Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/hmxL3Tv8OIlWp6kB4oGcck4snLo.roa
File: hmxL3Tv8OIlWp6kB4oGcck4snLo.roa (raw, json)
Hash identifier: jvXuKQvWFURkbAmNcap62/CtNEuNxyXWHVjgZdL+q6E=
Subject key identifier: 86:6C:4B:DD:3B:FC:38:89:56:A7:A9:01:E2:81:9C:72:4E:2C:9C:BA
Certificate issuer: /CN=ebf760c05773c15d73676450344668fefb723447
Certificate serial: 018CC5DC126B1462444982C5D494838FC915
Authority key identifier: EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/hmxL3Tv8OIlWp6kB4oGcck4snLo.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50597
IP address blocks: 85.194.198.0/24 maxlen: 24
85.194.197.0/24 maxlen: 24
85.194.199.0/24 maxlen: 24
85.194.196.0/22 maxlen: 22
85.194.196.0/24 maxlen: 24
37.98.226.0/24 maxlen: 24
37.98.225.0/24 maxlen: 24
37.98.224.0/24 maxlen: 24
37.98.224.0/21 maxlen: 21
37.98.228.0/24 maxlen: 24
37.98.227.0/24 maxlen: 24
37.98.230.0/24 maxlen: 24
37.98.229.0/24 maxlen: 24
37.98.231.0/24 maxlen: 24
109.205.112.0/24 maxlen: 24
109.205.115.0/24 maxlen: 24
109.205.118.0/24 maxlen: 24
109.205.114.0/23 maxlen: 23
109.205.114.0/24 maxlen: 24
109.205.117.0/24 maxlen: 24
109.205.116.0/24 maxlen: 24
109.205.112.0/21 maxlen: 21
109.205.113.0/24 maxlen: 24
185.76.32.0/24 maxlen: 24
185.76.32.0/22 maxlen: 22
185.76.34.0/24 maxlen: 24
185.76.33.0/24 maxlen: 24
185.76.35.0/24 maxlen: 24
109.205.119.0/24 maxlen: 24
85.113.91.0/24 maxlen: 24
85.113.90.0/23 maxlen: 23
85.113.90.0/24 maxlen: 24
2a05:55c1:e::/48 maxlen: 48
2a05:55c1:4::/48 maxlen: 48
2a05:55c1:6::/48 maxlen: 48
2a05:55c1:1::/48 maxlen: 48
2a05:55c0::/29 maxlen: 29
2a05:55c1:3::/48 maxlen: 48
2a05:55c1:5::/48 maxlen: 48
2a05:55c1:2::/48 maxlen: 48
2a05:55c1:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Mar 2024 12:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:12:6b:14:62:44:49:82:c5:d4:94:83:8f:c9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf760c05773c15d73676450344668fefb723447
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=866c4bdd3bfc388956a7a901e2819c724e2c9cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:29:af:5a:9d:2d:73:c9:c3:c7:2d:e6:a2:3b:
3c:43:be:53:2f:96:76:31:4f:e2:eb:9b:d3:c2:7a:
17:69:70:78:1c:5d:78:87:5d:bf:f9:5f:7a:73:ba:
1f:8a:6c:86:82:ce:7f:a0:3c:f2:49:d3:30:74:72:
b8:93:c3:10:69:87:9e:96:bf:30:51:54:c6:4d:26:
61:4e:6c:17:42:70:d2:1b:d2:16:ac:20:5d:bb:1c:
e6:fd:cf:81:99:ba:67:5e:7b:33:06:2b:26:98:5d:
ea:49:43:b6:4b:84:57:9e:94:89:ae:1b:f7:20:4d:
41:1b:0e:79:63:bd:fc:69:a0:45:de:eb:fc:c8:32:
38:a9:36:83:c6:1d:8f:d1:24:ed:9e:67:ed:b6:b6:
1d:de:95:08:62:ed:f3:e4:d0:fd:1c:38:d7:53:e6:
ed:99:21:0e:ca:8f:cd:57:a4:3c:a7:15:f0:dc:1a:
f6:f7:51:7c:fa:c1:27:f3:5c:5d:12:77:65:13:7b:
6e:6b:d2:63:69:ef:19:3c:25:7f:fa:e3:11:51:ea:
3b:36:73:87:b6:7e:63:de:09:c9:f9:10:8e:f9:2e:
43:dd:64:0e:a3:51:cb:76:96:7c:ed:ea:58:db:67:
