Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/H-xrtX4EAci3mQf1cxbRNrUePbU.roa
File: H-xrtX4EAci3mQf1cxbRNrUePbU.roa (raw, json)
Hash identifier: g0HcC604p5cpgrLy6y16mbFtyIvvK+VWqEU1wQwfCEM=
Subject key identifier: 1F:EC:6B:B5:7E:04:01:C8:B7:99:07:F5:73:16:D1:36:B5:1E:3D:B5
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 01856CB834A755511A154B97F4FCEEEEF270
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/H-xrtX4EAci3mQf1cxbRNrUePbU.roa
Signing time: Sun 01 Jan 2023 09:44:49 +0000
ROA not before: Sun 01 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 45.11.58.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
45.11.56.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
176.119.24.0/24 maxlen: 24
176.119.25.0/24 maxlen: 24
176.119.26.0/24 maxlen: 24
176.119.26.0/23 maxlen: 23
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
176.119.29.0/24 maxlen: 24
176.119.27.0/24 maxlen: 24
176.119.28.0/24 maxlen: 24
95.214.233.0/24 maxlen: 24
95.214.232.0/24 maxlen: 24
95.214.234.0/23 maxlen: 23
45.134.172.0/22 maxlen: 24
152.89.63.0/24 maxlen: 24
152.89.61.0/24 maxlen: 24
152.89.62.0/24 maxlen: 24
152.89.60.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.1.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
31.42.187.0/24 maxlen: 24
185.66.88.0/23 maxlen: 23
185.66.90.0/24 maxlen: 24
185.66.91.0/24 maxlen: 24
194.42.204.0/22 maxlen: 22
62.182.80.0/23 maxlen: 23
62.182.85.0/24 maxlen: 24
62.182.84.0/24 maxlen: 24
62.182.82.0/23 maxlen: 23
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
185.254.196.0/23 maxlen: 23
62.182.87.0/24 maxlen: 24
62.182.86.0/24 maxlen: 24
31.42.186.0/24 maxlen: 24
31.42.184.0/23 maxlen: 23
2a09:2dc0::/29 maxlen: 29
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 18 Mar 2023 14:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:34:a7:55:51:1a:15:4b:97:f4:fc:ee:ee:f2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 1 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fec6bb57e0401c8b79907f57316d136b51e3db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:73:4c:22:06:52:bf:93:c0:7e:92:56:35:55:
bb:d4:94:17:c8:86:a4:90:23:26:a8:4e:11:a6:02:
e8:da:95:20:0c:31:f0:7f:63:8f:cd:4d:30:4d:54:
74:62:c0:8d:48:bd:06:87:c7:b5:3a:3d:78:8c:09:
99:05:7a:00:f9:06:70:d8:29:d6:10:db:54:58:c0:
de:85:39:4a:70:1f:ee:41:6c:d1:a7:9b:53:88:af:
69:0b:2a:a4:c2:d0:10:bd:fe:f4:51:ad:39:2e:5d:
2b:29:e2:55:62:fe:51:9c:0c:37:f0:a9:16:cb:a1:
54:75:32:9c:b7:a1:5c:23:51:4a:7a:38:c3:f0:00:
37:18:e1:00:b7:0a:66:6e:b2:25:f9:39:0d:53:2e:
77:4f:60:8f:2c:b7:45:23:cc:b6:ec:69:b0:c8:32:
99:23:b6:c5:e0:47:94:e8:6d:9f:e1:b9:be:f2:75:
e6:fd:03:a4:74:01:f7:c7:72:27:0c:09:02:38:99:
c9:af:2c:fc:8d:ac:6f:36:4c:7c:f3:b3:ce:e5:1b:
95:d8:0f:46:27:9c:36:5a:66:a7:36:d7:82:f9:3a:
