Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/hcLvdWMsNfMRBzlQfOnFylHYp88.roa
File: hcLvdWMsNfMRBzlQfOnFylHYp88.roa (raw, json)
Hash identifier: ELLYAm6PysdRGDvQTR16ftC8LV0xWbXpeg5HuooAZd0=
Subject key identifier: 85:C2:EF:75:63:2C:35:F3:11:07:39:50:7C:E9:C5:CA:51:D8:A7:CF
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018CA4FE9A7542E7A98D8D6CB51EF22F337B
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/hcLvdWMsNfMRBzlQfOnFylHYp88.roa
Signing time: Tue 26 Dec 2023 07:19:58 +0000
ROA not before: Tue 26 Dec 2023 07:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8895
IP address blocks: 212.26.37.0/24 maxlen: 24
212.26.36.0/24 maxlen: 24
212.26.38.0/24 maxlen: 25
212.26.41.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.39.0/24 maxlen: 25
212.26.43.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.46.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.51.0/24 maxlen: 24
212.26.50.0/24 maxlen: 24
212.26.54.0/24 maxlen: 24
212.26.53.0/24 maxlen: 24
212.26.52.0/24 maxlen: 24
212.26.58.0/24 maxlen: 24
212.26.56.0/24 maxlen: 24
212.26.60.0/24 maxlen: 24
212.26.64.0/24 maxlen: 24
212.26.63.0/24 maxlen: 24
212.26.65.0/24 maxlen: 24
212.26.68.0/23 maxlen: 24
212.26.71.0/24 maxlen: 24
212.26.74.0/24 maxlen: 25
212.26.78.0/24 maxlen: 24
212.26.72.0/24 maxlen: 24
212.26.0.0/17 maxlen: 17
212.26.6.0/23 maxlen: 24
212.26.8.0/24 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.138.250.0/24 maxlen: 24
212.138.83.0/24 maxlen: 24
212.138.82.0/24 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.84.0/23 maxlen: 24
212.138.86.0/24 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.92.0/24 maxlen: 24
212.138.96.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.98.0/23 maxlen: 23
212.138.97.0/24 maxlen: 24
212.138.104.0/24 maxlen: 25
212.138.108.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.127.0/24 maxlen: 25
212.138.126.0/24 maxlen: 25
212.138.130.0/24 maxlen: 24
212.138.41.0/24 maxlen: 25
212.138.43.0/24 maxlen: 24
212.138.42.0/24 maxlen: 25
212.138.52.0/22 maxlen: 24
212.138.56.0/21 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.187.0/24 maxlen: 24
212.138.190.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.155.0/24 maxlen: 25
212.138.153.0/24 maxlen: 24
212.138.157.0/24 maxlen: 24
212.138.166.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.162.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.172.0/24 maxlen: 24
212.138.170.0/24 maxlen: 25
212.138.176.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.177.0/24 maxlen: 24
212.138.183.0/24 maxlen: 25
212.138.181.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.0.0/16 maxlen: 16
91.229.52.0/22 maxlen: 22
2001:1490:1::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:110:8000::/49 maxlen: 49
2001:1490::/48 maxlen: 48
2001:1490:111::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
2001:1490::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Dec 2023 07:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a4:fe:9a:75:42:e7:a9:8d:8d:6c:b5:1e:f2:2f:33:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Dec 26 07:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85c2ef75632c35f3110739507ce9c5ca51d8a7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:b3:2a:13:9d:b1:a3:72:37:f2:fb:8e:b5:
