Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/H062xxugJUARaCb-kWawl6WzKRg.roa
File: H062xxugJUARaCb-kWawl6WzKRg.roa (raw, json)
Hash identifier: Wf5f1OjUvOn/iA81NeMkqL5TatA4JT0kXt0ww8b3aTA=
Subject key identifier: 1F:4E:B6:C7:1B:A0:25:40:11:68:26:FE:91:66:B0:97:A5:B3:29:18
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018ADBF7A498A62DEF92F46C70DE506883E5
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/H062xxugJUARaCb-kWawl6WzKRg.roa
Signing time: Thu 28 Sep 2023 13:25:54 +0000
ROA not before: Thu 28 Sep 2023 13:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
185.137.168.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
93.90.180.0/23 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
91.203.212.0/22 maxlen: 24
37.218.254.0/24 maxlen: 24
195.82.152.0/23 maxlen: 24
178.20.96.0/21 maxlen: 24
188.64.46.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
195.5.120.0/23 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
81.88.28.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
81.88.32.0/20 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.102.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:2000::/36 maxlen: 64
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Nov 2023 09:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:f7:a4:98:a6:2d:ef:92:f4:6c:70:de:50:68:83:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Sep 28 13:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f4eb6c71ba02540116826fe9166b097a5b32918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2e:02:ce:d5:70:5e:62:3f:ca:7a:a8:47:61:
a1:c4:48:e8:be:09:94:89:71:db:f9:9a:eb:a4:d2:
a0:21:23:ff:a2:e3:77:53:77:f6:b4:ca:36:ab:d1:
63:c5:fb:23:2a:ea:88:d1:d2:f4:e6:7b:9c:8c:6e:
2e:fa:e0:35:c0:0d:5f:a6:1c:ea:86:64:ad:b5:39:
06:1d:7a:c9:74:66:da:7c:d4:b3:8e:3c:5e:60:49:
f3:00:79:87:70:e0:e8:d4:83:ef:9c:7d:83:df:67:
9e:6c:32:12:72:88:88:ab:6b:54:3a:29:e8:1e:18:
66:20:ab:01:52:90:9c:8e:01:13:73:72:82:32:3c:
a8:d4:8c:58:70:ca:2a:34:a1:6f:ce:a4:4b:79:2f:
2f:fe:c3:44:1e:7f:2a:b7:a1:57:9b:96:ae:ad:8a:
94:4c:6e:2f:96:3f:90:0c:6e:0f:75:0e:03:4a:23:
06:c7:42:a6:6b:1c:3d:02:cc:ef:05:54:3e:d7:5b:
1e:5c:89:3d:bc:5c:10:c1:06:70:a0:a4:65:a1:2e:
a9:fb:08:02:34:db:dc:c8:ff:16:a0:f2:4a:bb:fc:
48:bf:2a:c0:82:39:51:04:a3:8b:d5:34:6c:39:82:
8b:07:1a:55:59:45:1f:89:22:cc:f5:4c:fd:a8:44:
1c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4E:B6:C7:1B:A0:25:40:11:68:26:FE:91:66:B0:97:A5:B3:29:18
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/H062xxugJUARaCb-kWawl6WzKRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.111.255
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
81.88.28.0-81.88.47.255
