Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/JJhsVlA_LyjOQQ8Qpegju-5mzEc.roa
File: JJhsVlA_LyjOQQ8Qpegju-5mzEc.roa (raw, json)
Hash identifier: eTb1A15tQqP8Wc/lUPIekvGdC/CxLNBn2499XlpTnzw=
Subject key identifier: 24:98:6C:56:50:3F:2F:28:CE:41:0F:10:A5:E8:23:BB:EE:66:CC:47
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018DA366D4F371819318FBAA1600DA4F8273
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/JJhsVlA_LyjOQQ8Qpegju-5mzEc.roa
Signing time: Tue 13 Feb 2024 16:57:21 +0000
ROA not before: Tue 13 Feb 2024 16:57:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
62.169.150.0/24 maxlen: 24
62.169.154.0/24 maxlen: 24
62.169.156.0/24 maxlen: 24
86.54.0.0/16 maxlen: 16
193.108.169.0/24 maxlen: 24
194.62.44.0/22 maxlen: 22
194.164.2.0/24 maxlen: 24
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.100.0/24 maxlen: 24
194.164.104.0/24 maxlen: 24
194.164.106.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.144.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.26.228.0/24 maxlen: 24
195.26.236.0/24 maxlen: 24
195.184.228.0/23 maxlen: 23
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
195.200.0.0/19 maxlen: 19
195.200.22.0/24 maxlen: 24
195.200.27.0/24 maxlen: 24
212.32.28.0/24 maxlen: 24
212.32.42.0/24 maxlen: 24
212.32.44.0/23 maxlen: 23
212.32.44.0/24 maxlen: 24
212.32.55.0/24 maxlen: 24
212.32.66.0/24 maxlen: 24
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
212.56.57.0/24 maxlen: 24
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
217.154.12.0/24 maxlen: 24
217.154.25.0/24 maxlen: 24
217.154.30.0/24 maxlen: 24
217.154.31.0/24 maxlen: 24
217.154.39.0/24 maxlen: 24
217.154.46.0/24 maxlen: 24
217.154.49.0/24 maxlen: 24
217.154.72.0/23 maxlen: 23
217.154.90.0/24 maxlen: 24
217.154.96.0/24 maxlen: 24
217.154.103.0/24 maxlen: 24
217.154.104.0/24 maxlen: 24
217.154.109.0/24 maxlen: 24
217.154.110.0/23 maxlen: 23
217.154.122.0/23 maxlen: 23
217.154.127.0/24 maxlen: 24
217.154.132.0/22 maxlen: 22
217.154.137.0/24 maxlen: 24
217.154.138.0/24 maxlen: 24
217.154.141.0/24 maxlen: 24
217.154.151.0/24 maxlen: 24
217.154.157.0/24 maxlen: 24
217.154.158.0/24 maxlen: 24
217.154.176.0/24 maxlen: 24
217.154.187.0/24 maxlen: 24
217.154.209.0/24 maxlen: 24
217.154.219.0/24 maxlen: 24
217.154.221.0/24 maxlen: 24
217.154.230.0/24 maxlen: 24
217.154.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 13:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:66:d4:f3:71:81:93:18:fb:aa:16:00:da:4f:82:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 13 16:57:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24986c56503f2f28ce410f10a5e823bbee66cc47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ff:00:e6:72:ba:52:04:68:33:12:eb:a9:b9:
85:bc:2b:05:85:7d:6a:37:d2:07:d5:71:5c:82:c3:
90:b0:a7:be:5f:43:85:dd:3d:bd:12:8c:b4:5b:9f:
e7:2e:0f:ff:ec:04:1b:44:b0:c7:69:d6:e4:f9:e4:
5e:e9:ef:ba:90:7b:90:8b:d3:72:d1:24:16:8c:9d:
e7:d9:6d:c1:0f:af:a4:eb:64:5a:d4:40:5f:88:fd:
39:a4:58:87:2c:46:30:a4:7b:56:99:05:77:9a:de:
7b:38:0d:50:1a:14:8a:80:53:91:72:d2:f0:cd:6c:
4d:5e:f6:d2:7e:a6:ec:f5:b9:54:88:82:14:db:c3:
f3:f7:ea:77:fe:39:d1:9c:ee:55:5d:16:59:a3:11:
8e:ba:77:57:3a:c6:32:73:fa:07:dd:06:b8:44:87:
33:db:ec:9e:0d:f5:b8:30:31:fe:f6:e2:28:5d:09:
75:b7:dc:7f:61:7e:cf:a2:3f:f8:99:f7:17:c4:36:
ec:71:52:ba:1e:38:51:9d:f2:15:cc:e9:24:cd:9d:
86:b1:89:00:8b:44:41:35:b3:64:60:19:6b:09:6e:
