Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/HnTq_qMcpQTYIc8yx4kAG_2nt04.roa
File: HnTq_qMcpQTYIc8yx4kAG_2nt04.roa (raw, json)
Hash identifier: jyLARTIsvVK+RGFMDfpieMsDlpCsqF6n2lm5MWcYg7s=
Subject key identifier: 1E:74:EA:FE:A3:1C:A5:04:D8:21:CF:32:C7:89:00:1B:FD:A7:B7:4E
Certificate issuer: /CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Certificate serial: 01856D4ABDE17FED77B25FE7130D8AC13D56
Authority key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/HnTq_qMcpQTYIc8yx4kAG_2nt04.roa
Signing time: Sun 01 Jan 2023 12:24:52 +0000
ROA not before: Sun 01 Jan 2023 12:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39912
IP address blocks: 92.63.208.0/22 maxlen: 24
195.137.238.0/23 maxlen: 23
195.137.238.0/24 maxlen: 24
92.63.212.0/24 maxlen: 24
92.63.218.0/24 maxlen: 24
92.63.217.0/24 maxlen: 24
92.63.214.0/23 maxlen: 23
92.63.216.0/21 maxlen: 21
81.94.48.0/22 maxlen: 22
81.94.56.0/24 maxlen: 24
81.94.56.0/21 maxlen: 21
81.94.52.0/23 maxlen: 24
81.94.54.0/24 maxlen: 24
95.143.80.0/20 maxlen: 20
213.139.252.0/22 maxlen: 22
195.140.136.0/22 maxlen: 22
78.142.96.0/20 maxlen: 24
78.142.112.0/22 maxlen: 22
78.142.116.0/23 maxlen: 23
78.142.122.0/23 maxlen: 23
78.142.124.0/22 maxlen: 22
77.220.112.0/22 maxlen: 22
77.220.111.0/24 maxlen: 24
77.220.120.0/21 maxlen: 21
92.42.16.0/22 maxlen: 22
91.206.224.0/23 maxlen: 23
77.220.96.0/20 maxlen: 20
77.220.105.0/24 maxlen: 24
93.185.128.0/20 maxlen: 24
195.16.224.0/21 maxlen: 21
195.16.232.0/22 maxlen: 24
195.16.236.0/23 maxlen: 23
195.16.238.0/24 maxlen: 24
195.16.246.0/23 maxlen: 23
195.16.245.0/24 maxlen: 24
195.16.242.0/23 maxlen: 23
195.16.241.0/24 maxlen: 24
195.16.251.0/24 maxlen: 24
195.16.253.0/24 maxlen: 24
195.16.254.0/23 maxlen: 23
37.186.4.0/24 maxlen: 24
37.186.0.0/22 maxlen: 22
78.142.64.0/23 maxlen: 23
37.186.6.0/23 maxlen: 23
37.186.8.0/21 maxlen: 21
78.142.68.0/22 maxlen: 22
37.186.16.0/21 maxlen: 21
78.142.72.0/21 maxlen: 21
2a00:eb0::/32 maxlen: 32
2a01:100::/32 maxlen: 48
2a01:f8::/32 maxlen: 32
2a00:e98::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:bd:e1:7f:ed:77:b2:5f:e7:13:0d:8a:c1:3d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Validity
Not Before: Jan 1 12:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e74eafea31ca504d821cf32c789001bfda7b74e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a3:f1:58:56:c4:0c:0f:10:b8:24:01:ff:be:
07:51:57:35:cd:c9:8f:55:56:94:f7:46:1f:b3:45:
f5:65:c3:50:7c:0f:cc:f8:7b:58:ea:32:45:db:41:
ad:08:c0:c5:76:f0:ef:c5:a1:1e:94:10:56:90:af:
f3:0d:a4:06:c4:d3:81:5a:95:56:5d:ee:a4:34:a0:
05:8d:d3:1e:0a:eb:65:57:e9:4d:60:cc:75:09:5e:
df:a8:41:c2:bb:df:ac:21:46:83:d1:5c:0b:a6:bf:
a1:b1:ab:84:4b:88:75:9d:64:2e:b1:7e:1e:96:a3:
e3:7a:74:25:3d:c9:a9:2e:8c:85:bf:ed:5d:eb:5e:
84:01:8c:4d:4d:94:1a:a3:87:72:c7:f4:2b:b8:3a:
e7:52:e7:9d:70:af:78:b4:98:a2:e2:02:1b:8b:2e:
f0:eb:e6:e8:d9:ae:1c:92:4f:9a:cf:c7:37:f0:88:
23:0f:f8:b5:1d:2d:23:c4:a9:01:a8:52:5b:13:41:
16:9c:4b:59:99:ea:c1:9a:d9:7b:fb:20:f1:8e:55:
f7:1a:fe:ef:dd:c9:3a:67:ce:b7:63:06:d3:f8:9c:
fd:29:27:8f:54:cf:27:dc:0f:1e:08:e2:ed:b6:ee:
5a:70:7c:45:93:b1:03:7e:be:72:f4:de:8b:d4:1a:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:74:EA:FE:A3:1C:A5:04:D8:21:CF:32:C7:89:00:1B:FD:A7:B7:4E
X509v3 Authority Key Identifier:
keyid:C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/HnTq_qMcpQTYIc8yx4kAG_2nt04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.186.0.0-37.186.4.255
