Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HZuhgI2JHYK1Y-1HPnotKWo2oq8.roa
File: HZuhgI2JHYK1Y-1HPnotKWo2oq8.roa (raw, json)
Hash identifier: isy+6pQL1B8miCL+69zsskKhfmh0mS89r6DfvoHqDH4=
Subject key identifier: 1D:9B:A1:80:8D:89:1D:82:B5:63:ED:47:3E:7A:2D:29:6A:36:A2:AF
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01904E2918C9DA4DEDC5F1BE2E006D55FFDB
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HZuhgI2JHYK1Y-1HPnotKWo2oq8.roa
Signing time: Tue 25 Jun 2024 06:50:34 +0000
ROA not before: Tue 25 Jun 2024 06:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 10:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:29:18:c9:da:4d:ed:c5:f1:be:2e:00:6d:55:ff:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jun 25 06:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9ba1808d891d82b563ed473e7a2d296a36a2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:37:f7:c9:36:c1:ca:67:12:8c:c5:8d:59:
c6:ff:e3:96:05:a0:0c:8a:ce:db:d0:81:fd:1a:01:
86:2e:ce:e8:a8:78:c7:88:c0:13:ad:c9:20:f4:23:
60:9c:04:ec:a5:f0:e1:6e:f2:7b:e7:f1:be:15:00:
29:98:bd:d2:c1:72:0e:61:04:b9:eb:45:d7:0d:17:
96:c4:3e:4b:46:75:0c:7c:f3:5a:3e:85:da:3c:5b:
e5:69:70:64:b5:50:3d:4a:b4:9f:99:f6:2f:f7:10:
a2:89:dc:b0:a1:4d:d5:47:6b:d5:6c:ae:70:2e:39:
de:d2:b4:87:df:88:2d:9d:4a:8b:c8:a4:1c:e0:79:
41:4e:74:cc:00:f8:dc:82:27:28:fd:62:9f:63:d0:
1b:1e:0c:94:9d:1a:5d:ee:c1:d0:f7:66:7e:b7:91:
6a:f4:18:04:20:cc:64:97:f8:47:0e:a9:3c:f0:db:
6e:87:b0:76:7c:86:38:d8:5b:fa:ed:4e:ec:d5:63:
e7:a9:b2:db:f5:40:20:74:56:94:7a:c9:37:8f:56:
c8:e4:3a:63:e8:67:9b:06:fe:6b:f6:97:86:80:ff:
c0:18:27:3a:ea:8a:71:da:b8:bb:11:23:97:c2:5f:
3a:8d:76:7e:ca:82:ea:43:35:42:ec:24:df:6f:fe:
e7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9B:A1:80:8D:89:1D:82:B5:63:ED:47:3E:7A:2D:29:6A:36:A2:AF
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/HZuhgI2JHYK1Y-1HPnotKWo2oq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.246.0/24
160.20.156.0/23
185.75.132.0/24
185.77.138.0/23
185.79.132.0/23
185.95.228.0/24
185.100.156.0/24
185.102.114.0/24
185.111.24.0/24
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:78:b7:5f:79:06:cf:64:04:ee:88:e9:2a:2c:a6:3d:9d:c4:
6a:a0:d1:d9:12:be:4b:3c:ba:ed:29:3d:26:fc:4a:bd:73:fd:
f0:dc:c9:90:13:91:9d:48:f6:7a:45:50:27:4b:2a:9d:a3:32:
73:b9:f3:cc:8a:ea:f8:9d:cd:be:f3:9e:8f:c0:70:37:57:7e:
40:70:d8:0b:cc:9b:7e:01:2b:e1:ac:c8:1f:6b:82:8d:25:33:
8e:7b:79:29:93:d0:a2:cf:cf:a9:62:d5:2b:26:f6:74:70:11:
70:ba:16:f3:78:61:69:f0:c3:fa:38:b6:b2:01:e3:3c:29:9d:
b1:a9:a9:3d:66:9f:42:90:71:ca:79:17:0c:8d:8a:23:d7:8e:
88:53:95:90:df:c7:d0:bc:7f:76:57:e5:fe:06:e5:06:7a:1a:
ab:ff:0c:a0:c7:65:3a:a1:ba:ff:a8:90:6c:ed:ea:0f:05:12:
48:68:3d:11:dd:7f:b9:77:20:88:4c:ae:77:ce:9f:66:2f:3c:
9a:44:d4:56:68:ac:c7:07:39:81:9d:9e:25:25:22:0c:07:1e:
a6:6f:3e:04:e5:fe:44:f5:08:ab:0b:b4:ac:37:46:e9:a8:ec:
03:cf:32:b4:3d:b8:0c:6e:25:7e:95:77:09:94:f7:17:9b:88:
97:83:6f:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZBOKRjJ2k3txfG+LgBtVf/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNjI1MDY1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDliYTE4MDhkODkxZDgyYjU2M2VkNDczZTdhMmQyOTZhMzZhMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/o398k2wcpnEozFjVnG/+OWBaAM
is7b0IH9GgGGLs7oqHjHiMATrckg9CNgnATspfDhbvJ75/G+FQApmL3SwXIOYQS5
60XXDReWxD5LRnUMfPNaPoXaPFvlaXBktVA9SrSfmfYv9xCiidywoU3VR2vVbK5w
Ljne0rSH34gtnUqLyKQc4HlBTnTMAPjcgico/WKfY9AbHgyUnRpd7sHQ92Z+t5Fq
9BgEIMxkl/hHDqk88Ntuh7B2fIY42Fv67U7s1WPnqbLb9UAgdFaUesk3j1bI5Dpj
6GebBv5r9peGgP/AGCc66opx2ri7ESOXwl86jXZ+yoLqQzVC7CTfb/7n1wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB2boYCNiR2CtWPtRz56LSlqNqKvMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSFp1aGdJMkpIWUsxWS0xSFBub3RLV28yb3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATVP2AwQB
oBScAwQAuUuEAwQBuU2KAwQBuU+EAwQAuV/kAwQAuWScAwQAuWZyAwQAuW8YAwQC
wSbkMA0GCSqGSIb3DQEBCwUAA4IBAQCjeLdfeQbPZATuiOkqLKY9ncRqoNHZEr5L
PLrtKT0m/Eq9c/3w3MmQE5GdSPZ6RVAnSyqdozJzufPMiur4nc2+856PwHA3V35A
cNgLzJt+ASvhrMgfa4KNJTOOe3kpk9Ciz8+pYtUrJvZ0cBFwuhbzeGFp8MP6OLay
AeM8KZ2xqak9Zp9CkHHKeRcMjYoj146IU5WQ38fQvH92V+X+BuUGehqr/wygx2U6
obr/qJBs7eoPBRJIaD0R3X+5dyCITK53zp9mLzyaRNRWaKzHBzmBnZ4lJSIMBx6m
bz4E5f5E9QirC7SsN0bpqOwDzzK0PbgMbiV+lXcJlPcXm4iXg28G
-----END CERTIFICATE-----
Generated at Mon Oct 14 13:08:42 2024 by rpki-client on console-fra.rpki-client.org