7e:07:6f:b9:63:d9:3a:26:94:c0:79:81:8d:d2:65:
f9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6C:4B:DD:3B:FC:38:89:56:A7:A9:01:E2:81:9C:72:4E:2C:9C:BA
X509v3 Authority Key Identifier:
keyid:EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/hmxL3Tv8OIlWp6kB4oGcck4snLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.224.0/21
85.113.90.0/23
85.194.196.0/22
109.205.112.0/21
185.76.32.0/22
IPv6:
2a05:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:06:b7:6f:69:03:ec:f8:37:f1:f6:58:0c:76:58:e4:ef:4c:
08:fe:29:a5:43:f8:e5:7f:21:f3:17:33:42:97:f1:86:10:cc:
0a:85:87:9e:43:4d:e2:f4:ca:0c:93:f7:42:38:46:b9:f8:e1:
a6:97:64:5a:65:84:01:7a:12:9f:4d:75:b5:3c:2a:86:ba:e0:
68:b9:5d:ce:76:bf:0f:23:62:41:57:1c:1d:2a:d4:01:1c:76:
b9:68:95:1f:e6:57:20:22:ec:b6:fb:cd:08:fc:b8:ef:33:cb:
c2:11:3a:26:bc:b4:48:35:1c:8a:3f:e6:6b:5d:e3:95:41:d3:
2c:b3:95:8e:1d:1e:a4:b4:ad:e7:80:d3:ef:11:d8:d7:fc:cd:
23:fd:cd:69:2b:94:da:e7:22:01:e2:d5:a6:e7:2e:81:f4:b4:
2b:95:65:4e:75:be:af:39:49:0d:2e:24:43:d8:8e:34:4d:67:
09:8b:7d:c2:10:2d:02:46:fd:8e:2c:b6:c8:22:f2:62:6b:4e:
0c:ed:ec:9d:c2:11:4d:05:83:63:0d:e0:90:f3:c3:79:5e:e3:
9a:27:ae:d1:74:ff:05:64:73:d5:de:bb:8d:a1:5c:9a:68:06:
8b:63:1e:35:88:9e:f5:ea:41:6a:98:b9:51:4a:70:18:b0:70:
7a:ed:41:42
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzF3BJrFGJESYLF1JSDj8kVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjc2MGMwNTc3M2MxNWQ3MzY3NjQ1MDM0NDY2OGZlZmI3
MjM0NDcwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZjNGJkZDNiZmMzODg5NTZhN2E5MDFlMjgxOWM3MjRlMmM5Y2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApimvWp0tc8nDxy3mojs8Q75TL5Z2
MU/i65vTwnoXaXB4HF14h12/+V96c7ofimyGgs5/oDzySdMwdHK4k8MQaYeelr8w
UVTGTSZhTmwXQnDSG9IWrCBduxzm/c+BmbpnXnszBismmF3qSUO2S4RXnpSJrhv3
IE1BGw55Y738aaBF3uv8yDI4qTaDxh2P0STtnmfttrYd3pUIYu3z5ND9HDjXU+bt
mSEOyo/NV6Q8pxXw3Br291F8+sEn81xdEndlE3tua9Jjae8ZPCV/+uMRUeo7NnOH
tn5j3gnJ+RCO+S5D3WQOo1HLdpZ87epY22d+B2+5Y9k6JpTAeYGN0mX5fwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIZsS907/DiJVqepAeKBnHJOLJy6MB8GA1UdIwQY
MBaAFOv3YMBXc8Fdc2dkUDRGaP77cjRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYt
NDkwOTg4OTdlZTRhLzEvaG14TDNUdjhPSWxXcDZrQjRvR2NjazRzbkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYtNDkwOTg4OTdlZTRh
LzEvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJWLgAwQB
VXFaAwQCVcLEAwQDbc1wAwQCuUwgMA0EAgACMAcDBQMqBVXAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEBrdvaQPs+Dfx9lgMdljk70wI/imlQ/jlfyHzFzNCl/GGEMwKhYee
Q03i9MoMk/dCOEa5+OGml2RaZYQBehKfTXW1PCqGuuBouV3Odr8PI2JBVxwdKtQB
HHa5aJUf5lcgIuy2+80I/LjvM8vCETomvLRINRyKP+ZrXeOVQdMss5WOHR6ktK3n
gNPvEdjX/M0j/c1pK5Ta5yIB4tWm5y6B9LQrlWVOdb6vOUkNLiRD2I40TWcJi33C
EC0CRv2OLLbIIvJia04M7eydwhFNBYNjDeCQ88N5XuOaJ67RdP8FZHPV3ruNoVya
aAaLYx41iJ716kFqmLlRSnAYsHB67UFC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org