Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/H58oY4frRfFTOZUCqMToBgKtiq4.roa
File: H58oY4frRfFTOZUCqMToBgKtiq4.roa (raw, json)
Hash identifier: mceTFLsZ+Hcib7iip/DatHb/5UPDEe4NO/K8fbqpqHY=
Subject key identifier: 1F:9F:28:63:87:EB:45:F1:53:39:95:02:A8:C4:E8:06:02:AD:8A:AE
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 018C3E8E57124ACDC853E5AA4CA15E5B0E23
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/H58oY4frRfFTOZUCqMToBgKtiq4.roa
Signing time: Wed 06 Dec 2023 09:56:04 +0000
ROA not before: Wed 06 Dec 2023 09:56:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 46.235.88.0/21 maxlen: 24
212.12.160.0/23 maxlen: 23
212.12.160.0/19 maxlen: 24
212.12.162.0/23 maxlen: 23
212.12.160.0/20 maxlen: 20
212.12.163.0/24 maxlen: 24
212.12.164.0/24 maxlen: 24
212.12.164.0/23 maxlen: 23
212.12.166.0/24 maxlen: 24
212.12.172.0/23 maxlen: 23
212.12.169.0/24 maxlen: 24
212.12.170.0/24 maxlen: 24
212.12.170.0/23 maxlen: 23
212.12.171.0/24 maxlen: 24
176.241.184.0/21 maxlen: 24
212.12.166.0/23 maxlen: 23
212.12.167.0/24 maxlen: 24
212.12.168.0/24 maxlen: 24
212.12.168.0/23 maxlen: 23
212.12.183.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
79.110.229.0/24 maxlen: 24
185.10.112.0/22 maxlen: 24
178.20.144.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
176.97.216.0/24 maxlen: 24
146.19.71.0/24 maxlen: 24
176.98.32.0/24 maxlen: 24
176.98.32.0/22 maxlen: 22
176.98.33.0/24 maxlen: 24
176.98.34.0/24 maxlen: 24
176.98.34.0/23 maxlen: 23
176.98.35.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
2a00:1560:18::/48 maxlen: 48
2a00:1560:1111::/48 maxlen: 48
2a00:1560:c::/48 maxlen: 48
2a00:1560:10::/48 maxlen: 48
2a00:1560:4::/47 maxlen: 47
2a00:1560:17::/48 maxlen: 48
2a00:1560:5::/48 maxlen: 48
2a00:1560::/32 maxlen: 32
2a00:1560:60::/48 maxlen: 48
2a00:1560:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Dec 2023 13:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:8e:57:12:4a:cd:c8:53:e5:aa:4c:a1:5e:5b:0e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Dec 6 09:56:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f9f286387eb45f153399502a8c4e80602ad8aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ff:8b:a3:0d:49:5c:52:93:00:67:63:c3:f2:
15:05:7d:b7:ea:95:40:93:58:7d:0a:8d:70:56:90:
94:f1:0f:44:b9:1e:33:ad:af:8b:18:62:e7:3e:fb:
65:f1:87:6f:c5:be:58:2a:ac:92:af:8f:8b:09:44:
f9:59:af:36:f4:18:bf:8d:96:59:56:d7:77:64:5a:
0e:48:48:52:ca:36:d1:0c:78:d6:9b:b5:4b:67:44:
10:0f:1c:4d:da:84:e7:60:a1:86:c5:44:dc:23:0b:
d9:a5:18:f0:a1:25:b3:4e:dd:64:34:06:6e:8a:be:
60:54:9c:88:71:92:f3:73:af:ee:49:39:a7:f6:d3:
96:62:fe:9c:15:a4:96:19:a5:b0:1f:28:6a:c4:f0:
55:51:6f:c1:12:75:1d:18:d8:45:8a:9f:59:4b:61:
21:98:61:bd:a3:34:7b:17:62:12:96:a7:62:8d:fd:
8d:c3:ae:4e:10:7c:ee:4b:68:23:8d:1e:ca:1e:6c:
