Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/HFzFUXzerRjJLI1G2De_51wlVbw.roa
File: HFzFUXzerRjJLI1G2De_51wlVbw.roa (raw, json)
Hash identifier: +yCML7GUW5tNhTu1wc8Rw+sFRHsnzE7gbQAuYVYq3pA=
Subject key identifier: 1C:5C:C5:51:7C:DE:AD:18:C9:2C:8D:46:D8:37:BF:E7:5C:25:55:BC
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 01922F523167CAF7EB426300198913A3C6A6
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/HFzFUXzerRjJLI1G2De_51wlVbw.roa
Signing time: Thu 26 Sep 2024 17:12:48 +0000
ROA not before: Thu 26 Sep 2024 17:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
37.157.8.0/23 maxlen: 24
37.157.10.0/24 maxlen: 24
37.157.12.0/22 maxlen: 24
37.157.60.0/22 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.80.0/23 maxlen: 24
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.73.172.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
149.255.136.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
193.41.95.0/24 maxlen: 24
193.47.139.0/24 maxlen: 24
193.108.197.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
2a05:df00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Oct 2024 17:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:52:31:67:ca:f7:eb:42:63:00:19:89:13:a3:c6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Sep 26 17:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c5cc5517cdead18c92c8d46d837bfe75c2555bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:21:10:b2:6e:c8:de:f4:4e:34:71:db:98:82:
68:c0:03:09:9c:5a:53:f1:a3:57:e8:92:0c:35:81:
29:43:97:a2:85:22:b3:ff:5c:1f:21:22:cc:fc:ca:
9e:c2:80:06:89:03:7d:5e:8b:e4:a4:f4:50:33:d5:
0c:dd:a6:8c:21:b7:21:60:8b:17:da:db:8c:c2:df:
32:f0:f7:ab:9a:11:ce:20:9f:dc:e6:58:0b:8f:05:
72:98:28:9e:4e:a9:9b:74:41:82:b8:e8:c7:93:ff:
f9:e0:4f:63:4d:fa:ab:0c:62:92:db:ff:0c:a5:89:
3d:3b:37:91:d4:ab:25:60:d7:a9:25:cd:6f:f2:94:
23:3d:79:ee:2e:90:92:91:01:66:9a:a5:4f:12:81:
79:e3:3b:18:6b:91:ae:c3:07:f5:c7:39:31:b4:2a:
1d:3b:b1:73:3b:3f:d6:0d:09:88:d8:a7:d9:73:e6:
26:49:7d:15:b2:90:58:79:fa:1d:0f:4a:58:ec:1f:
13:3e:ed:e6:b7:b6:ae:d2:0f:44:c7:d4:1c:7a:73:
29:e3:77:f7:7a:92:69:ac:b3:8b:fd:0d:0d:72:95:
e7:b8:42:c3:0e:aa:33:a6:78:78:bd:34:f3:a5:3e:
f5:30:4d:ce:74:e4:0d:59:01:49:90:38:9c:6c:bc:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5C:C5:51:7C:DE:AD:18:C9:2C:8D:46:D8:37:BF:E7:5C:25:55:BC
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/HFzFUXzerRjJLI1G2De_51wlVbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
37.157.8.0-37.157.10.255
37.157.12.0/22
37.157.60.0/22
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
62.244.70.0-62.244.75.255
62.244.80.0/23
62.244.90.0-62.244.93.255
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.73.172.0/22
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
185.247.248.0/22
188.66.56.0/22
193.27.194.0/23
193.41.95.0/24
193.47.139.0/24
