Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HPb8-HENlyjcPoJSJPIw3kxRk5I.roa
File: HPb8-HENlyjcPoJSJPIw3kxRk5I.roa (raw, json)
Hash identifier: XryvIcuHXaco/Q0oQ6QtcfNHjIphZXYFXihc6ZRW684=
Subject key identifier: 1C:F6:FC:F8:71:0D:97:28:DC:3E:82:52:24:F2:30:DE:4C:51:93:92
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01875C74AB24DF10825F84C6305CEE6FD1C3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HPb8-HENlyjcPoJSJPIw3kxRk5I.roa
Signing time: Fri 07 Apr 2023 16:02:42 +0000
ROA not before: Fri 07 Apr 2023 16:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
185.255.132.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.195.24.0/24 maxlen: 24
185.195.27.0/24 maxlen: 24
185.195.25.0/24 maxlen: 24
185.195.26.0/24 maxlen: 24
185.204.0.0/24 maxlen: 24
185.204.2.0/24 maxlen: 24
185.204.3.0/24 maxlen: 24
139.28.223.0/24 maxlen: 24
139.28.222.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
185.180.231.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
195.66.114.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
185.139.69.0/24 maxlen: 24
185.139.71.0/24 maxlen: 24
185.139.68.0/24 maxlen: 24
185.139.70.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
185.212.148.0/24 maxlen: 24
185.188.183.0/24 maxlen: 24
185.188.182.0/24 maxlen: 24
185.17.3.0/24 maxlen: 24
147.78.64.0/24 maxlen: 24
147.78.66.0/24 maxlen: 24
147.78.65.0/24 maxlen: 24
147.78.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
185.104.249.0/24 maxlen: 24
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5c:74:ab:24:df:10:82:5f:84:c6:30:5c:ee:6f:d1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Apr 7 16:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cf6fcf8710d9728dc3e825224f230de4c519392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9e:19:37:49:6c:eb:03:ce:98:c4:f5:50:b0:
e8:10:57:61:47:5e:3f:ee:7a:49:7e:1c:80:6c:37:
4a:9b:04:14:26:36:9e:4a:45:a6:f8:95:27:b2:9e:
fe:33:00:5a:8e:e1:af:8a:14:9d:0a:f3:51:59:5d:
2e:5e:24:23:9e:f9:05:38:30:95:ce:8e:4d:57:9e:
f9:14:d2:f8:b7:04:f5:17:c8:15:48:b6:8a:3f:58:
47:94:cb:a1:8c:11:eb:52:07:67:25:4e:13:ac:f8:
b1:e8:68:ca:bf:b9:e8:f6:28:4b:df:ab:50:d1:75:
39:41:d3:99:cc:19:00:02:19:0e:15:2c:c9:04:11:
73:26:8d:bd:af:46:07:a8:f9:d7:64:ab:49:b5:e1:
d9:c5:c7:24:de:32:0b:43:51:81:d6:e3:6d:3e:a0:
3c:fd:04:49:4b:84:9c:86:d4:48:b2:d0:64:38:9f:
ba:c2:2b:90:ae:83:93:01:69:e8:2e:d4:31:b6:4c:
26:c1:a4:ad:6e:7d:3a:1a:be:d6:4f:1b:f0:80:c7:
06:2e:ba:2e:66:2f:1d:ab:50:5a:cf:5b:11:52:a2:
cc:21:ca:17:a2:54:56:df:a2:58:75:80:51:2a:d6:
78:67:30:80:33:65:71:db:9d:0a:51:61:c7:c8:7b:
ab:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F6:FC:F8:71:0D:97:28:DC:3E:82:52:24:F2:30:DE:4C:51:93:92
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HPb8-HENlyjcPoJSJPIw3kxRk5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
