Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HImAf4mJnnUEEUauhqoQnCUsoXs.roa
File: HImAf4mJnnUEEUauhqoQnCUsoXs.roa (raw, json)
Hash identifier: 8njVcDk1tGAQdRZFMks3hooz4RJnJAIthDbLkavlvCc=
Subject key identifier: 1C:89:80:7F:89:89:9E:75:04:11:46:AE:86:AA:10:9C:25:2C:A1:7B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018C73068A124820F83B7F2E37225640C9EA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HImAf4mJnnUEEUauhqoQnCUsoXs.roa
Signing time: Sat 16 Dec 2023 14:27:37 +0000
ROA not before: Sat 16 Dec 2023 14:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.114.75.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
193.168.224.0/24 maxlen: 24
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0c:77c0::/32 maxlen: 32
2a0c:74c0::/29 maxlen: 29
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0c:77c0::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0d:3880::/29 maxlen: 29
2a0a:9302:1::/48 maxlen: 48
2a0d:2cc0::/29 maxlen: 29
2a0b:7780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:06:8a:12:48:20:f8:3b:7f:2e:37:22:56:40:c9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Dec 16 14:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c89807f89899e75041146ae86aa109c252ca17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e7:44:0e:0d:8a:20:1d:4b:5a:a3:8b:a0:b5:
9f:f0:1e:a9:16:93:40:65:85:1d:e4:4b:dc:6c:3a:
17:85:6b:bf:fa:5f:1a:a2:30:dd:4d:02:76:8a:27:
ed:0b:60:dc:cc:d5:5e:50:da:f1:5f:1a:c3:5a:36:
2f:e2:a1:ee:99:dd:11:52:bf:87:59:26:9a:8b:00:
77:4a:89:36:b6:e5:79:b8:e9:6e:60:b4:18:56:7c:
21:05:c7:36:96:cc:7c:c1:a2:ca:5c:8b:cb:10:ab:
a0:b4:d3:4b:a8:60:dd:b1:3f:05:98:79:23:0d:c6:
8e:2c:20:55:e6:a8:4f:b5:3d:b6:ed:2a:f2:9e:3a:
94:e7:7a:c9:35:5b:a5:9f:7c:35:52:2c:09:56:ec:
db:1c:e9:f0:a0:7f:3a:42:b6:85:65:8c:b4:2b:57:
69:a4:b0:b3:02:0c:7c:98:f1:dc:1d:80:b0:a9:80:
d3:9c:ca:f5:4e:72:2c:49:ad:d8:e5:70:48:21:72:
fa:ad:84:19:cf:ce:03:5d:14:ea:50:40:34:0c:f4:
fd:6c:20:eb:2a:25:9a:03:80:1b:25:08:7c:98:f6:
66:e7:d2:34:b1:9c:eb:7f:bf:e8:4f:32:4d:a1:fe:
56:5d:48:7a:70:47:61:5f:9b:24:6b:1e:db:32:f9:
17:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:80:7F:89:89:9E:75:04:11:46:AE:86:AA:10:9C:25:2C:A1:7B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HImAf4mJnnUEEUauhqoQnCUsoXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.114.75.0/24
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0b:9800::/29
2a0c:74c0::/29
2a0c:77c0::/29
2a0d:2cc0::/29
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
