Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HagysFU9FOzN8HyglWu1GV_VNco.roa
File: HagysFU9FOzN8HyglWu1GV_VNco.roa (raw, json)
Hash identifier: uoI+6iBUO2S3L4D7CBrTwpszghH/Upm/5Z/2MHgdD5g=
Subject key identifier: 1D:A8:32:B0:55:3D:14:EC:CD:F0:7C:A0:95:6B:B5:19:5F:D5:35:CA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B900F2F53EEB4A7FA1095DCFD56D3C88B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HagysFU9FOzN8HyglWu1GV_VNco.roa
Signing time: Thu 02 Nov 2023 12:43:16 +0000
ROA not before: Thu 02 Nov 2023 12:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:0f:2f:53:ee:b4:a7:fa:10:95:dc:fd:56:d3:c8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 2 12:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1da832b0553d14eccdf07ca0956bb5195fd535ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:57:cd:02:3a:be:ba:4f:7b:63:1a:0c:f2:
7f:68:e9:fa:32:72:3e:4c:4d:29:cb:32:58:66:11:
82:f9:f5:eb:cb:c1:b0:14:3f:74:b0:4f:4b:b5:5a:
d9:4b:55:b5:6c:6e:90:09:f8:b8:bc:5d:4d:b2:9c:
a4:ad:e0:d3:e3:77:0c:cc:ad:66:e1:be:0c:1a:9b:
84:12:b6:2f:18:04:a7:bf:c1:cb:9e:d8:2a:54:42:
65:33:c0:2b:94:6e:8d:92:79:3d:80:d7:d0:80:81:
02:cd:a3:80:c1:b0:c8:d8:53:59:34:af:d6:8c:b8:
2d:56:17:c4:a5:89:67:42:5c:b7:98:56:53:f4:32:
15:31:33:6d:4d:26:b5:91:84:6d:42:b5:b3:6d:df:
a7:4f:4b:2e:f2:77:28:95:93:5d:16:d2:55:fd:61:
a7:1a:77:d6:38:ac:2e:27:c5:61:bb:0e:9f:32:63:
df:3f:34:78:5b:61:6a:de:2a:b5:c9:8d:d7:6b:24:
d3:0c:00:d8:46:b6:f8:17:f4:46:f5:4c:59:bd:9d:
0a:94:af:47:05:56:56:7b:dc:2d:e4:25:f4:85:d1:
c0:3c:44:0d:18:45:f1:e3:01:3a:af:05:fb:73:60:
74:d7:01:0e:ad:71:5c:df:9c:e8:54:0a:61:42:71:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A8:32:B0:55:3D:14:EC:CD:F0:7C:A0:95:6B:B5:19:5F:D5:35:CA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HagysFU9FOzN8HyglWu1GV_VNco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.247.172.0/24
94.154.126.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.24.123.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
51:e7:0b:71:3b:93:48:c0:4a:0a:8f:ff:be:0a:8c:bc:86:0c:
fd:72:0c:a9:c1:71:bd:74:29:d6:42:b3:bd:cb:a9:75:97:3e:
71:bd:f0:14:62:fb:5b:cf:25:82:8e:4a:30:b1:39:6c:3e:40:
a3:07:71:41:34:d3:28:5e:b8:82:f9:cc:13:5e:7b:93:a7:a8:
33:0a:e6:e0:36:ac:d8:cd:4b:24:76:ce:ea:1b:c7:ae:96:a4:
c2:ec:9a:a7:9b:1b:94:eb:11:6b:96:56:8a:ba:a2:d7:60:86:
3d:90:85:93:12:84:3b:42:7f:11:77:61:34:35:d1:f8:03:4e:
ce:53:fc:ee:ec:63:06:6d:77:ca:b8:29:cd:2f:7d:d8:ed:38:
c1:6b:7c:7a:78:af:c4:40:ef:c6:bd:2d:58:d2:d5:f2:7e:cf:
4d:a3:d1:77:ed:21:f4:31:0e:14:9f:c1:d3:2c:93:e1:05:b1:
6d:bd:11:50:4b:67:93:ca:68:cb:cd:6b:ee:58:f7:25:90:33:
f4:74:aa:cc:1d:a6:22:4f:2a:f3:53:2d:47:2c:7e:92:8e:3e:
f8:fd:31:3f:a4:2b:41:7b:ae:1e:6d:0f:8b:e8:a2:4a:3d:47:
1c:0d:3f:79:e6:fa:9e:3b:29:66:84:9a:7d:c7:1d:41:69:57:
87:ed:cf:8d
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAYuQDy9T7rSn+hCV3P1W08iLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAyMTI0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE4MzJiMDU1M2QxNGVjY2RmMDdjYTA5NTZiYjUxOTVmZDUzNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgNXzQI6vrpPe2MaDPJ/aOn6MnI+
TE0pyzJYZhGC+fXry8GwFD90sE9LtVrZS1W1bG6QCfi4vF1NspykreDT43cMzK1m
4b4MGpuEErYvGASnv8HLntgqVEJlM8ArlG6Nknk9gNfQgIECzaOAwbDI2FNZNK/W
jLgtVhfEpYlnQly3mFZT9DIVMTNtTSa1kYRtQrWzbd+nT0su8ncolZNdFtJV/WGn
GnfWOKwuJ8Vhuw6fMmPfPzR4W2Fq3iq1yY3XayTTDADYRrb4F/RG9UxZvZ0KlK9H
BVZWe9wt5CX0hdHAPEQNGEXx4wE6rwX7c2B01wEOrXFc35zoVAphQnFsXQIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFB2oMrBVPRTszfB8oJVrtRlf1TXKMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSGFneXNGVTlGT3pOOEh5Z2xXdTFHVl9WTmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD5qWwMEAD56vwMEAD7F
gAMEAD7MPAMEAD7pJgMEAE6O8wMEAE9u5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy
6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv3rAMEAF6afgMEALBhwwMEALBhxgMEALBh
yAMEALB2IwMEALB+dwMEALmXkQMEALmhewMEALm42AMEALnqDwMEALnr4QMEALnr
5AMEALn81QMEALzxnwMEALzx+AMEALz0fgMEAcEDtAMEAMEDuwMEAMEmmgMEAcGj
wAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIayAMEAMKWTAMEANQYewMEANVt
nAMEANVtnwMEANWtJQMEANl3hzANBgkqhkiG9w0BAQsFAAOCAQEAUecLcTuTSMBK
Co//vgqMvIYM/XIMqcFxvXQp1kKzvcupdZc+cb3wFGL7W88lgo5KMLE5bD5Aowdx
QTTTKF64gvnME157k6eoMwrm4Das2M1LJHbO6hvHrpakwuyap5sblOsRa5ZWirqi
12CGPZCFkxKEO0J/EXdhNDXR+ANOzlP87uxjBm13yrgpzS992O04wWt8enivxEDv
xr0tWNLV8n7PTaPRd+0h9DEOFJ/B0yyT4QWxbb0RUEtnk8poy81r7lj3JZAz9HSq
zB2mIk8q81MtRyx+ko4++P0xP6QrQXuuHm0Pi+iiSj1HHA0/eeb6njspZoSafccd
QWlXh+3PjQ==
-----END CERTIFICATE-----
Generated at Thu Nov 2 15:13:18 2023 by rpki-client on console-fra.rpki-client.org