139.28.222.0/23
147.78.64.0/22
185.17.3.0/24
185.104.249.0/24
185.139.68.0/22
185.180.230.0/23
185.188.182.0/23
185.195.24.0/22
185.204.0.0/24
185.204.2.0/23
185.212.148.0/24
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
193.109.78.0/23
195.66.114.0/24
IPv6:
2a04:5200:ff00::/48
2a04:5200:ff10::/48
2a04:5200:fff1::-2a04:5200:fff9:ffff:ffff:ffff:ffff:ffff
2a04:5200:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
b4:e7:b8:2f:08:8d:f1:92:af:08:8b:93:28:06:01:c2:e2:9e:
7c:31:06:3e:6d:2d:a1:4b:6a:d9:e8:57:38:9d:b9:fc:e7:95:
bc:f3:02:88:54:43:d0:bb:e4:55:2d:f5:da:f3:c2:4b:98:cf:
a8:45:08:89:bc:c3:54:e2:ee:66:a9:9a:68:62:a8:00:8f:3e:
eb:97:9e:c0:3d:d1:5f:c4:bf:92:98:d2:7c:7c:e3:7f:72:ad:
11:e9:a4:c2:ac:37:61:33:57:08:5c:66:6a:53:57:92:09:41:
01:12:05:e2:e5:34:eb:46:bb:a2:a7:85:2f:ca:b3:98:2f:88:
79:6f:4a:16:17:87:92:6a:ae:57:5d:07:0a:8a:a9:fb:10:1f:
12:6c:f2:f3:1b:03:e5:14:09:d9:e5:c0:32:42:d9:50:c1:9a:
82:90:47:85:ec:42:23:78:02:9e:3c:96:7d:8e:bf:56:ca:f9:
15:dc:15:ca:89:30:a8:b5:9f:d0:ec:35:c5:f5:8f:91:dd:95:
f5:8f:0e:03:2d:30:01:57:0d:5d:74:f3:5a:15:74:e9:0b:ac:
a5:dc:bf:01:38:0c:a3:8f:07:07:03:da:ab:30:b6:f1:07:6c:
82:c0:05:20:5d:e3:64:31:4c:cf:cf:c6:bc:37:0d:93:19:80:
56:b2:e7:6a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYdcdKsk3xCCX4TGMFzub9HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNDA3MTYwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y2ZmNmODcxMGQ5NzI4ZGMzZTgyNTIyNGYyMzBkZTRjNTE5MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp4ZN0ls6wPOmMT1ULDoEFdhR14/
7npJfhyAbDdKmwQUJjaeSkWm+JUnsp7+MwBajuGvihSdCvNRWV0uXiQjnvkFODCV
zo5NV575FNL4twT1F8gVSLaKP1hHlMuhjBHrUgdnJU4TrPix6GjKv7no9ihL36tQ
0XU5QdOZzBkAAhkOFSzJBBFzJo29r0YHqPnXZKtJteHZxcck3jILQ1GB1uNtPqA8
/QRJS4SchtRIstBkOJ+6wiuQroOTAWnoLtQxtkwmwaStbn06Gr7WTxvwgMcGLrou
Zi8dq1Baz1sRUqLMIcoXolRW36JYdYBRKtZ4ZzCAM2Vx250KUWHHyHurgQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBz2/PhxDZco3D6CUiTyMN5MUZOSMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSFBiOC1IRU5seWpjUG9KU0pQSXcza3hSazVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB4BAIAATByAwQCLZBA
AwQALhFoAwQAW9lRAwQBixzeAwQCk05AAwQAuREDAwQAuWj5AwQCuYtEAwQBubTm
AwQBuby2AwQCucMYAwQAucwAAwQBucwCAwQAudSUAwQBufSsAwQBufySAwQCuf+E
AwQBwW1OAwQAw0JyMDUEAgACMC8DBwAqBFIA/wADBwAqBFIA/xAwEgMHACoEUgD/
8QMHASoEUgD/+AMHACoEUgD//zANBgkqhkiG9w0BAQsFAAOCAQEAtOe4LwiN8ZKv
CIuTKAYBwuKefDEGPm0toUtq2ehXOJ25/OeVvPMCiFRD0LvkVS312vPCS5jPqEUI
ibzDVOLuZqmaaGKoAI8+65eewD3RX8S/kpjSfHzjf3KtEemkwqw3YTNXCFxmalNX
kglBARIF4uU060a7oqeFL8qzmC+IeW9KFheHkmquV10HCoqp+xAfEmzy8xsD5RQJ
2eXAMkLZUMGagpBHhexCI3gCnjyWfY6/Vsr5FdwVyokwqLWf0Ow1xfWPkd2V9Y8O
Ay0wAVcNXXTzWhV06Quspdy/ATgMo48HBwPaqzC28QdsgsAFIF3jZDFMz8/GvDcN
kxmAVrLnag==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:23 2024 by rpki-client on console-ams.rpki-client.org