91:1d:f5:ae:01:60:10:50:bd:e8:c7:e0:2c:39:d9:80:ec:87:
2b:d4:67:64:ed:06:a0:60:df:dc:6c:15:54:85:71:26:e7:73:
99:20:87:b2:73:54:45:f7:72:ce:ba:de:fd:28:c0:a1:34:51:
88:04:d1:42:39:dd:d2:22:c5:09:b1:c0:ac:b4:f2:fe:a4:b6:
26:33:9c:77:8d:18:3a:f8:52:26:4a:7a:b1:11:6e:a0:04:06:
f9:c4:34:0a:83:00:4c:8e:7a:de:bd:4c:51:7e:21:27:62:fe:
fc:21:f2:23:ac:27:a0:b1:19:83:88:fe:43:65:f7:2d:67:8b:
c2:e8:28:25:9a:a5:1b:8d:3e:ef:6a:12:99:82:ab:b6:15:e4:
e3:98:8b:60:06:f8:c5:71:ab:be:1b:99:1c:48:e6:0d:6a:b0:
01:80:91:7d:7b:e0:32:2f:b8:70:48:05:70:b8:f9:cd:12:4a:
f7:d4:dd:31:7f:95:17:c1:b1:02:22:d2:e4:fa:72:ba:55:ae:
07:8b:9a:c8:b0:03:1f:d3:66:70:e8:c7:df:81:54:64:9c:df:
9a:35:eb:ff:0e:49:6d:dd:91:f9:4e:b4:2a:c3:17:3d:a7:26:
99:52:4c:9a:b0:cd:b2:26:23:9d:4c:36:11:8d:86:7d:ce:a6:
e3:08:a7:1f
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYxzBooSSCD4O38uNyJWQMnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMjE2MTQyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5ODA3Zjg5ODk5ZTc1MDQxMTQ2YWU4NmFhMTA5YzI1MmNhMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgedEDg2KIB1LWqOLoLWf8B6pFpNA
ZYUd5EvcbDoXhWu/+l8aojDdTQJ2iiftC2DczNVeUNrxXxrDWjYv4qHumd0RUr+H
WSaaiwB3Sok2tuV5uOluYLQYVnwhBcc2lsx8waLKXIvLEKugtNNLqGDdsT8FmHkj
DcaOLCBV5qhPtT227SrynjqU53rJNVuln3w1UiwJVuzbHOnwoH86QraFZYy0K1dp
pLCzAgx8mPHcHYCwqYDTnMr1TnIsSa3Y5XBIIXL6rYQZz84DXRTqUEA0DPT9bCDr
KiWaA4AbJQh8mPZm59I0sZzrf7/oTzJNof5WXUh6cEdhX5skax7bMvkXXQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFByJgH+JiZ51BBFGroaqEJwlLKF7MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSEltQWY0bUpublVFRVVhdWhxb1FuQ1Vzb1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIweAQCAAEwcgMEAS1Z
QgMEAi2AsAMEAC2E/AMEAFvZUAMEA16OiAMEArkF+AMEArk6zAMEArlXMAMEAblp
dAMEALlySwMEArl1mAMEArl92AMEArl95AMEALnIvAMEAMFtVQMEBMF8sAMEAMGo
4AMEBcJDwAMEAMMv+jB2BAIAAjBwAwUDKgdKAAMHACoKkwAAAAMHACoKkwAAAjAS
AwcEKgqTAADQAwcAKgqTAADSMBADBQAqCpMBAwcAKgqTAQACAwUAKgqTAgMFAyoL
d4ADBQMqC5gAAwUDKgx0wAMFAyoMd8ADBQMqDSzAAwUDKg04gDANBgkqhkiG9w0B
AQsFAAOCAQEAkR31rgFgEFC96MfgLDnZgOyHK9RnZO0GoGDf3GwVVIVxJudzmSCH
snNURfdyzrre/SjAoTRRiATRQjnd0iLFCbHArLTy/qS2JjOcd40YOvhSJkp6sRFu
oAQG+cQ0CoMATI563r1MUX4hJ2L+/CHyI6wnoLEZg4j+Q2X3LWeLwugoJZqlG40+
72oSmYKrthXk45iLYAb4xXGrvhuZHEjmDWqwAYCRfXvgMi+4cEgFcLj5zRJK99Td
MX+VF8GxAiLS5PpyulWuB4uayLADH9NmcOjH34FUZJzfmjXr/w5Jbd2R+U60KsMX
PacmmVJMmrDNsiYjnUw2EY2Gfc6m4winHw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:28 2024 by rpki-client on console-fra.rpki-client.org