Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/HnkdogDFFBI6QaYnqqGNf21GW-U.roa
File: HnkdogDFFBI6QaYnqqGNf21GW-U.roa (raw, json)
Hash identifier: jGI39rVTSqiuYNNLsfrKe5yT0ug4wgGiGnA/e7DirZM=
Subject key identifier: 1E:79:1D:A2:00:C5:14:12:3A:41:A6:27:AA:A1:8D:7F:6D:46:5B:E5
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01882502244C6F0A71B76BF0C7CA46B784DA
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/HnkdogDFFBI6QaYnqqGNf21GW-U.roa
Signing time: Tue 16 May 2023 14:41:17 +0000
ROA not before: Tue 16 May 2023 14:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 May 2023 17:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:02:24:4c:6f:0a:71:b7:6b:f0:c7:ca:46:b7:84:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 16 14:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e791da200c514123a41a627aaa18d7f6d465be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:e4:12:4f:19:d7:73:1f:de:e8:76:3c:6b:
28:b6:d2:6f:23:79:9f:0b:47:f0:a8:a1:e6:8a:5f:
7c:71:12:d0:cc:64:a7:41:0a:1d:37:ed:3b:94:a1:
39:b3:c5:a6:f4:97:c9:c4:fc:40:31:cd:a5:89:92:
53:f0:ec:92:83:f7:5c:49:ca:8e:90:e7:a6:2c:0c:
33:67:16:30:2e:d1:15:0e:61:0e:f7:da:4e:ff:27:
35:76:ec:3d:0c:cb:28:ff:35:61:ac:8b:84:57:47:
74:1e:57:89:e5:2a:18:12:e0:e8:ee:8a:05:e6:fc:
d0:c5:5f:cc:ad:2d:c6:d9:33:11:63:35:92:5f:98:
16:46:cf:03:87:46:18:3d:ae:0d:fc:c6:93:1d:21:
64:97:bf:9c:3d:46:ac:50:a2:ef:50:2f:92:2a:1b:
b1:1e:08:74:9e:78:cd:50:6a:b7:fe:52:d9:6d:ed:
c2:34:3d:83:9c:81:ef:45:6d:18:49:24:ea:18:5a:
af:8b:da:f0:b0:43:40:74:af:5b:52:c5:8e:84:41:
9e:04:ce:5d:8f:a9:a0:53:5d:63:45:83:1f:ec:65:
07:57:2e:84:2d:ea:c9:e8:d5:ee:44:03:28:91:e2:
22:db:ed:92:41:40:be:36:ee:e4:95:06:c0:29:1f:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:79:1D:A2:00:C5:14:12:3A:41:A6:27:AA:A1:8D:7F:6D:46:5B:E5
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/HnkdogDFFBI6QaYnqqGNf21GW-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.241.0/24
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.209.0/24
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
Signature Algorithm: sha256WithRSAEncryption
80:87:16:7f:f4:9f:60:a6:7d:9f:a2:76:af:07:c4:a4:f5:0b:
eb:39:07:17:99:07:e4:ad:18:74:06:69:29:d3:1d:d2:bd:fc:
40:73:35:d0:69:97:74:44:3e:46:2a:82:f8:ff:c1:e2:75:14:
ca:a3:6f:8c:0f:1f:b8:a1:2f:68:1d:f6:99:d3:e0:f1:c9:6e:
16:4a:06:5e:a9:ce:0d:1a:8b:f6:5f:5f:b8:dd:c5:e6:a4:28:
d0:c8:88:4a:59:a9:fc:25:a0:2d:cf:eb:ec:95:94:cc:fc:ab:
10:91:e5:5c:74:a7:fa:93:21:61:cc:2e:ef:1c:37:29:44:5d:
f5:b1:2d:fb:ea:1d:9d:42:11:b9:ce:aa:e4:67:5c:65:5d:e4:
c5:63:e4:a4:cf:93:90:f2:a1:a5:9b:98:c6:47:c5:ac:0b:55:
be:70:fe:5a:40:df:15:cf:6d:78:72:1c:6c:98:66:42:14:d3:
32:ef:ad:45:7f:4c:65:22:c7:25:59:87:10:ad:98:d5:cc:5e:
cf:07:ac:67:9c:6d:96:37:4c:82:75:27:7d:6a:a7:03:98:cd:
85:2a:ae:2e:16:a2:c9:8e:24:bb:7f:90:b1:99:ec:89:a5:d4:
f6:0b:9f:5c:b7:45:b0:28:06:88:a1:79:bd:81:d2:77:05:1b:
57:15:fd:b7
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYglAiRMbwpxt2vwx8pGt4TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTE2MTQ0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTc5MWRhMjAwYzUxNDEyM2E0MWE2MjdhYWExOGQ3ZjZkNDY1YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN7kEk8Z13Mf3uh2PGsottJvI3mf
C0fwqKHmil98cRLQzGSnQQodN+07lKE5s8Wm9JfJxPxAMc2liZJT8OySg/dcScqO
kOemLAwzZxYwLtEVDmEO99pO/yc1duw9DMso/zVhrIuEV0d0HleJ5SoYEuDo7ooF
5vzQxV/MrS3G2TMRYzWSX5gWRs8Dh0YYPa4N/MaTHSFkl7+cPUasUKLvUC+SKhux
Hgh0nnjNUGq3/lLZbe3CND2DnIHvRW0YSSTqGFqvi9rwsENAdK9bUsWOhEGeBM5d
j6mgU11jRYMf7GUHVy6ELerJ6NXuRAMokeIi2+2SQUC+Nu7klQbAKR/uNQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFB55HaIAxRQSOkGmJ6qhjX9tRlvlMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvSG5rZG9nREZGQkk2UWFZbnFxR05mMjFHVy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAAtkPEDBABR
Wr8DBAFb2XgDBACTTg8DBACYWdEwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA0GCSqGSIb3DQEBCwUAA4IBAQCAhxZ/9J9gpn2fonavB8Sk9QvrOQcX
mQfkrRh0Bmkp0x3SvfxAczXQaZd0RD5GKoL4/8HidRTKo2+MDx+4oS9oHfaZ0+Dx
yW4WSgZeqc4NGov2X1+43cXmpCjQyIhKWan8JaAtz+vslZTM/KsQkeVcdKf6kyFh
zC7vHDcpRF31sS376h2dQhG5zqrkZ1xlXeTFY+Skz5OQ8qGlm5jGR8WsC1W+cP5a
QN8Vz214chxsmGZCFNMy761Ff0xlIsclWYcQrZjVzF7PB6xnnG2WN0yCdSd9aqcD
mM2FKq4uFqLJjiS7f5CxmeyJpdT2C59ct0WwKAaIoXm9gdJ3BRtXFf23
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:49 2024 by rpki-client on console-ams.rpki-client.org