14:aa:9d:93:a7:d6:73:d9:bf:27:63:1b:72:81:37:
79:24:b0:2f:af:f5:e3:7f:59:12:83:3d:cc:4f:10:
14:ed:ea:52:61:c9:4a:4a:3b:7f:14:bf:8a:a3:67:
0a:0d:02:7d:ee:6b:6f:21:d3:aa:7f:f0:2c:ce:b7:
eb:fd:8f:07:45:c1:f8:6f:8b:1f:7a:d0:ce:20:02:
40:64:91:a5:17:1e:c9:69:df:2d:c0:d1:b8:1e:32:
7d:97:0c:5e:83:f3:d2:cd:3e:0f:71:c7:52:5f:64:
1a:21:c7:1b:49:b3:02:82:90:9b:77:ef:17:c8:85:
65:73:4b:1a:c7:4c:82:d7:f4:ca:a6:bb:a4:83:f5:
fc:7c:75:90:fc:52:db:f8:c5:b2:fa:4c:b1:c2:a5:
0e:78:46:9e:9a:be:a1:94:43:4a:8d:d9:55:f7:7e:
f0:28:95:5b:4a:b5:75:56:0d:3a:7c:39:2d:cd:9e:
65:74:98:57:98:78:83:68:e5:7d:83:2e:b4:2e:e9:
20:03:97:66:b4:fa:8f:4e:04:8f:04:7f:03:6d:b0:
8d:1d:8e:cb:e6:de:48:de:18:0b:02:6e:0f:ca:d1:
79:88:35:c4:2f:75:fb:9b:f5:82:2f:32:df:03:f3:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C2:EF:75:63:2C:35:F3:11:07:39:50:7C:E9:C5:CA:51:D8:A7:CF
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/hcLvdWMsNfMRBzlQfOnFylHYp88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.52.0/22
212.26.0.0/17
212.138.0.0/16
IPv6:
2001:1490::/32
Signature Algorithm: sha256WithRSAEncryption
a1:2e:8a:2e:ea:e4:0e:c5:56:53:73:6a:41:d2:6f:e5:40:64:
ac:9f:3d:c1:27:cb:6e:c4:1b:aa:fc:64:2e:a8:6c:af:09:5f:
0c:80:1d:e7:62:65:15:42:62:da:5b:82:2f:89:dd:06:40:d0:
58:62:40:b1:fb:ca:32:c0:ea:14:a9:61:a8:31:bd:36:1f:d1:
95:94:54:a8:2f:a4:10:d3:3c:57:6f:2b:a1:2e:b0:de:86:84:
13:06:84:9d:0b:43:be:9c:e2:10:c8:bd:d6:71:82:41:e1:ac:
da:4f:29:f2:7b:a6:de:d4:90:b5:a2:9e:60:cb:61:35:d0:99:
9f:99:4c:7e:fd:22:14:18:9f:fd:66:4f:3f:c1:dc:1e:1d:8c:
a2:b0:ad:32:aa:e7:74:a3:13:05:12:f3:07:12:ab:c5:73:6b:
d2:9a:da:13:54:90:d4:f6:81:30:8c:64:f6:ab:89:3a:e5:46:
78:d7:c1:1d:3a:2a:99:6d:10:f9:4a:87:06:23:82:ee:dd:71:
64:c9:14:cf:18:98:c6:d6:c3:0e:d8:e8:14:2e:4b:b3:88:7a:
be:70:6b:9e:a1:cb:50:60:c8:fb:bf:ea:e8:20:32:85:eb:32:
e1:4c:18:fe:c4:af:67:c4:59:35:b5:21:e1:79:4c:c1:c5:a5:
67:0d:91:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYyk/pp1QuepjY1stR7yLzN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMxMjI2MDcxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWMyZWY3NTYzMmMzNWYzMTEwNzM5NTA3Y2U5YzVjYTUxZDhhN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne6zKhOdsaNyN/L7jrUUqp2Tp9Zz
2b8nYxtygTd5JLAvr/Xjf1kSgz3MTxAU7epSYclKSjt/FL+Ko2cKDQJ97mtvIdOq
f/Aszrfr/Y8HRcH4b4sfetDOIAJAZJGlFx7Jad8twNG4HjJ9lwxeg/PSzT4PccdS
X2QaIccbSbMCgpCbd+8XyIVlc0sax0yC1/TKprukg/X8fHWQ/FLb+MWy+kyxwqUO
eEaemr6hlENKjdlV937wKJVbSrV1Vg06fDktzZ5ldJhXmHiDaOV9gy60LukgA5dm
tPqPTgSPBH8DbbCNHY7L5t5I3hgLAm4PytF5iDXEL3X7m/WCLzLfA/P3wwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIXC73VjLDXzEQc5UHzpxcpR2KfPMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvaGNMdmRXTXNOZk1SQnpsUWZPbkZ5bEhZcDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCW+U0AwQH
1BoAAwMA1IowDQQCAAIwBwMFACABFJAwDQYJKoZIhvcNAQELBQADggEBAKEuii7q
5A7FVlNzakHSb+VAZKyfPcEny27EG6r8ZC6obK8JXwyAHediZRVCYtpbgi+J3QZA
0FhiQLH7yjLA6hSpYagxvTYf0ZWUVKgvpBDTPFdvK6EusN6GhBMGhJ0LQ76c4hDI
vdZxgkHhrNpPKfJ7pt7UkLWinmDLYTXQmZ+ZTH79IhQYn/1mTz/B3B4djKKwrTKq
53SjEwUS8wcSq8Vza9Ka2hNUkNT2gTCMZPariTrlRnjXwR06KpltEPlKhwYjgu7d
cWTJFM8YmMbWww7Y6BQuS7OIer5wa56hy1BgyPu/6uggMoXrMuFMGP7Er2fEWTW1
IeF5TMHFpWcNkUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org