f8:5d:20:e6:91:da:d5:d8:63:fe:e6:28:c5:35:48:
75:30:55:fd:4a:e1:40:c9:83:bf:12:78:75:ca:a7:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EC:6B:B5:7E:04:01:C8:B7:99:07:F5:73:16:D1:36:B5:1E:3D:B5
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/H-xrtX4EAci3mQf1cxbRNrUePbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
91.208.115.0/24
95.214.232.0/22
152.89.60.0/22
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.66.210.0/24
IPv6:
2a09:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:a4:20:9e:d2:fd:d7:2b:d7:3b:26:f9:81:36:b3:90:0b:56:
9e:fe:23:55:90:8a:d4:5b:ec:64:2b:18:74:50:f1:05:91:b8:
b3:d4:40:ff:c3:8f:aa:fc:fe:bd:2a:a9:57:83:0b:5b:fc:37:
1c:df:20:98:fc:f1:4c:c1:92:13:08:68:dc:24:fa:2a:49:23:
cc:37:4f:12:a0:c0:6b:0c:9e:e2:14:58:97:de:47:8b:6c:01:
cb:2c:96:78:5f:9f:a8:86:18:17:cc:67:dd:ca:a0:de:34:6c:
2d:88:b9:d4:fa:51:21:79:74:30:58:cf:ca:41:48:3e:9b:ec:
8b:47:68:9d:92:d6:61:55:3b:1d:c1:fa:9f:69:ac:06:67:01:
cd:c3:47:35:73:74:b9:2b:0f:08:ca:ac:1f:5c:0d:cb:57:3d:
21:c7:9c:6d:ad:4c:46:a4:5a:28:df:93:d4:43:31:20:ea:a3:
a0:aa:8d:21:2c:28:4b:b5:f0:a6:1e:d9:38:45:e5:57:90:c1:
1a:81:b1:4c:da:42:5c:a5:53:c1:1f:07:65:c3:5e:be:dc:df:
05:c3:8c:3f:d6:5c:64:ef:0d:7c:78:a2:24:c2:76:6c:38:1c:
7a:04:3f:70:28:b9:bd:67:b1:23:0d:80:00:b4:24:20:54:31:
42:77:a6:3c
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVsuDSnVVEaFUuX9Pzu7vJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMwMTAxMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVjNmJiNTdlMDQwMWM4Yjc5OTA3ZjU3MzE2ZDEzNmI1MWUzZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXNMIgZSv5PAfpJWNVW71JQXyIak
kCMmqE4RpgLo2pUgDDHwf2OPzU0wTVR0YsCNSL0Gh8e1Oj14jAmZBXoA+QZw2CnW
ENtUWMDehTlKcB/uQWzRp5tTiK9pCyqkwtAQvf70Ua05Ll0rKeJVYv5RnAw38KkW
y6FUdTKct6FcI1FKejjD8AA3GOEAtwpmbrIl+TkNUy53T2CPLLdFI8y27GmwyDKZ
I7bF4EeU6G2f4bm+8nXm/QOkdAH3x3InDAkCOJnJryz8jaxvNkx887PO5RuV2A9G
J5w2WmanNteC+Tr4XSDmkdrV2GP+5ijFNUh1MFX9SuFAyYO/Enh1yqfcBwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFB/sa7V+BAHIt5kH9XMW0Ta1Hj21MB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvSC14cnRYNEVBY2kzbVFmMWN4YlJOclVlUGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCHyq4AwQC
LQs4AwQCLQwAAwQCLYasAwQDPrZQAwQAW9BzAwQCX9boAwQCmFk8AwQDsHcYAwQC
uUJYAwQCuf7EAwQAwRe1AwQCwirMAwQAw0LSMA0EAgACMAcDBQMqCS3AMA0GCSqG
SIb3DQEBCwUAA4IBAQBqpCCe0v3XK9c7JvmBNrOQC1ae/iNVkIrUW+xkKxh0UPEF
kbiz1ED/w4+q/P69KqlXgwtb/Dcc3yCY/PFMwZITCGjcJPoqSSPMN08SoMBrDJ7i
FFiX3keLbAHLLJZ4X5+ohhgXzGfdyqDeNGwtiLnU+lEheXQwWM/KQUg+m+yLR2id
ktZhVTsdwfqfaawGZwHNw0c1c3S5Kw8IyqwfXA3LVz0hx5xtrUxGpFoo35PUQzEg
6qOgqo0hLChLtfCmHtk4ReVXkMEagbFM2kJcpVPBHwdlw16+3N8Fw4w/1lxk7w18
eKIkwnZsOBx6BD9wKLm9Z7EjDYAAtCQgVDFCd6Y8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org