Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrKVbr7Zt_kO81FdQF_ak6K4MoU.roa
File: HrKVbr7Zt_kO81FdQF_ak6K4MoU.roa (raw, json)
Hash identifier: dA5zmn+lfXsjLDQTbCkvWW91ol0WYO6clT0PFzoq+sw=
Subject key identifier: 1E:B2:95:6E:BE:D9:B7:F9:0E:F3:51:5D:40:5F:DA:93:A2:B8:32:85
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185F315CA24CD904EF5236CB056B50EFE85
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrKVbr7Zt_kO81FdQF_ak6K4MoU.roa
Signing time: Fri 27 Jan 2023 11:56:09 +0000
ROA not before: Fri 27 Jan 2023 11:56:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31224
IP address blocks: 178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.101.0/24 maxlen: 24
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
78.25.88.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5302::/48 maxlen: 48
2a03:d000:5301::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:15:ca:24:cd:90:4e:f5:23:6c:b0:56:b5:0e:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 27 11:56:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb2956ebed9b7f90ef3515d405fda93a2b83285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e9:32:24:56:cd:f4:55:25:da:74:5e:c3:f5:
ed:f0:0d:72:34:3f:e2:6f:b1:0d:51:7b:24:48:c3:
ff:a9:9d:8a:89:0f:f2:e0:70:40:e2:fc:a5:7c:63:
ac:40:b0:89:28:9b:fe:3f:00:ac:75:60:da:dc:f2:
db:9d:10:83:e0:ca:8c:e4:e2:d9:68:88:b6:29:66:
4b:45:25:f2:06:38:5a:66:d6:e9:ee:4d:dd:87:dd:
ce:07:d3:0d:5c:4f:f3:2a:b7:41:4b:13:f1:c7:99:
50:dd:78:97:41:7d:b2:4f:d6:bd:f9:75:3c:26:1f:
fd:9b:6a:90:be:55:55:2b:7f:1f:4d:f6:4a:7a:19:
ec:97:b0:d4:8c:e4:6f:8b:8a:b7:1d:7a:89:bd:e4:
a4:33:1b:d5:6c:4e:26:d0:7a:d6:d3:71:47:2d:2d:
76:91:94:ce:a9:2e:f1:dc:1a:41:73:cd:a7:c2:7f:
81:dd:ad:e0:b2:de:76:2f:71:99:60:c3:28:d1:4a:
82:31:13:27:75:ea:bf:b0:fe:6d:86:43:a1:ba:46:
92:1c:90:1b:db:70:c4:c7:cd:7a:66:fd:63:f4:43:
d8:fd:f6:c3:f1:68:54:96:30:dd:0d:ee:f5:8a:b3:
e0:93:28:82:f9:0a:69:d2:d2:49:32:9c:f2:88:ce:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B2:95:6E:BE:D9:B7:F9:0E:F3:51:5D:40:5F:DA:93:A2:B8:32:85
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrKVbr7Zt_kO81FdQF_ak6K4MoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
IPv6:
2a03:d000:5000::/39
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:26:60:91:2e:12:a0:bd:29:a4:dd:fa:a5:0c:8c:86:14:47:
32:98:01:b0:06:2d:4d:3c:03:ac:b9:46:63:c5:65:28:ff:51:
a6:5e:70:f1:c2:41:2f:7f:27:31:49:5c:4c:23:c9:21:be:1f:
0a:8f:65:4a:2e:e0:e8:42:1e:94:74:fb:ba:df:f3:d7:71:13:
e9:92:38:4f:8f:f0:5f:47:38:93:43:9a:9f:3e:33:82:c2:cf:
2c:1c:d7:59:48:b3:b0:60:09:0e:c4:a2:3b:2e:f8:97:0e:8b:
ca:0f:05:db:6c:6a:85:c4:7b:3e:62:ed:92:b6:a3:97:29:27:
09:f5:05:4d:cc:5a:16:9c:e7:05:65:bf:2b:14:19:3f:b7:1b:
9b:80:ab:71:2a:6a:b7:08:3f:3d:d3:e9:38:59:35:58:24:88:
e5:f0:ec:32:36:8e:71:11:0a:0e:0e:e4:91:e5:2c:5a:c0:16:
c1:99:aa:9e:99:97:44:fc:c9:7a:12:c5:60:58:da:8d:10:d5:
d9:4a:2c:a0:53:c7:89:d8:30:b8:5e:02:78:c1:8f:d5:07:ee:
0e:87:2c:4f:58:79:79:29:ea:71:f5:84:12:c8:7b:3a:07:fa:
de:91:47:f0:71:e3:14:f9:3c:2c:53:88:2f:e1:bd:ee:a2:41:
2c:30:b6:e1
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYXzFcokzZBO9SNssFa1Dv6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI3MTE1NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIyOTU2ZWJlZDliN2Y5MGVmMzUxNWQ0MDVmZGE5M2EyYjgzMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwukyJFbN9FUl2nRew/Xt8A1yND/i
b7ENUXskSMP/qZ2KiQ/y4HBA4vylfGOsQLCJKJv+PwCsdWDa3PLbnRCD4MqM5OLZ
aIi2KWZLRSXyBjhaZtbp7k3dh93OB9MNXE/zKrdBSxPxx5lQ3XiXQX2yT9a9+XU8
Jh/9m2qQvlVVK38fTfZKehnsl7DUjORvi4q3HXqJveSkMxvVbE4m0HrW03FHLS12
kZTOqS7x3BpBc82nwn+B3a3gst52L3GZYMMo0UqCMRMndeq/sP5thkOhukaSHJAb
23DEx816Zv1j9EPY/fbD8WhUljDdDe71irPgkyiC+Qpp0tJJMpzyiM7RWQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFB6ylW6+2bf5DvNRXUBf2pOiuDKFMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSHJLVmJyN1p0X2tPODFGZFFGX2FrNks0TW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBeBAIAATBYAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDAiBAIAAjAcAwYBKgPQ
AFAwEgMHACoD0ABTAQMHACoD0ABTAjANBgkqhkiG9w0BAQsFAAOCAQEAHiZgkS4S
oL0ppN36pQyMhhRHMpgBsAYtTTwDrLlGY8VlKP9Rpl5w8cJBL38nMUlcTCPJIb4f
Co9lSi7g6EIelHT7ut/z13ET6ZI4T4/wX0c4k0Oanz4zgsLPLBzXWUizsGAJDsSi
Oy74lw6Lyg8F22xqhcR7PmLtkrajlyknCfUFTcxaFpznBWW/KxQZP7cbm4CrcSpq
twg/PdPpOFk1WCSI5fDsMjaOcREKDg7kkeUsWsAWwZmqnpmXRPzJehLFYFjajRDV
2UosoFPHidgwuF4CeMGP1QfuDocsT1h5eSnqcfWEEsh7Ogf63pFH8HHjFPk8LFOI
L+G97qJBLDC24Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org