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.203.212.0/22
91.220.49.0/24
93.90.178.0/24
93.90.180.0/23
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
188.64.46.0/23
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
35:04:ad:e1:71:b6:d7:ad:49:5e:13:97:9d:b0:9b:a2:d5:b5:
14:73:8b:3b:2e:c8:0f:5d:49:16:b0:a2:af:6d:d6:62:e6:0e:
8e:d5:64:ef:c6:c8:1c:3e:7c:a9:8d:c5:22:a9:9a:c6:84:4c:
17:c0:ad:fc:9b:18:13:9e:1c:bf:5f:a2:d6:a8:d0:9b:85:56:
fd:2c:e0:2c:81:1c:93:44:da:04:40:4d:3f:49:1b:2e:51:85:
a3:bd:ef:b8:a4:5a:88:d8:de:73:b7:1a:c9:a3:a8:90:0e:37:
20:a5:c9:e7:05:48:1f:06:f8:15:a1:1f:57:0f:7b:9c:15:d6:
2f:2b:20:35:5e:de:4a:33:fe:6c:04:82:5a:67:bc:d0:43:76:
25:d0:d7:6b:e5:a0:e2:6a:3b:17:97:b4:2a:a6:2b:98:89:7d:
ef:3b:bc:57:5b:da:55:fc:bf:7d:b8:67:eb:61:87:80:b9:12:
a9:cc:f5:6f:82:a6:b2:b1:93:f6:61:b0:6f:63:7a:bf:c0:2b:
9f:3b:cc:90:3b:f5:4b:1d:1e:65:3b:95:de:f1:6b:99:ab:cc:
f5:bc:9f:8c:67:b3:5b:93:b5:d4:60:d4:4a:56:1e:f1:eb:5c:
10:e0:1b:b0:a5:39:b0:cd:92:6e:ba:8e:3a:61:52:40:27:7d:
e7:b9:a6:ed
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYrb96SYpi3vkvRscN5QaIPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwOTI4MTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRlYjZjNzFiYTAyNTQwMTE2ODI2ZmU5MTY2YjA5N2E1YjMyOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi4CztVwXmI/ynqoR2GhxEjovgmU
iXHb+ZrrpNKgISP/ouN3U3f2tMo2q9FjxfsjKuqI0dL05nucjG4u+uA1wA1fphzq
hmSttTkGHXrJdGbafNSzjjxeYEnzAHmHcODo1IPvnH2D32eebDIScoiIq2tUOino
HhhmIKsBUpCcjgETc3KCMjyo1IxYcMoqNKFvzqRLeS8v/sNEHn8qt6FXm5aurYqU
TG4vlj+QDG4PdQ4DSiMGx0Kmaxw9AszvBVQ+11seXIk9vFwQwQZwoKRloS6p+wgC
NNvcyP8WoPJKu/xIvyrAgjlRBKOL1TRsOYKLBxpVWUUfiSLM9Uz9qEQc2QIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFB9OtscboCVAEWgm/pFmsJelsykYMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvSDA2Mnh4dWdKVUFSYUNiLWtXYXdsNld6S1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB5QQCAAEwgd4w
DAMEAgUsZAMEBAUsYAMEBB8v8DAMAwQDJdr4AwQAJdr8AwQAJdr+AwQAUVgQMAwD
BAJRWBwDBARRWCADBAJZFmQDBABZFmoDBABZFmwwDAMEAVkWbgMEA1kWcDAMAwQB
WRZ6AwQHWRYAAwQCW8tsAwQCW8vUAwQAW9wxAwQAXVqyAwQBXVq0MAwDBACAf0ED
BACAf0IDBAOyFGADBACy+qoDBACy+q4DBAK5UFwDBAK5iagDBAK5z+QDBAG8QC4D
BADAolcDBADBFv8DBADCkeIDBAHDBXgDBAHDUpgwHwQCAAIwGTAQAwYFKgD6QCAD
BgQqAPpAQAMFACoBZMAwDQYJKoZIhvcNAQELBQADggEBADUEreFxttetSV4Tl52w
m6LVtRRzizsuyA9dSRawoq9t1mLmDo7VZO/GyBw+fKmNxSKpmsaETBfArfybGBOe
HL9fotao0JuFVv0s4CyBHJNE2gRATT9JGy5RhaO977ikWojY3nO3GsmjqJAONyCl
yecFSB8G+BWhH1cPe5wV1i8rIDVe3koz/mwEglpnvNBDdiXQ12vloOJqOxeXtCqm
K5iJfe87vFdb2lX8v324Z+thh4C5EqnM9W+CprKxk/ZhsG9jer/AK587zJA79Usd
HmU7ld7xa5mrzPW8n4xns1uTtdRg1EpWHvHrXBDgG7ClObDNkm66jjphUkAnfee5
pu0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org