Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/HINk7sJ5pB_QKphl-kw-TYolvUk.roa
File: HINk7sJ5pB_QKphl-kw-TYolvUk.roa (raw, json)
Hash identifier: TsF4XRDPuNBzIuCuy3SYJL28aqs9lckhZRzPVRUx1Q0=
Subject key identifier: 1C:83:64:EE:C2:79:A4:1F:D0:2A:98:65:FA:4C:3E:4D:8A:25:BD:49
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01924C21AE3F2BE2A3F9E4E35A580C2E1BF8
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/HINk7sJ5pB_QKphl-kw-TYolvUk.roa
Signing time: Wed 02 Oct 2024 07:28:48 +0000
ROA not before: Wed 02 Oct 2024 07:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 07:27:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:21:ae:3f:2b:e2:a3:f9:e4:e3:5a:58:0c:2e:1b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Oct 2 07:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c8364eec279a41fd02a9865fa4c3e4d8a25bd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:c6:6a:6b:09:c2:23:c0:1f:7d:d9:ca:79:
12:ad:2a:72:5f:23:c8:89:21:30:6f:75:aa:ec:f0:
3c:63:a8:5b:23:24:9c:2f:37:02:40:c5:73:5d:ab:
07:c7:33:98:7b:d7:83:51:6e:20:5d:42:44:3c:a2:
9b:c0:2a:ec:21:1d:c1:38:7a:00:fc:a5:92:88:48:
e5:0b:fb:9a:d7:28:5d:7b:ba:d3:db:23:71:31:51:
db:2a:47:7e:ef:10:18:76:02:88:49:79:7a:61:de:
62:ef:ff:da:f7:c5:e3:13:a5:d9:99:dc:03:f8:83:
7e:22:10:3d:4b:f8:64:23:b5:c2:2f:ea:ff:b3:3f:
6d:18:9b:74:40:95:90:25:5a:58:de:ab:a1:d2:bc:
50:a4:bb:c1:51:e3:7b:80:55:7d:23:e9:0b:72:a5:
ab:0a:c8:28:76:b1:8e:a3:ba:bd:62:6f:a2:5b:80:
c0:2e:62:88:eb:7f:2b:ac:1a:84:54:80:3d:0b:af:
d9:98:74:ec:0a:51:b8:2e:c9:90:2d:47:23:7c:8a:
c7:4f:09:df:0e:c1:4b:05:16:19:94:0a:cd:2a:ed:
8f:03:b2:ea:a7:d5:eb:69:cf:64:7b:11:c6:03:11:
21:02:76:bf:fd:46:33:db:52:35:7a:b4:d6:3e:2e:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:83:64:EE:C2:79:A4:1F:D0:2A:98:65:FA:4C:3E:4D:8A:25:BD:49
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/HINk7sJ5pB_QKphl-kw-TYolvUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.54.156.0/22
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a11:3805::/32
2a11:3c02::/31
2a11:4c06::/32
2a14:2d80::/30
2a14:2d85::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
2e:14:fe:1d:e1:ff:c3:0a:e4:fb:4e:dc:ef:16:62:98:85:4f:
ef:36:c5:cb:22:4d:25:8d:6c:0d:e6:75:bd:eb:19:82:23:f0:
10:0b:57:0b:18:ef:01:1d:5a:5b:22:c4:5f:c9:33:8f:53:7a:
b0:4e:6e:86:82:43:73:d7:1c:42:b0:62:20:16:3a:40:f6:6a:
7b:ea:c2:ee:59:4f:7e:e2:46:cf:df:79:ed:7d:96:9d:07:e5:
05:ce:83:76:ab:a5:70:19:c2:49:14:b5:5f:d4:c4:96:34:cf:
10:b2:53:3f:33:87:8b:44:30:82:6a:10:76:13:2d:cb:b5:bf:
05:fd:d8:81:87:3d:68:9f:a7:77:58:79:16:63:f0:85:da:ad:
40:53:fe:26:4d:cc:a1:41:e5:99:be:a2:ee:b7:f4:c7:95:0d:
dd:a5:9e:e0:fe:b1:d6:18:0e:d8:b0:f2:f3:82:27:bf:61:40:
38:0e:01:ec:9a:36:a5:29:d6:0a:c3:10:b2:ba:31:2e:c2:04:
f1:85:3f:9d:37:e6:90:f9:df:7e:d7:52:88:a1:b5:e4:1c:f2:
d6:8f:7d:80:e2:d9:52:cb:3f:df:c7:0c:4a:6b:23:ba:58:c1:
5a:72:7b:4f:fa:0c:2b:28:0a:bc:4f:3e:a2:82:d9:9f:40:4b:
a4:76:08:1e
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZJMIa4/K+Kj+eTjWlgMLhv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQxMDAyMDcyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzgzNjRlZWMyNzlhNDFmZDAyYTk4NjVmYTRjM2U0ZDhhMjViZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDPGamsJwiPAH33ZynkSrSpyXyPI
iSEwb3Wq7PA8Y6hbIyScLzcCQMVzXasHxzOYe9eDUW4gXUJEPKKbwCrsIR3BOHoA
/KWSiEjlC/ua1yhde7rT2yNxMVHbKkd+7xAYdgKISXl6Yd5i7//a98XjE6XZmdwD
+IN+IhA9S/hkI7XCL+r/sz9tGJt0QJWQJVpY3quh0rxQpLvBUeN7gFV9I+kLcqWr
CsgodrGOo7q9Ym+iW4DALmKI638rrBqEVIA9C6/ZmHTsClG4LsmQLUcjfIrHTwnf
DsFLBRYZlArNKu2PA7Lqp9Xrac9kexHGAxEhAna//UYz21I1erTWPi5gRwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFByDZO7CeaQf0CqYZfpMPk2KJb1JMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvSElOazdzSjVwQl9RS3BobC1rdy1UWW9sdlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCBxQQCAAEwgb4D
BAIl3XwDBAItQ+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAlZo
SAMEAVnd4AMEAluEhAMEAFvCoTAMAwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQC
Z3FEAwQCZ+dIAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQCuevwAwQCuezoAwQC
ufJUAwQCufqUAwQAwcvKAwQCwjacAwQBwvZyAwQCwyroAwQAw5VXAwQE1Z9AMEwE
AgACMEYDBQMqCXxAAwUAKhE4BQMFASoRPAIDBQAqEUwGAwUCKhQtgAMFACoULYUD
BQAqFC6AAwUAKhQvgAMFACoUMIADBQAqFDiAMA0GCSqGSIb3DQEBCwUAA4IBAQAu
FP4d4f/DCuT7TtzvFmKYhU/vNsXLIk0ljWwN5nW96xmCI/AQC1cLGO8BHVpbIsRf
yTOPU3qwTm6GgkNz1xxCsGIgFjpA9mp76sLuWU9+4kbP33ntfZadB+UFzoN2q6Vw
GcJJFLVf1MSWNM8QslM/M4eLRDCCahB2Ey3Ltb8F/diBhz1on6d3WHkWY/CF2q1A
U/4mTcyhQeWZvqLut/THlQ3dpZ7g/rHWGA7YsPLzgie/YUA4DgHsmjalKdYKwxCy
ujEuwgTxhT+dN+aQ+d9+11KIobXkHPLWj32A4tlSyz/fxwxKayO6WMFacntP+gwr
KAq8Tz6igtmfQEukdgge
-----END CERTIFICATE-----
Generated at Thu Oct 17 09:01:38 2024 by rpki-client on console-fra.rpki-client.org