Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/AD2p99yqMUM5kZsMoE0po8sBgRc.roa
File: AD2p99yqMUM5kZsMoE0po8sBgRc.roa (raw, json)
Hash identifier: s6OG5SjktAHgB8qnZm+1hMcKonQaKDGdAzFbk5RiqiY=
Subject key identifier: 00:3D:A9:F7:DC:AA:31:43:39:91:9B:0C:A0:4D:29:A3:CB:01:81:17
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C5E334E94FCA391D218E1A2CBC14D3D7C
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/AD2p99yqMUM5kZsMoE0po8sBgRc.roa
Signing time: Tue 12 Dec 2023 13:24:29 +0000
ROA not before: Tue 12 Dec 2023 13:24:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 217.29.192.0/22 maxlen: 22
62.164.128.0/17 maxlen: 17
62.164.144.0/21 maxlen: 21
194.164.144.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.184.228.0/23 maxlen: 23
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
212.32.56.0/21 maxlen: 21
212.32.54.0/23 maxlen: 23
212.32.64.0/18 maxlen: 18
213.254.160.0/19 maxlen: 19
212.32.0.0/17 maxlen: 17
212.32.0.0/20 maxlen: 20
212.32.16.0/21 maxlen: 21
212.32.24.0/22 maxlen: 22
212.32.28.0/23 maxlen: 23
212.32.32.0/21 maxlen: 21
212.32.42.0/23 maxlen: 23
212.32.44.0/23 maxlen: 23
212.32.48.0/22 maxlen: 22
212.56.57.0/24 maxlen: 24
194.164.2.0/24 maxlen: 24
212.56.56.0/23 maxlen: 23
212.56.60.0/22 maxlen: 22
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
212.56.48.0/21 maxlen: 21
62.169.128.0/20 maxlen: 20
62.169.144.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
62.169.150.0/24 maxlen: 24
62.169.152.0/22 maxlen: 22
62.169.156.0/24 maxlen: 24
62.169.158.0/23 maxlen: 23
193.108.168.0/23 maxlen: 23
194.62.44.0/22 maxlen: 22
195.200.0.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:33:4e:94:fc:a3:91:d2:18:e1:a2:cb:c1:4d:3d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Dec 12 13:24:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=003da9f7dcaa314339919b0ca04d29a3cb018117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:21:d8:7f:ce:48:9e:e8:20:ad:6e:af:cd:e2:
01:3b:40:f4:74:77:16:d9:02:25:26:ab:5e:73:98:
d0:1e:c9:0b:eb:fb:35:c6:0d:d5:1c:af:19:c0:f4:
bb:8c:ec:66:69:8f:10:1f:26:cf:7a:b5:b8:55:c8:
3d:11:5e:e2:17:ec:00:bc:7e:55:46:88:87:c2:40:
b9:2b:0d:0f:67:70:64:2b:19:ed:2a:e3:34:1c:a8:
e2:0c:06:93:f1:59:6d:7b:41:3b:5d:39:f0:0e:a2:
97:e5:45:ee:d5:3b:6b:fd:74:e3:98:55:b5:f8:b9:
69:d7:84:60:91:15:92:d4:c8:bf:da:51:0d:65:15:
2e:0c:ba:a4:76:cd:ca:d8:58:93:ef:6c:29:fd:5e:
31:63:70:2d:0f:f0:98:7c:dc:97:17:c5:7c:53:b5:
13:95:47:b0:22:1f:c4:04:a8:1f:f9:1f:75:a0:9a:
f4:8c:f1:a5:d5:ff:54:bd:3b:67:b8:0d:cd:46:d7:
d3:67:e1:98:6c:19:ca:32:ba:19:24:5e:35:a5:72:
60:9d:21:b6:5a:6f:dd:0e:f2:dc:98:76:43:bf:85:
5c:79:9f:16:28:cd:74:24:bb:ab:96:5a:65:e7:b0:
f6:43:e9:23:46:ab:c6:6c:7b:e6:e6:62:ca:a9:4a:
24:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3D:A9:F7:DC:AA:31:43:39:91:9B:0C:A0:4D:29:A3:CB:01:81:17
