Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hRurwQNT1gNFqDkbU77a1Hyf-4k.roa
File: hRurwQNT1gNFqDkbU77a1Hyf-4k.roa (raw, json)
Hash identifier: eqAp9MmSuvuo+J4uMXOphnfzIg7dP+2BxCSD/+83NX8=
Subject key identifier: 85:1B:AB:C1:03:53:D6:03:45:A8:39:1B:53:BE:DA:D4:7C:9F:FB:89
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 018B900C70C7771EC204FDEB6B640B0AD180
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hRurwQNT1gNFqDkbU77a1Hyf-4k.roa
Signing time: Thu 02 Nov 2023 12:40:16 +0000
ROA not before: Thu 02 Nov 2023 12:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
188.240.70.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.211.172.0/22 maxlen: 22
31.14.182.0/24 maxlen: 24
31.14.180.0/23 maxlen: 23
176.223.144.0/20 maxlen: 20
194.145.194.0/23 maxlen: 23
89.32.240.0/21 maxlen: 21
86.105.232.0/24 maxlen: 24
178.239.16.0/22 maxlen: 22
89.35.76.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.35.91.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
89.33.65.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
188.212.112.0/22 maxlen: 22
89.35.163.0/24 maxlen: 24
217.148.134.0/23 maxlen: 23
188.212.157.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
89.32.171.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
93.113.72.0/21 maxlen: 21
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.182.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.35.248.0/24 maxlen: 24
2a00:bba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:0c:70:c7:77:1e:c2:04:fd:eb:6b:64:0b:0a:d1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Nov 2 12:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=851babc10353d60345a8391b53bedad47c9ffb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:82:46:3f:2b:b4:24:0e:07:2f:af:ea:02:30:
2a:c6:3d:38:9e:03:08:26:69:85:5b:b8:91:e7:e1:
3e:9d:26:5b:21:59:4d:c5:d6:d6:c0:d3:2d:b8:6b:
90:65:a8:1c:09:19:f7:70:13:a5:a5:75:14:0a:2c:
0f:3e:42:3d:3c:92:fe:67:f5:9d:f8:85:68:ad:1c:
7a:0b:9f:de:14:c7:c1:91:de:ed:cc:35:b8:69:ce:
6b:b8:f4:ac:c7:d0:3f:09:47:9d:fd:e0:9f:f1:28:
46:90:5f:1e:90:de:9e:20:3b:51:49:37:42:a1:73:
4a:81:65:e8:47:a9:79:2d:53:2c:83:a1:2f:95:e6:
be:56:c7:e2:fa:04:aa:b9:66:36:02:d0:0e:74:93:
5a:a3:27:6c:47:bb:96:04:79:93:0c:f2:53:ae:98:
5e:d7:0b:c9:86:f6:c7:fa:8b:f3:fb:32:00:5b:43:
7d:1b:5f:a3:b3:d8:6e:4c:99:e6:ed:50:4d:99:ea:
01:28:23:86:49:ce:ca:48:5b:33:09:6a:5f:8d:b7:
ff:f5:17:1c:3a:15:db:57:a4:45:b8:c6:c5:8a:eb:
7d:44:15:0d:bd:14:c9:af:bb:a5:f4:a1:ce:0e:51:
04:b5:e5:c1:eb:e3:06:95:13:c7:4d:f0:6c:9c:c8:
87:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1B:AB:C1:03:53:D6:03:45:A8:39:1B:53:BE:DA:D4:7C:9F:FB:89
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hRurwQNT1gNFqDkbU77a1Hyf-4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