54:d8:af:99:85:0d:21:fd:a0:f8:74:03:1e:36:a1:
d1:7d:21:2c:7c:72:99:3d:97:0a:5c:d3:e5:9c:51:
d0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:98:6C:56:50:3F:2F:28:CE:41:0F:10:A5:E8:23:BB:EE:66:CC:47
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/JJhsVlA_LyjOQQ8Qpegju-5mzEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
62.169.150.0/24
62.169.154.0/24
62.169.156.0/24
86.54.0.0/16
193.108.169.0/24
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.97.0/24
194.164.100.0/24
194.164.104.0/24
194.164.106.0/24
194.164.114.0/24
194.164.140.0-194.164.144.255
194.164.181.0/24
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.28.0/24
212.32.42.0/24
212.32.44.0/23
212.32.55.0/24
212.32.66.0/24
212.47.80.0/23
212.47.84.0/24
212.56.57.0/24
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:3d:06:98:1d:32:02:50:62:3d:ba:8f:21:b9:b9:4b:2c:39:
32:c9:09:40:b3:c2:13:b3:6f:6a:dd:98:eb:8a:2f:93:4a:7a:
29:9c:59:65:25:2d:d3:61:ad:db:4b:fa:45:8a:e8:f0:69:75:
68:0e:89:06:3d:d0:5b:24:ee:05:6a:52:06:f4:83:3f:a0:ba:
19:3e:d1:53:5f:25:21:35:1a:68:3e:31:eb:88:58:fe:ca:ad:
eb:8d:e6:0c:57:8f:f6:77:2f:c7:94:ea:43:c8:06:ca:f0:e3:
1c:7a:e7:ef:e9:2b:94:bc:41:9e:c3:07:9f:ae:c6:46:39:b8:
57:37:fc:0c:3c:79:6d:d2:0d:eb:e6:ed:10:45:b6:63:43:0d:
ee:d4:6f:6c:66:5b:a0:da:67:91:a1:4b:96:07:19:7f:e4:94:
a8:46:81:56:8d:56:93:fb:f0:08:d6:70:ed:67:9f:96:f2:6a:
f0:9a:3b:51:57:c0:4d:69:8a:61:96:45:cf:a0:09:a3:a0:f4:
b8:8f:50:4b:21:10:4d:8b:c3:48:bf:83:a4:10:3d:45:12:19:
63:73:f9:1c:8d:4b:53:3f:bf:63:c6:d8:8c:6d:e8:ba:d8:6f:
48:cc:ec:1c:21:7f:29:a6:bf:70:98:83:c9:4a:33:18:12:b6:
51:fc:d3:a9
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAY2jZtTzcYGTGPuqFgDaT4JzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjEzMTY1NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk4NmM1NjUwM2YyZjI4Y2U0MTBmMTBhNWU4MjNiYmVlNjZjYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f8A5nK6UgRoMxLrqbmFvCsFhX1q
N9IH1XFcgsOQsKe+X0OF3T29Eoy0W5/nLg//7AQbRLDHadbk+eRe6e+6kHuQi9Ny
0SQWjJ3n2W3BD6+k62Ra1EBfiP05pFiHLEYwpHtWmQV3mt57OA1QGhSKgFORctLw
zWxNXvbSfqbs9blUiIIU28Pz9+p3/jnRnO5VXRZZoxGOundXOsYyc/oH3Qa4RIcz
2+yeDfW4MDH+9uIoXQl1t9x/YX7Poj/4mfcXxDbscVK6HjhRnfIVzOkkzZ2GsYkA
i0RBNbNkYBlrCW5U2K+ZhQ0h/aD4dAMeNqHRfSEsfHKZPZcKXNPlnFHQPQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFCSYbFZQPy8ozkEPEKXoI7vuZsxHMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvSkpoc1ZsQV9MeWpPUVE4UXBlZ2p1LTVtekVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HDAMAwQHPqSAAwQDPqTAAwQAPqmWAwQAPqmaAwQAPqmcAwMAVjYDBADBbKkDBALC
PiwDBADCpAIDBADCpAwDBADCpCYDBALCpFAwDAMEAMKkVQMEAMKkVgMEAMKkYQME
AMKkZAMEAMKkaAMEAMKkagMEAMKkcjAMAwQCwqSMAwQAwqSQAwQAwqS1AwQAwqTf
MAwDBADCpOcDBADCpOgDBADCpO4wDAMEAMKk8QMEAsKk8AMEAMKk9wMEBcMa4AME
AcO45AMEAMO47AMEAMO49QMEBcPIAAMEANQgHAMEANQgKgMEAdQgLAMEANQgNwME
ANQgQgMEAdQvUAMEANQvVAMEANQ4OQMEANX+qwMEANX+sgMEANX+uQMDANmaMA0G
CSqGSIb3DQEBCwUAA4IBAQAGPQaYHTICUGI9uo8hublLLDkyyQlAs8ITs29q3Zjr
ii+TSnopnFllJS3TYa3bS/pFiujwaXVoDokGPdBbJO4FalIG9IM/oLoZPtFTXyUh
NRpoPjHriFj+yq3rjeYMV4/2dy/HlOpDyAbK8OMceufv6SuUvEGewwefrsZGObhX
N/wMPHlt0g3r5u0QRbZjQw3u1G9sZlug2meRoUuWBxl/5JSoRoFWjVaT+/AI1nDt
Z5+W8mrwmjtRV8BNaYphlkXPoAmjoPS4j1BLIRBNi8NIv4OkED1FEhljc/kcjUtT
P79jxtiMbei62G9IzOwcIX8ppr9wmIPJSjMYErZR/NOp
-----END CERTIFICATE-----
Generated at Wed Feb 14 18:15:42 2024 by rpki-client on console-ams.rpki-client.org