Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HkQ5PUIo7hThXR3HHRC4dUi1T8s.roa
File: HkQ5PUIo7hThXR3HHRC4dUi1T8s.roa (raw, json)
Hash identifier: Kw9sHmV91y6jKwmWMJY1QjP6LZNo6rotUcjyJV4q/aM=
Subject key identifier: 1E:44:39:3D:42:28:EE:14:E1:5D:1D:C7:1D:10:B8:75:48:B5:4F:CB
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE64C37C83B3EB85DC76A4F7279C6EE
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HkQ5PUIo7hThXR3HHRC4dUi1T8s.roa
Signing time: Sun 01 Jan 2023 10:35:10 +0000
ROA not before: Sun 01 Jan 2023 10:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
82.146.8.0/23 maxlen: 24
82.146.10.0/24 maxlen: 24
82.146.14.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.192.0/22 maxlen: 22
212.72.196.0/23 maxlen: 23
212.72.204.0/24 maxlen: 24
212.72.200.0/23 maxlen: 23
212.72.204.0/23 maxlen: 23
212.72.213.0/24 maxlen: 24
212.72.207.0/24 maxlen: 24
212.72.208.0/22 maxlen: 22
213.130.94.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
212.72.216.0/22 maxlen: 22
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 23
213.130.70.0/23 maxlen: 23
213.130.72.0/23 maxlen: 23
213.130.75.0/24 maxlen: 24
2a00:e40::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Oct 2023 06:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:4c:37:c8:3b:3e:b8:5d:c7:6a:4f:72:79:c6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e44393d4228ee14e15d1dc71d10b87548b54fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b6:6d:ce:16:48:af:58:f1:88:4a:b3:2e:e7:
bc:94:40:45:7e:31:8a:8c:63:05:5e:af:78:d6:75:
8e:cf:39:9f:65:72:8e:52:d0:43:69:9b:a3:19:da:
2c:21:e2:90:3f:9b:03:2c:18:4a:0b:98:01:7f:8b:
06:c4:43:4c:d2:70:6e:46:e7:96:19:2a:8c:8e:ce:
ae:cb:81:ce:c7:cc:3f:a3:6c:94:05:7e:40:d8:99:
91:a8:c9:a9:00:30:1c:e2:6a:50:44:b4:f2:d8:dc:
11:1a:c5:a9:9f:db:3f:00:d7:00:05:4d:80:40:11:
64:ba:e4:20:34:45:10:e8:e2:fb:bf:16:8d:90:6d:
d2:62:0b:dc:b3:e6:ee:04:59:d8:14:6e:69:ab:1e:
7c:8b:a5:30:fe:a7:12:29:44:a5:6b:0c:45:e3:fe:
0e:5e:5d:22:78:38:e2:b5:a0:4b:5c:8b:d7:8a:71:
ac:93:76:cd:f0:69:84:7d:be:42:e8:8c:3d:06:58:
3c:ad:27:6a:60:c2:3f:72:52:5b:19:15:bc:73:5f:
38:af:f1:32:36:81:e0:8c:f1:43:b8:1a:c9:17:61:
4a:98:4c:c2:e6:b5:49:d2:0e:cc:5c:f6:f6:f9:12:
75:89:c2:20:14:cb:3f:a2:de:6b:77:e9:07:80:3a:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:44:39:3D:42:28:EE:14:E1:5D:1D:C7:1D:10:B8:75:48:B5:4F:CB
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HkQ5PUIo7hThXR3HHRC4dUi1T8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/23