193.108.197.0/24
193.222.142.0/23
193.222.188.0/23
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:13:4c:cc:f2:b1:46:9a:04:2e:eb:d6:de:3f:b8:b6:eb:14:
02:76:40:52:56:9c:f8:66:c0:88:cb:a3:0b:32:db:67:07:b6:
b6:47:a2:18:15:d6:5f:9c:0a:e3:95:46:d0:4a:9d:e8:d7:e1:
eb:e2:2e:f5:cd:ec:9c:83:4b:93:af:4c:63:9b:d8:1c:30:e8:
2a:12:5f:9c:85:a4:74:52:ef:e8:e0:b7:e8:2c:0f:07:85:6a:
f8:b9:ab:ba:f7:cf:f0:53:2b:67:e6:b3:7a:28:a2:1b:af:13:
36:8c:1e:8f:84:89:3e:2a:85:72:22:c7:56:bf:a5:dd:8e:e8:
bf:24:9f:7e:3b:32:29:9c:d5:63:3f:23:d6:9e:24:dc:90:1a:
05:48:a6:d2:ac:25:c7:6c:5d:8f:4a:5f:68:df:60:3b:cb:ef:
37:12:5d:c2:1c:a6:b4:23:d5:a0:a5:86:95:11:9b:20:34:5f:
9f:df:66:f0:38:4e:bf:2f:96:d2:85:e7:27:8b:18:0d:bc:96:
e6:82:a0:86:18:07:bb:d6:b4:fe:74:61:dd:1f:52:06:31:c0:
89:71:1a:bd:3f:1a:e9:40:82:84:40:1c:1a:ad:14:19:06:be:
f1:62:ec:06:96:85:9d:03:bf:3d:c3:ef:97:38:bd:51:09:a9:
83:47:e2:4f
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgISAZIvUjFnyvfrQmMAGYkTo8amMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwOTI2MTcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVjYzU1MTdjZGVhZDE4YzkyYzhkNDZkODM3YmZlNzVjMjU1NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yEQsm7I3vRONHHbmIJowAMJnFpT
8aNX6JIMNYEpQ5eihSKz/1wfISLM/MqewoAGiQN9XovkpPRQM9UM3aaMIbchYIsX
2tuMwt8y8PermhHOIJ/c5lgLjwVymCieTqmbdEGCuOjHk//54E9jTfqrDGKS2/8M
pYk9OzeR1KslYNepJc1v8pQjPXnuLpCSkQFmmqVPEoF54zsYa5Guwwf1xzkxtCod
O7FzOz/WDQmI2KfZc+YmSX0VspBYefodD0pY7B8TPu3mt7au0g9Ex9QcenMp43f3
epJprLOL/Q0NcpXnuELDDqozpnh4vTTzpT71ME3OdOQNWQFJkDicbLw2bwIDAQAB
o4IDtDCCA7AwHQYDVR0OBBYEFBxcxVF83q0YySyNRtg3v+dcJVW8MB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvSEZ6RlVYemVyUmpKTEkxRzJEZV81MXdsVmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIByAYIKwYBBQUHAQcBAf8EggG3MIIBszCCAYQEAgABMIIB
fAMEAgW2/AMEBCUSoAMEByU6gDAMAwQDJZ0IAwQAJZ0KAwQCJZ0MAwQCJZ08AwQC
LY6sAwQCLZF8AwQELhSgAwQFPmbgMAwDBAE+9EYDBAI+9EgDBAE+9FAwDAMEAT70
WgMEAT70XAMEA09iYAMEA1EW2AMEA1tn6AMEAVvOnAMEAVvZXgMEAVvl5gMEA1w9
SAMEA15/CAMEAmdJrAMEAmdNIAMEAWflJAMEAmforAMEA21FwAMEBG3t8AMEBIB/
gAMEA5L3WAMEA5X/iAMEA7L5oAMEArkPgAMEArkqhAMEArlB4AMEArlDWAMEArlP
lAMEArlaYAMEArlfeAMEArmVCAMEArmsEAMEArnE+AMEArnMjAMEArnQ+AMEArn3
+AMEArxCOAMEAcEbwgMEAMEpXwMEAMEviwMEAMFsxQMEAcHejgMEAcHevAMEBcKx
IAMEA8PW8AMEBdQzoAMEA9VsQAMEANWXpgMEAdWXqDAMAwQA1ZerAwQE1ZegMCkE
AgACMCMDBQAqAQbYAwUDKgEHKAMFAyoDTAADBQAqA79AAwUDKgXfADANBgkqhkiG
9w0BAQsFAAOCAQEAWxNMzPKxRpoELuvW3j+4tusUAnZAUlac+GbAiMujCzLbZwe2
tkeiGBXWX5wK45VG0Eqd6Nfh6+Iu9c3snINLk69MY5vYHDDoKhJfnIWkdFLv6OC3
6CwPB4Vq+LmruvfP8FMrZ+azeiiiG68TNowej4SJPiqFciLHVr+l3Y7ovySffjsy
KZzVYz8j1p4k3JAaBUim0qwlx2xdj0pfaN9gO8vvNxJdwhymtCPVoKWGlRGbIDRf
n99m8DhOvy+W0oXnJ4sYDbyW5oKghhgHu9a0/nRh3R9SBjHAiXEavT8a6UCChEAc
Gq0UGQa+8WLsBpaFnQO/PcPvlzi9UQmpg0fiTw==
-----END CERTIFICATE-----
Generated at Tue Oct 15 20:42:51 2024 by rpki-client on console-ams.rpki-client.org