Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HzrtZs84-8udZ7Ff_MNwWRvpqZU.roa
File: HzrtZs84-8udZ7Ff_MNwWRvpqZU.roa (raw, json)
Hash identifier: Z9FQnJF8T4Xv4CYrR7JNxDbWlLPIU/Fd3vJALPduL5w=
Subject key identifier: 1F:3A:ED:66:CF:38:FB:CB:9D:67:B1:5F:FC:C3:70:59:1B:E9:A9:95
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018AF0E1C07AAAA7A802D63ADC9D46A92327
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HzrtZs84-8udZ7Ff_MNwWRvpqZU.roa
Signing time: Mon 02 Oct 2023 14:54:01 +0000
ROA not before: Mon 02 Oct 2023 14:54:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35196
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
45.9.73.184/32 maxlen: 32
45.9.73.179/32 maxlen: 32
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
185.87.48.18/32 maxlen: 32
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
94.142.136.67/32 maxlen: 32
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
45.9.73.236/32 maxlen: 32
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
193.124.176.0/20 maxlen: 20
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a09:5302:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:e1:c0:7a:aa:a7:a8:02:d6:3a:dc:9d:46:a9:23:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 2 14:54:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3aed66cf38fbcb9d67b15ffcc370591be9a995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:44:ef:cf:c3:93:6b:42:ce:ba:67:bb:68:
36:3b:72:a2:11:db:ca:ca:46:d7:48:80:31:13:de:
3c:8e:66:ec:cd:40:30:1c:26:1e:6e:0d:9e:d6:63:
00:2a:63:f5:99:c9:9d:0a:31:0c:e6:b4:4a:52:e8:
9a:62:14:ca:96:34:f4:03:2e:1f:bb:d3:54:59:af:
b3:95:55:71:f8:c2:11:16:45:7a:34:6d:27:5f:9b:
e8:e8:d6:d4:b7:d3:d2:0b:58:5f:c5:29:f5:58:91:
5d:cb:5a:5f:53:39:9c:d6:3e:0f:3e:86:2b:98:ed:
46:91:9e:b3:ed:a6:1c:39:7b:43:f4:34:f4:dc:4d:
96:31:1e:de:25:ad:a6:6b:18:d4:c6:20:d4:b1:18:
38:24:bf:bd:98:96:43:ef:d5:44:b2:08:79:46:c5:
06:46:c4:48:c3:35:a1:8e:54:7c:39:66:68:34:30:
c0:96:ad:d5:70:a3:9e:dd:2f:d5:bf:6b:03:2c:0b:
64:32:9a:4c:50:4f:76:2e:cd:2d:d0:c2:c5:54:4c:
2a:4e:55:c4:96:b8:9b:3a:0c:e2:bf:d6:23:a4:d9:
05:e4:36:c2:dd:f4:52:37:d9:4e:11:e6:48:03:73:
00:06:70:c1:12:f3:80:d6:19:82:cb:90:fb:38:9e:
03:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3A:ED:66:CF:38:FB:CB:9D:67:B1:5F:FC:C3:70:59:1B:E9:A9:95
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HzrtZs84-8udZ7Ff_MNwWRvpqZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
8e:24:d6:93:f4:90:4f:01:45:b4:fd:da:99:09:85:a5:75:9a:
b3:ba:09:39:9b:c2:b8:28:f8:13:41:b6:8b:0d:c5:fb:54:5d:
37:20:4a:2e:ab:d6:77:58:7f:81:f7:0e:48:bf:24:d4:6b:96:
0d:03:b2:cb:57:49:69:dd:d5:b1:36:48:23:80:d3:2b:eb:40:
88:a0:f8:1e:b8:d3:6a:da:26:48:a0:f4:8e:4d:fb:15:1a:4a:
ad:10:18:d8:84:9c:b0:d7:b5:f9:d8:68:90:82:b0:a9:3d:fc:
f5:3f:3d:46:fa:bc:23:57:b9:54:d7:89:bc:fa:29:e7:57:5e:
1d:a3:eb:77:80:50:8c:5a:08:2f:7d:2b:40:1b:83:cd:5a:29:
ba:61:29:d2:41:5e:11:74:53:a0:2c:a2:94:f7:ce:08:4b:48:
41:1a:8a:a4:b4:db:25:bd:7e:0c:8e:c5:c6:d1:56:12:2c:3b:
b1:b8:b4:e4:4c:87:e6:a3:37:af:6e:c0:51:86:ea:5a:21:4b:
79:4a:2b:55:d8:99:25:5e:96:94:ac:7e:8a:34:f3:19:30:6a:
76:2c:e0:b4:66:5a:04:2a:c9:6d:8d:58:79:78:ad:76:ce:18:
e1:07:4a:bc:7c:6e:f2:46:e4:4c:4e:b3:08:87:b7:58:b3:c2:
3f:84:29:41
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYrw4cB6qqeoAtY63J1GqSMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDAyMTQ1NDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNhZWQ2NmNmMzhmYmNiOWQ2N2IxNWZmY2MzNzA1OTFiZTlhOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgFE78/Dk2tCzrpnu2g2O3KiEdvK
ykbXSIAxE948jmbszUAwHCYebg2e1mMAKmP1mcmdCjEM5rRKUuiaYhTKljT0Ay4f
u9NUWa+zlVVx+MIRFkV6NG0nX5vo6NbUt9PSC1hfxSn1WJFdy1pfUzmc1j4PPoYr
mO1GkZ6z7aYcOXtD9DT03E2WMR7eJa2maxjUxiDUsRg4JL+9mJZD79VEsgh5RsUG
RsRIwzWhjlR8OWZoNDDAlq3VcKOe3S/Vv2sDLAtkMppMUE92Ls0t0MLFVEwqTlXE
lribOgziv9YjpNkF5DbC3fRSN9lOEeZIA3MABnDBEvOA1hmCy5D7OJ4DNQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFB867WbPOPvLnWexX/zDcFkb6amVMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSHpydFpzODQtOHVkWjdGZl9NTndXUnZwcVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDB3BAIAATBxAwUALQlJ
swMFAC0JSbgDBQAtCUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogD
BAK5BfgDBAK5OswDBAK5VzADBAG5aXQDBAK5dZgDBAK5fdgDBAK5feQDBATBfLAD
BAXCQ8ADBADDL/owMQQCAAIwKwMHACoJUwL//wMHACoKkwAQADAQAwUAKgqTAQMH
ACoKkwEAAgMFACoKkwIwDQYJKoZIhvcNAQELBQADggEBAI4k1pP0kE8BRbT92pkJ
haV1mrO6CTmbwrgo+BNBtosNxftUXTcgSi6r1ndYf4H3Dki/JNRrlg0DsstXSWnd
1bE2SCOA0yvrQIig+B6402raJkig9I5N+xUaSq0QGNiEnLDXtfnYaJCCsKk9/PU/
PUb6vCNXuVTXibz6KedXXh2j63eAUIxaCC99K0Abg81aKbphKdJBXhF0U6AsopT3
zghLSEEaiqS02yW9fgyOxcbRVhIsO7G4tORMh+ajN69uwFGG6lohS3lKK1XYmSVe
lpSsfoo08xkwanYs4LRmWgQqyW2NWHl4rXbOGOEHSrx8bvJG5ExOswiHt1izwj+E
KUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org