212.72.207.0-212.72.211.255
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
IPv6:
2a00:e40::/32
Signature Algorithm: sha256WithRSAEncryption
4e:0e:82:43:3c:4c:0a:37:27:52:36:87:8a:33:62:1d:cc:c2:
42:90:e9:aa:27:76:ee:c7:20:62:c0:45:00:5a:2c:7a:48:06:
f0:88:fa:95:56:3a:b4:81:78:83:69:36:20:f1:aa:0d:7f:07:
0e:cc:16:3f:df:62:45:2a:ad:8b:04:8c:95:ff:32:a5:a2:1b:
b3:80:d7:5e:ff:27:64:40:60:2d:b7:60:97:8b:7f:2b:b2:2a:
dd:2f:ee:f4:a2:6f:49:5a:51:ff:f2:6f:38:32:b3:d0:22:3e:
39:73:05:73:02:39:72:b0:97:93:bf:47:0a:bc:73:bb:3c:4c:
b9:6a:c4:80:7a:79:d5:c3:95:38:a4:1c:82:7d:ca:d7:d5:0a:
3b:be:61:e3:1a:6c:fe:1a:31:26:0c:23:1c:e3:2b:21:c2:6a:
36:59:49:cb:2e:99:41:dc:bc:25:4f:78:1b:c3:43:9c:7c:cf:
f2:e1:4b:25:50:d7:1a:37:0d:94:05:4d:11:cd:59:84:ce:43:
2c:77:9c:86:02:f7:10:df:fc:99:82:3d:4c:67:07:32:f7:a0:
7b:0f:3b:a0:58:2d:24:f1:5c:e5:56:99:3e:bf:bf:9b:01:f6:
fb:88:73:01:51:14:42:4c:10:db:6e:9b:df:3e:20:55:ca:8d:
ea:e9:f0:3e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYVs5kw3yDs+uF3Hak9yecbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ0MzkzZDQyMjhlZTE0ZTE1ZDFkYzcxZDEwYjg3NTQ4YjU0ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbZtzhZIr1jxiEqzLue8lEBFfjGK
jGMFXq941nWOzzmfZXKOUtBDaZujGdosIeKQP5sDLBhKC5gBf4sGxENM0nBuRueW
GSqMjs6uy4HOx8w/o2yUBX5A2JmRqMmpADAc4mpQRLTy2NwRGsWpn9s/ANcABU2A
QBFkuuQgNEUQ6OL7vxaNkG3SYgvcs+buBFnYFG5pqx58i6Uw/qcSKUSlawxF4/4O
Xl0ieDjitaBLXIvXinGsk3bN8GmEfb5C6Iw9Blg8rSdqYMI/clJbGRW8c184r/Ey
NoHgjPFDuBrJF2FKmEzC5rVJ0g7MXPb2+RJ1icIgFMs/ot5rd+kHgDpONQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFB5EOT1CKO4U4V0dxx0QuHVItU/LMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvSGtRNVBVSW83aFRoWFIzSEhSQzRkVWkxVDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgDBAFS
kgQwDAMEA1KSCAMEAFKSCgMEAFKSDgMEAFKSHgMEAFTupAMEAFTupjAMAwQG1EjA
AwQB1EjEAwQB1EjIAwQB1EjMMAwDBADUSM8DBALUSNADBADUSNUwDAMEANRI1wME
ANRI3AMEAdRI3jAMAwQB1YJGAwQB1YJIAwQA1YJLAwQA1YJeMA0EAgACMAcDBQAq
AA5AMA0GCSqGSIb3DQEBCwUAA4IBAQBODoJDPEwKNydSNoeKM2IdzMJCkOmqJ3bu
xyBiwEUAWix6SAbwiPqVVjq0gXiDaTYg8aoNfwcOzBY/32JFKq2LBIyV/zKlohuz
gNde/ydkQGAtt2CXi38rsirdL+70om9JWlH/8m84MrPQIj45cwVzAjlysJeTv0cK
vHO7PEy5asSAennVw5U4pByCfcrX1Qo7vmHjGmz+GjEmDCMc4yshwmo2WUnLLplB
3LwlT3gbw0OcfM/y4UslUNcaNw2UBU0RzVmEzkMsd5yGAvcQ3/yZgj1MZwcy96B7
DzugWC0k8VzlVpk+v7+bAfb7iHMBURRCTBDbbpvfPiBVyo3q6fA+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org