4f:42:73:36:b1:15:23:29:bc:6c:97:ce:ed:83:1e:
31:d4:69:f8:ba:4e:47:0b:db:b7:f7:94:d1:0f:e1:
6f:d2:f3:50:57:91:d0:fb:9c:4b:7d:60:21:8f:7e:
b3:b4:30:07:22:57:99:04:34:5e:93:ad:5d:ba:c8:
14:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9F:28:63:87:EB:45:F1:53:39:95:02:A8:C4:E8:06:02:AD:8A:AE
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/H58oY4frRfFTOZUCqMToBgKtiq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
176.97.216.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
3f:be:52:39:2f:62:9e:d5:7f:f1:67:9f:30:cd:47:53:61:66:
40:de:fa:7a:f8:bf:71:df:fb:64:ae:2f:3b:41:15:83:ad:ab:
6e:12:17:32:a5:fa:2f:0d:f0:38:21:85:7c:f9:fb:34:64:83:
b3:db:ff:e5:8d:de:5e:37:a1:b7:d5:22:09:7a:25:dc:53:73:
07:1b:bf:fc:a4:2a:f6:7c:35:1e:58:6f:b7:46:0e:ba:6a:5e:
c1:02:99:84:29:2c:a6:75:8f:19:e0:4b:03:42:8e:a5:a3:9b:
a2:9b:ff:fa:0d:5d:ec:95:3a:6c:8a:4c:cc:05:ce:d0:03:45:
eb:18:73:07:db:d4:5c:f3:67:df:d0:89:a5:1a:44:61:ae:f5:
f5:07:42:53:a6:ca:1c:af:15:b0:55:54:ba:5c:2d:b6:01:0d:
d5:6e:af:fc:74:63:f7:0e:ac:fd:5b:24:43:27:b3:86:84:02:
fa:7f:a5:cd:98:01:80:28:ad:97:5e:b3:42:e9:1c:61:af:b4:
ea:8c:11:2f:7f:eb:8b:bb:8e:23:9c:0c:82:29:28:c9:98:90:
75:73:65:26:79:b1:40:97:53:34:2a:d2:6f:19:b1:2f:31:aa:
5c:b8:65:72:a3:37:47:c2:70:0b:71:2f:57:71:ab:3b:02:a5:
f8:79:8e:f2
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYw+jlcSSs3IU+WqTKFeWw4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjMxMjA2MDk1NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjlmMjg2Mzg3ZWI0NWYxNTMzOTk1MDJhOGM0ZTgwNjAyYWQ4YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP+Low1JXFKTAGdjw/IVBX236pVA
k1h9Co1wVpCU8Q9EuR4zra+LGGLnPvtl8Ydvxb5YKqySr4+LCUT5Wa829Bi/jZZZ
Vtd3ZFoOSEhSyjbRDHjWm7VLZ0QQDxxN2oTnYKGGxUTcIwvZpRjwoSWzTt1kNAZu
ir5gVJyIcZLzc6/uSTmn9tOWYv6cFaSWGaWwHyhqxPBVUW/BEnUdGNhFip9ZS2Eh
mGG9ozR7F2ISlqdijf2Nw65OEHzuS2gjjR7KHmxPQnM2sRUjKbxsl87tgx4x1Gn4
uk5HC9u395TRD+Fv0vNQV5HQ+5xLfWAhj36ztDAHIleZBDRek61dusgU6QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFB+fKGOH60XxUzmVAqjE6AYCrYquMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvSDU4b1k0ZnJSZkZUT1pVQ3FNVG9CZ0t0aXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQDLutYAwQA
PswwAwQATUvgAwQAT27lAwQFWFXgAwQAkhNHAwQAsGHYAwQCsGIgAwQDsPG4AwQD
shSQAwQCuQpwAwQAwfJ/AwQAwmjiAwQF1AygMA0EAgACMAcDBQAqABVgMA0GCSqG
SIb3DQEBCwUAA4IBAQA/vlI5L2Ke1X/xZ58wzUdTYWZA3vp6+L9x3/tkri87QRWD
ratuEhcypfovDfA4IYV8+fs0ZIOz2//ljd5eN6G31SIJeiXcU3MHG7/8pCr2fDUe
WG+3Rg66al7BApmEKSymdY8Z4EsDQo6lo5uim//6DV3slTpsikzMBc7QA0XrGHMH
29Rc82ff0ImlGkRhrvX1B0JTpsocrxWwVVS6XC22AQ3Vbq/8dGP3Dqz9WyRDJ7OG
hAL6f6XNmAGAKK2XXrNC6Rxhr7TqjBEvf+uLu44jnAyCKSjJmJB1c2UmebFAl1M0
KtJvGbEvMapcuGVyozdHwnALcS9Xcas7AqX4eY7y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:08 2024 by rpki-client on console-ams.rpki-client.org