37.186.6.0-37.186.23.255
77.220.96.0-77.220.115.255
77.220.120.0/21
78.142.64.0/23
78.142.68.0-78.142.79.255
78.142.96.0-78.142.117.255
78.142.122.0-78.142.127.255
81.94.48.0-81.94.54.255
81.94.56.0/21
91.206.224.0/23
92.42.16.0/22
92.63.208.0-92.63.212.255
92.63.214.0-92.63.223.255
93.185.128.0/20
95.143.80.0/20
195.16.224.0-195.16.238.255
195.16.241.0-195.16.243.255
195.16.245.0-195.16.247.255
195.16.251.0/24
195.16.253.0-195.16.255.255
195.137.238.0/23
195.140.136.0/22
213.139.252.0/22
IPv6:
2a00:e98::/32
2a00:eb0::/32
2a01:f8::/32
2a01:100::/32
Signature Algorithm: sha256WithRSAEncryption
51:77:e5:29:52:de:f0:e5:7b:70:c3:fb:4a:9b:ec:f9:17:85:
aa:b8:83:9c:b8:5a:05:cd:60:25:c6:15:d6:35:cb:a6:85:ad:
d4:c8:05:ba:83:3d:7d:50:2b:22:91:14:81:17:1d:68:57:45:
31:4f:82:e3:97:0a:5d:a2:d8:82:22:d9:21:07:2f:ea:92:d5:
60:a8:71:50:be:a6:d3:05:ae:cc:89:4b:d8:3c:79:a3:0c:de:
30:bf:28:5a:44:f1:af:5b:88:3d:d6:80:39:4e:ae:e2:ca:9c:
ed:71:64:c4:33:3c:a8:1c:db:df:5b:9c:03:58:f3:9d:12:d2:
f9:16:f3:2e:d5:79:2c:d7:53:9a:01:0a:4a:d2:9e:31:41:ed:
55:7e:1a:d2:04:c0:f3:60:49:66:fb:b4:57:3d:43:e8:30:e8:
a8:1e:73:f0:7b:c8:ab:3e:96:4d:83:5e:42:df:c3:1a:90:94:
99:c4:70:e7:59:d6:3d:b5:bc:b1:99:36:36:ec:85:39:16:a5:
48:16:23:95:09:af:bb:1c:51:0e:12:56:40:36:78:28:60:90:
d0:65:c6:80:e1:c4:8a:45:20:66:b3:67:b0:66:42:81:6b:68:
ef:ea:e7:70:5a:f8:5e:69:45:65:b1:ee:31:26:67:64:d2:8d:
6a:68:2d:d5
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAYVtSr3hf+13sl/nEw2KwT1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDE3MzhiYWFiOTg4YjFkNjg2OTNiYjA1ZTI5YmZiYjRm
MGY2NzEwHhcNMjMwMTAxMTIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTc0ZWFmZWEzMWNhNTA0ZDgyMWNmMzJjNzg5MDAxYmZkYTdiNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6PxWFbEDA8QuCQB/74HUVc1zcmP
VVaU90Yfs0X1ZcNQfA/M+HtY6jJF20GtCMDFdvDvxaEelBBWkK/zDaQGxNOBWpVW
Xe6kNKAFjdMeCutlV+lNYMx1CV7fqEHCu9+sIUaD0VwLpr+hsauES4h1nWQusX4e
lqPjenQlPcmpLoyFv+1d616EAYxNTZQao4dyx/QruDrnUuedcK94tJii4gIbiy7w
6+bo2a4ckk+az8c38IgjD/i1HS0jxKkBqFJbE0EWnEtZmerBmtl7+yDxjlX3Gv7v
3ck6Z863YwbT+Jz9KSePVM8n3A8eCOLttu5acHxFk7EDfr5y9N6L1BpnAQIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFB506v6jHKUE2CHPMseJABv9p7dOMB8GA1UdIwQY
MBaAFMRBc4uquYix1oaTuwXim/u08PZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUt
NGM5OGQ5YTUxNDA1LzEvSG5UcV9xTWNwUVRZSWM4eXg0a0FHXzJudDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUtNGM5OGQ5YTUxNDA1
LzEveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCB/QQCAAEwgfYw
CwMDASW6AwQAJboEMAwDBAElugYDBAMluhAwDAMEBU3cYAMEAk3ccAMEA03ceAME
AU6OQDAMAwQCTo5EAwQETo5AMAwDBAVOjmADBAFOjnQwDAMEAU6OegMEB06OADAM
AwQEUV4wAwQAUV42AwQDUV44AwQBW87gAwQCXCoQMAwDBARcP9ADBABcP9QwDAME
AVw/1gMEBVw/wAMEBF25gAMEBF+PUDAMAwQFwxDgAwQAwxDuMAwDBADDEPEDBALD
EPAwDAMEAMMQ9QMEA8MQ8AMEAMMQ+zALAwQAwxD9AwMAwxADBAHDie4DBALDjIgD
BALVi/wwIgQCAAIwHAMFACoADpgDBQAqAA6wAwUAKgEA+AMFACoBAQAwDQYJKoZI
hvcNAQELBQADggEBAFF35SlS3vDle3DD+0qb7PkXhaq4g5y4WgXNYCXGFdY1y6aF
rdTIBbqDPX1QKyKRFIEXHWhXRTFPguOXCl2i2IIi2SEHL+qS1WCocVC+ptMFrsyJ
S9g8eaMM3jC/KFpE8a9biD3WgDlOruLKnO1xZMQzPKgc299bnANY850S0vkW8y7V
eSzXU5oBCkrSnjFB7VV+GtIEwPNgSWb7tFc9Q+gw6Kgec/B7yKs+lk2DXkLfwxqQ
lJnEcOdZ1j21vLGZNjbshTkWpUgWI5UJr7scUQ4SVkA2eChgkNBlxoDhxIpFIGaz
Z7BmQoFraO/q53Ba+F5pRWWx7jEmZ2TSjWpoLdU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:14 2024 by rpki-client on console-fra.rpki-client.org