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/AD2p99yqMUM5kZsMoE0po8sBgRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0-62.169.150.255
62.169.152.0-62.169.156.255
62.169.158.0/23
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.140.0-194.164.144.255
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.0.0/17
212.47.80.0/23
212.47.84.0/24
212.56.48.0-212.56.57.255
212.56.60.0/22
213.254.160.0/19
217.29.192.0/22
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:c2:1b:c8:34:00:8c:bd:77:7d:13:af:3e:f7:63:ba:6d:dc:
c9:20:bf:09:9f:da:9c:31:b1:cd:81:04:6d:ba:b2:dd:23:ef:
ee:ff:8a:65:63:c7:f6:60:54:56:19:ff:c0:47:e4:99:3a:45:
23:23:67:48:d8:bd:41:19:04:a8:a3:ee:7b:5c:a1:44:e2:77:
d7:e2:97:e2:83:c0:d2:d8:7e:a0:3a:1b:99:c2:aa:55:af:e3:
75:c7:98:47:b0:9e:23:15:70:f0:1d:cb:1f:aa:87:7e:eb:41:
de:a2:b3:43:1e:1a:13:56:2a:ad:b1:28:31:ca:38:44:8b:11:
f3:86:fc:bf:5b:cc:5e:1b:ee:22:05:cf:c2:c2:c5:35:53:72:
d3:d0:48:a8:bf:ae:8b:0f:47:bc:0a:3a:2a:37:42:75:8d:3d:
c0:85:42:c3:e6:33:a2:d4:59:68:e5:ae:4f:2d:4c:96:a3:ba:
84:21:50:cf:fb:65:87:38:e3:6b:46:21:b5:fa:0b:f3:03:40:
fe:ca:de:e2:07:4a:89:e0:c7:c0:b2:7e:8c:0e:6a:00:85:f2:
e1:8e:b6:a5:59:54:5c:9c:7c:24:92:32:7f:fc:b0:c2:73:0d:
41:15:73:34:53:da:1f:99:63:08:3c:fb:6d:7f:34:9c:b0:2b:
20:c5:f7:ab
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYxeM06U/KOR0hjhosvBTT18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMjEyMTMyNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNkYTlmN2RjYWEzMTQzMzk5MTliMGNhMDRkMjlhM2NiMDE4MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyHYf85InuggrW6vzeIBO0D0dHcW
2QIlJqtec5jQHskL6/s1xg3VHK8ZwPS7jOxmaY8QHybPerW4Vcg9EV7iF+wAvH5V
RoiHwkC5Kw0PZ3BkKxntKuM0HKjiDAaT8Vlte0E7XTnwDqKX5UXu1Ttr/XTjmFW1
+Llp14RgkRWS1Mi/2lENZRUuDLqkds3K2FiT72wp/V4xY3AtD/CYfNyXF8V8U7UT
lUewIh/EBKgf+R91oJr0jPGl1f9UvTtnuA3NRtfTZ+GYbBnKMroZJF41pXJgnSG2
Wm/dDvLcmHZDv4VceZ8WKM10JLurllpl57D2Q+kjRqvGbHvm5mLKqUok8wIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFAA9qffcqjFDOZGbDKBNKaPLAYEXMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvQUQycDk5eXFNVU01a1pzTW9FMHBvOHNCZ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwAwQH
PqSAMAwDBAc+qYADBAA+qZYwDAMEAz6pmAMEAD6pnAMEAT6pngMDAFY2AwQBwWyo
AwQCwj4sAwQAwqQCAwQAwqQMAwQAwqQmAwQCwqRQMAwDBADCpFUDBADCpFYwDAME
AsKkjAMEAMKkkAMEAMKk3zAMAwQAwqTnAwQAwqToAwQAwqTuMAwDBADCpPEDBALC
pPADBADCpPcDBAXDGuADBAHDuOQDBADDuOwDBADDuPUDBAXDyAADBAfUIAADBAHU
L1ADBADUL1QwDAMEBNQ4MAMEAdQ4OAMEAtQ4PAMEBdX+oAMEAtkdwAMDANmaMA0G
CSqGSIb3DQEBCwUAA4IBAQBawhvINACMvXd9E68+92O6bdzJIL8Jn9qcMbHNgQRt
urLdI+/u/4plY8f2YFRWGf/AR+SZOkUjI2dI2L1BGQSoo+57XKFE4nfX4pfig8DS
2H6gOhuZwqpVr+N1x5hHsJ4jFXDwHcsfqod+60HeorNDHhoTViqtsSgxyjhEixHz
hvy/W8xeG+4iBc/CwsU1U3LT0Eiov66LD0e8CjoqN0J1jT3AhULD5jOi1Flo5a5P
LUyWo7qEIVDP+2WHOONrRiG1+gvzA0D+yt7iB0qJ4MfAsn6MDmoAhfLhjralWVRc
nHwkkjJ//LDCcw1BFXM0U9ofmWMIPPttfzScsCsgxfer
-----END CERTIFICATE-----
Generated at Wed Dec 13 12:01:48 2023 by rpki-client on console-ams.rpki-client.org