Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/hNGnfeIMCe71fyASsShGTv7NIZw.roa
File: hNGnfeIMCe71fyASsShGTv7NIZw.roa (raw, json)
Hash identifier: 83oktazDFhdctwk1MORRbE5xbEoBr7XEfbFJQxG1eAM=
Subject key identifier: 84:D1:A7:7D:E2:0C:09:EE:F5:7F:20:12:B1:28:46:4E:FE:CD:21:9C
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01885D8CBDD9D21CE3AD4EB04D0137D70C8E
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/hNGnfeIMCe71fyASsShGTv7NIZw.roa
Signing time: Sat 27 May 2023 14:11:24 +0000
ROA not before: Sat 27 May 2023 14:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199967
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
45.144.240.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
152.89.208.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5d:8c:bd:d9:d2:1c:e3:ad:4e:b0:4d:01:37:d7:0c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 27 14:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d1a77de20c09eef57f2012b128464efecd219c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:50:27:20:de:96:83:38:e2:53:ee:27:c2:
5d:8e:bc:be:9f:9b:47:09:03:e7:3d:1a:0e:c2:b2:
9e:ee:79:fe:13:e9:fd:77:84:69:47:e2:de:a2:4d:
4f:56:05:02:72:8a:30:d6:2b:5e:e4:4e:8a:eb:5f:
01:cf:c5:f3:01:5e:1c:75:69:2f:70:31:c7:8d:43:
c4:df:93:b0:ce:84:1a:77:56:53:db:8f:0d:a6:45:
30:69:1a:9a:58:f4:ec:78:aa:31:16:30:6d:9a:3c:
ae:7e:4a:97:e4:b1:d6:1b:e5:ad:93:e6:0f:f4:9e:
7b:ef:90:06:7f:a3:8f:ce:92:a8:55:c4:06:45:61:
3e:61:80:85:b7:2b:18:c1:c4:03:60:1c:d8:67:70:
a7:0b:b2:03:6f:82:39:79:e2:4d:60:99:9b:c9:24:
d3:20:5f:08:99:10:b9:d0:a9:24:a1:23:52:34:54:
e3:1b:e7:e0:45:fa:68:25:54:40:a9:88:f6:ba:93:
1e:39:62:21:fc:1a:3f:4b:dd:29:ce:b8:79:4e:50:
9f:e3:d2:65:a0:01:9a:9f:c1:c8:84:16:4a:eb:d4:
6d:a3:f1:25:88:0e:7b:76:d6:3b:e5:27:b2:12:85:
69:47:cf:0c:65:c5:97:00:3c:b5:1f:7d:b9:b9:b8:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D1:A7:7D:E2:0C:09:EE:F5:7F:20:12:B1:28:46:4E:FE:CD:21:9C
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/hNGnfeIMCe71fyASsShGTv7NIZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.240.0/23
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.208.0/23
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
90:73:90:ee:b4:bd:0c:71:30:57:ae:b1:34:4a:4a:ab:3e:09:
5f:47:4d:41:0b:c2:e7:52:23:4b:4a:a1:fc:b0:11:e0:28:5a:
f8:46:33:72:5e:bf:3c:e1:b6:05:b6:de:c6:ec:ad:58:34:57:
b6:1a:76:31:ce:f2:fc:d7:56:af:73:8e:18:b2:49:52:8d:97:
31:f6:f2:3f:f1:31:78:c1:80:bb:f7:bd:c5:6e:b4:12:40:cb:
39:a2:9b:f3:5d:28:fe:df:7e:c2:21:84:85:22:3e:87:24:b6:
12:94:ab:d6:83:36:e3:c9:dd:9e:c1:ff:8a:86:f9:ee:7a:1e:
f9:2a:93:16:c1:31:32:72:e8:c1:75:8c:8a:4f:2b:2e:e5:d5:
af:14:08:d3:60:2a:47:cc:56:ad:cb:76:ee:48:5f:96:f9:db:
7b:c7:24:c1:57:e5:c3:77:6a:5e:fb:c7:c9:2b:8d:b8:84:62:
fc:ed:d9:64:53:63:45:96:c7:48:bd:b4:df:5d:28:99:7e:b5:
39:16:f6:8c:f1:4b:7a:e9:39:e8:a5:40:dc:c2:49:dc:a9:c3:
f6:d4:09:4b:ee:1e:1f:30:4f:5b:a1:e1:e0:b1:07:44:8c:cb:
48:8c:82:52:17:20:ba:17:0f:c6:45:e8:46:ed:d1:93:46:52:
28:fb:d5:d0
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYhdjL3Z0hzjrU6wTQE31wyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTI3MTQxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQxYTc3ZGUyMGMwOWVlZjU3ZjIwMTJiMTI4NDY0ZWZlY2QyMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW1QJyDeloM44lPuJ8Jdjry+n5tH
CQPnPRoOwrKe7nn+E+n9d4RpR+Leok1PVgUCcoow1ite5E6K618Bz8XzAV4cdWkv
cDHHjUPE35OwzoQad1ZT248NpkUwaRqaWPTseKoxFjBtmjyufkqX5LHWG+Wtk+YP
9J5775AGf6OPzpKoVcQGRWE+YYCFtysYwcQDYBzYZ3CnC7IDb4I5eeJNYJmbySTT
IF8ImRC50KkkoSNSNFTjG+fgRfpoJVRAqYj2upMeOWIh/Bo/S90pzrh5TlCf49Jl
oAGan8HIhBZK69Rto/EliA57dtY75SeyEoVpR88MZcWXADy1H325ubjWKQIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFITRp33iDAnu9X8gErEoRk7+zSGcMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvaE5HbmZlSU1DZTcxZnlBU3NTaEdUdjdOSVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAJBzkO60
vQxxMFeusTRKSqs+CV9HTUELwudSI0tKofywEeAoWvhGM3JevzzhtgW23sbsrVg0
V7YadjHO8vzXVq9zjhiySVKNlzH28j/xMXjBgLv3vcVutBJAyzmim/NdKP7ffsIh
hIUiPockthKUq9aDNuPJ3Z7B/4qG+e56HvkqkxbBMTJy6MF1jIpPKy7l1a8UCNNg
KkfMVq3Ldu5IX5b523vHJMFX5cN3al77x8krjbiEYvzt2WRTY0WWx0i9tN9dKJl+
tTkW9ozxS3rpOeilQNzCSdypw/bUCUvuHh8wT1uh4eCxB0SMy0iMglIXILoXD8ZF
6Ebt0ZNGUij71dA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:40 2024 by rpki-client on console-ams.rpki-client.org