfd2EHha5rn4PIY05tgp1PpUGHN7BMrsm28=
Subject key identifier: 85:10:55:3C:BD:B1:7C:02:AA:AA:3C:95:DA:8A:55:D9:B5:A0:E7:8E
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 019234027349C0AE212F369B684D854F2E4B
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/hRBVPL2xfAKqqjyV2opV2bWg544.roa
Signing time: Fri 27 Sep 2024 15:03:48 +0000
ROA not before: Fri 27 Sep 2024 15:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.88.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.124.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:e000::/35 maxlen: 35
Validation: Failed, certificate revoked on Tue 01 Oct 2024 07:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:34:02:73:49:c0:ae:21:2f:36:9b:68:4d:85:4f:2e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Sep 27 15:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8510553cbdb17c02aaaa3c95da8a55d9b5a0e78e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8f:e9:1f:b0:a3:08:92:c5:93:f5:06:4c:e5:
95:12:e4:dd:99:33:ff:48:1b:cb:46:3c:f2:7a:85:
f9:74:21:7a:f0:24:3c:17:1e:7b:f9:ca:e7:65:e5:
d3:8b:8f:7a:85:4a:f7:0e:04:f8:d2:23:1e:a4:96:
a5:24:b6:9d:84:06:4e:e2:90:ff:e8:30:44:d3:92:
31:38:39:e0:dd:c6:c3:c2:3e:fe:fd:ab:80:9a:53:
6b:d4:a8:6d:57:3a:3d:d6:ca:79:1a:f6:bb:19:be:
1d:34:dc:3a:1e:7b:99:18:07:98:28:fe:e2:55:f1:
7d:f4:e6:5a:3b:e8:b5:20:f3:4b:3d:93:c1:c3:8c:
a1:08:49:80:09:99:6c:9d:dd:85:91:4f:c2:08:78:
4c:be:57:a0:0a:fd:87:cb:02:2e:4c:b0:38:77:08:
e4:2c:91:3a:e7:12:7c:7e:cd:14:b1:2e:b5:19:6e:
ab:f6:05:73:6f:99:4d:54:8b:0a:c8:0b:ca:a7:61:
91:86:f1:ae:f7:50:4a:23:d1:fe:bc:8f:8d:92:f1:
ed:50:d0:e1:a3:95:48:d8:b1:2c:84:c2:5e:a3:0a:
4b:22:73:20:83:dc:a3:4d:21:2e:2b:39:2e:fa:45:
e1:cb:02:c0:37:ac:ff:97:36:d2:04:1a:74:c1:16:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:55:3C:BD:B1:7C:02:AA:AA:3C:95:DA:8A:55:D9:B5:A0:E7:8E
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/hRBVPL2xfAKqqjyV2opV2bWg544.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
7d:a4:f6:19:fb:42:6a:df:d4:ff:af:7b:f4:fb:06:39:1c:a0:
49:7f:e6:d1:5a:7c:e3:97:e0:83:d7:82:e2:d8:db:75:0c:b6:
64:8f:68:3f:62:b4:9e:06:b0:21:75:2a:fe:7c:f8:98:f2:3a:
e9:da:e9:9c:a8:6f:a8:d7:02:99:7b:53:a9:f5:40:c8:1e:05:
e9:d7:af:16:2c:e6:fd:e0:f7:22:d0:b8:21:af:b6:ba:56:6e:
84:e7:ff:fc:b9:53:0a:ae:58:89:59:3d:14:21:cc:68:89:8c:
83:5a:75:da:f6:d3:5f:90:44:09:f4:bf:e8:f6:cd:cd:25:33:
09:47:5b:7c:d8:22:09:36:d6:f1:19:ef:7d:26:99:93:4b:5a:
84:af:12:85:4b:5e:ce:b4:ce:3e:ff:3c:d7:16:fb:76:5e:39:
f3:6a:dd:e0:3a:c2:58:fa:0f:71:88:0f:3b:65:da:a9:d1:79:
29:0c:a9:2d:5b:7d:32:97:33:ae:1a:35:47:bf:26:d1:78:a0:
e3:2d:8c:9c:ad:3e:97:02:40:86:2c:43:60:5a:17:99:56:2d:
20:0b:81:80:37:8f:69:14:02:44:71:ed:b9:73:82:81:6c:f3:
55:be:ac:e8:3d:52:a2:82:62:42:ec:3d:f3:e7:93:40:f5:84:
de:5b:ca:ef
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZI0AnNJwK4hLzabaE2FTy5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjQwOTI3MTUwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEwNTUzY2JkYjE3YzAyYWFhYTNjOTVkYThhNTVkOWI1YTBlNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4/pH7CjCJLFk/UGTOWVEuTdmTP/
SBvLRjzyeoX5dCF68CQ8Fx57+crnZeXTi496hUr3DgT40iMepJalJLadhAZO4pD/
6DBE05IxODng3cbDwj7+/auAmlNr1KhtVzo91sp5Gva7Gb4dNNw6HnuZGAeYKP7i
VfF99OZaO+i1IPNLPZPBw4yhCEmACZlsnd2FkU/CCHhMvlegCv2HywIuTLA4dwjk
LJE65xJ8fs0UsS61GW6r9gVzb5lNVIsKyAvKp2GRhvGu91BKI9H+vI+NkvHtUNDh
o5VI2LEshMJeowpLInMgg9yjTSEuKzku+kXhywLAN6z/lzbSBBp0wRY/IQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFIUQVTy9sXwCqqo8ldqKVdm1oOeOMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvaFJCVlBMMnhmQUtxcWp5VjJvcFYyYldnNTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIf
DvgDBAIlnEgDBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZ
LCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAME
ArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAH
AwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAfaT2GftCat/U/6979PsGORygSX/m
0Vp845fgg9eC4tjbdQy2ZI9oP2K0ngawIXUq/nz4mPI66drpnKhvqNcCmXtTqfVA
yB4F6devFizm/eD3ItC4Ia+2ulZuhOf//LlTCq5YiVk9FCHMaImMg1p12vbTX5BE
CfS/6PbNzSUzCUdbfNgiCTbW8RnvfSaZk0tahK8ShUtezrTOPv881xb7dl4582rd
4DrCWPoPcYgPO2XaqdF5KQypLVt9Mpczrho1R78m0Xig4y2MnK0+lwJAhixDYFoX
mVYtIAuBgDePaRQCRHHtuXOCgWzzVb6s6D1SooJiQuw98+eTQPWE3lvK7w==
-----END CERTIFICATE-----
Generated at Tue Oct 1 10:03:07 2024 by rpki-client on console-fra.rpki-client.org