178.239.16.0/22
188.211.172.0/22
188.212.112.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
194.145.194.0/23
217.148.134.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:9c:05:ef:da:6e:ff:cf:c4:ce:42:74:cd:b9:62:34:de:b1:
7c:0a:fc:65:7e:fb:99:1e:6b:9b:ab:5f:1f:96:83:0f:33:ba:
d4:05:fe:cc:cd:22:06:cd:1a:7d:71:99:69:10:6e:6d:ff:3c:
bb:08:c9:4d:be:b9:9d:47:b7:5e:f7:57:83:65:24:7c:2c:78:
72:f0:84:ce:c0:82:49:68:54:37:b1:e5:13:e2:5b:77:af:0f:
18:d7:f0:d9:8a:f3:eb:0f:a4:27:81:f8:36:1d:bc:3a:57:c3:
fd:af:51:36:19:8f:9f:de:fa:87:1f:82:85:44:5e:36:9c:11:
a7:71:88:64:1c:bb:a9:4b:5c:cc:e0:34:b9:7c:e3:fb:73:a9:
9e:5a:f9:3d:cd:6e:86:b7:ac:0b:0c:11:03:b2:15:bf:1a:db:
86:cb:01:92:37:86:6a:ce:b2:b3:71:74:76:b2:d1:e6:cc:84:
f6:6a:9e:8c:6a:82:e6:5c:71:7a:06:2a:e1:c8:4c:ac:3e:75:
63:6f:85:00:05:a5:0f:b6:9f:14:24:5e:30:84:ac:e4:89:e0:
bc:28:5f:a9:a1:fd:cc:e7:e4:00:a7:c7:81:50:ab:64:00:78:
34:3d:25:4c:1f:de:29:bf:96:a7:ef:c1:29:7d:11:33:44:79:
53:0f:60:4c
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAYuQDHDHdx7CBP3ra2QLCtGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjMxMTAyMTI0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFiYWJjMTAzNTNkNjAzNDVhODM5MWI1M2JlZGFkNDdjOWZmYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4JGPyu0JA4HL6/qAjAqxj04ngMI
JmmFW7iR5+E+nSZbIVlNxdbWwNMtuGuQZagcCRn3cBOlpXUUCiwPPkI9PJL+Z/Wd
+IVorRx6C5/eFMfBkd7tzDW4ac5ruPSsx9A/CUed/eCf8ShGkF8ekN6eIDtRSTdC
oXNKgWXoR6l5LVMsg6Evlea+Vsfi+gSquWY2AtAOdJNaoydsR7uWBHmTDPJTrphe
1wvJhvbH+ovz+zIAW0N9G1+js9huTJnm7VBNmeoBKCOGSc7KSFszCWpfjbf/9Rcc
OhXbV6RFuMbFiut9RBUNvRTJr7ul9KHODlEEteXB6+MGlRPHTfBsnMiHCQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFIUbq8EDU9YDRag5G1O+2tR8n/uJMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvaFJ1cndRTlQxZ05GcURrYlU3N2ExSHlmLTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgMAwD
BAIfDrQDBAAfDrYwDAMEACWcRQMEACWcRgMEAVT3LAMEAFXMbQMEAFZpGAMEAFZp
6AMEAVZrugMEAFkgqwMEA1kg8AMEAFkhEQMEAFkhHgMEAFkhQQMEAFkjIgMEAFkj
TAMEAFkjWAMEAFkjWwMEAFkjowMEAFkj+AMEAFklKAMEAVkuKDAMAwQEWS+wAwQA
WS+yMAwDBAJZL7QDBABZL7YDBANdcUgDBASw35ADBAKy7xADBAK806wDBAK81HAD
BAC81J0DBAG81VYDBAC88EYDBAHCkcIDBAHZlIYwDQQCAAIwBwMFACoAu6AwDQYJ
KoZIhvcNAQELBQADggEBAIycBe/abv/PxM5CdM25YjTesXwK/GV++5kea5urXx+W
gw8zutQF/szNIgbNGn1xmWkQbm3/PLsIyU2+uZ1Ht173V4NlJHwseHLwhM7Agklo
VDex5RPiW3evDxjX8NmK8+sPpCeB+DYdvDpXw/2vUTYZj5/e+ocfgoVEXjacEadx
iGQcu6lLXMzgNLl84/tzqZ5a+T3Nboa3rAsMEQOyFb8a24bLAZI3hmrOsrNxdHay
0ebMhPZqnoxqguZccXoGKuHITKw+dWNvhQAFpQ+2nxQkXjCErOSJ4LwoX6mh/czn
5ACnx4FQq2QAeDQ9JUwf3im/lqfvwSl9ETNEeVMPYEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:10 2024 by rpki-client on console-ams.rpki-client.org