Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/UYq4MNFRiO4n7L5p3sQlrYyvHKg.roa
File: UYq4MNFRiO4n7L5p3sQlrYyvHKg.roa (raw, json)
Hash identifier: terFY/8QVjfiRJXhZlTT528G+pKPetYZaLAs4+LL2dA=
Subject key identifier: 51:8A:B8:30:D1:51:88:EE:27:EC:BE:69:DE:C4:25:AD:8C:AF:1C:A8
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018DC68067809297548505F4CE8ACA248AFD
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/UYq4MNFRiO4n7L5p3sQlrYyvHKg.roa
Signing time: Tue 20 Feb 2024 12:32:00 +0000
ROA not before: Tue 20 Feb 2024 12:32:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
62.169.150.0/24 maxlen: 24
62.169.154.0/24 maxlen: 24
86.54.0.0/16 maxlen: 16
193.108.169.0/24 maxlen: 24
194.164.2.0/24 maxlen: 24
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.100.0/24 maxlen: 24
194.164.104.0/24 maxlen: 24
194.164.106.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.144.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.228.0/24 maxlen: 24
195.26.236.0/24 maxlen: 24
195.184.228.0/23 maxlen: 23
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
195.200.0.0/19 maxlen: 19
195.200.22.0/24 maxlen: 24
195.200.27.0/24 maxlen: 24
212.32.28.0/24 maxlen: 24
212.32.42.0/24 maxlen: 24
212.32.44.0/24 maxlen: 24
212.32.55.0/24 maxlen: 24
212.32.66.0/24 maxlen: 24
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
212.56.57.0/24 maxlen: 24
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
217.154.12.0/24 maxlen: 24
217.154.25.0/24 maxlen: 24
217.154.28.0/24 maxlen: 24
217.154.30.0/24 maxlen: 24
217.154.31.0/24 maxlen: 24
217.154.39.0/24 maxlen: 24
217.154.46.0/24 maxlen: 24
217.154.49.0/24 maxlen: 24
217.154.72.0/23 maxlen: 23
217.154.90.0/24 maxlen: 24
217.154.96.0/24 maxlen: 24
217.154.103.0/24 maxlen: 24
217.154.104.0/24 maxlen: 24
217.154.109.0/24 maxlen: 24
217.154.110.0/23 maxlen: 23
217.154.122.0/23 maxlen: 23
217.154.127.0/24 maxlen: 24
217.154.131.0/24 maxlen: 24
217.154.132.0/22 maxlen: 22
217.154.137.0/24 maxlen: 24
217.154.138.0/24 maxlen: 24
217.154.141.0/24 maxlen: 24
217.154.151.0/24 maxlen: 24
217.154.157.0/24 maxlen: 24
217.154.158.0/24 maxlen: 24
217.154.176.0/24 maxlen: 24
217.154.187.0/24 maxlen: 24
217.154.209.0/24 maxlen: 24
217.154.219.0/24 maxlen: 24
217.154.221.0/24 maxlen: 24
217.154.230.0/24 maxlen: 24
217.154.236.0/24 maxlen: 24
217.154.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 15:51:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:80:67:80:92:97:54:85:05:f4:ce:8a:ca:24:8a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 20 12:32:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=518ab830d15188ee27ecbe69dec425ad8caf1ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d1:e3:15:47:51:df:82:f7:2b:50:91:61:0d:
5a:c6:85:75:a2:b4:f2:cc:85:c7:73:18:0c:56:a8:
62:e3:d4:b7:4d:35:82:74:a7:50:da:4b:43:4e:d5:
b9:5e:70:85:8a:6f:6f:7e:c8:cb:40:8c:48:07:d4:
ea:15:2f:34:11:4e:f9:68:14:29:72:4e:c5:ac:33:
d2:42:27:8e:33:b3:77:5b:cc:59:70:11:e2:bc:75:
86:12:bb:b1:93:bd:d2:fa:1d:44:84:7d:6e:b4:89:
7b:05:8f:f4:8b:17:ed:d5:c4:99:6c:eb:6a:c6:d3:
eb:a3:1e:67:65:bb:8f:8c:d5:33:dc:2b:37:52:2a:
c3:83:30:17:b7:c5:f6:bc:e7:62:ac:f5:7d:f1:41:
61:f5:72:79:a8:09:e1:11:c9:6a:c2:16:99:c9:86:
5c:24:5c:ba:1f:74:c8:82:e3:ca:5a:ed:b4:ab:89:
eb:84:62:04:aa:57:fd:f8:1c:6c:fc:a3:7b:86:3f:
8a:a8:a6:f7:ff:3b:bc:94:ff:eb:60:30:d9:a4:70:
32:86:72:5b:dc:b5:0c:dc:42:57:9a:fd:83:6d:1f:
ad:b6:01:85:8a:65:ac:eb:4b:bf:84:0a:5b:6f:85:
ad:e4:07:09:1f:b7:7d:8c:61:c1:ed:cc:6e:e4:5b:
4b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8A:B8:30:D1:51:88:EE:27:EC:BE:69:DE:C4:25:AD:8C:AF:1C:A8
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/UYq4MNFRiO4n7L5p3sQlrYyvHKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
62.169.150.0/24
62.169.154.0/24
86.54.0.0/16
193.108.169.0/24
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.97.0/24
194.164.100.0/24
194.164.104.0/24
194.164.106.0/24
194.164.114.0/24
194.164.140.0-194.164.144.255
194.164.181.0/24
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.228.0/24
195.26.236.0/24
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.28.0/24
212.32.42.0/24
212.32.44.0/24
212.32.55.0/24
212.32.66.0/24
212.47.80.0/23
212.47.84.0/24
212.56.57.0/24
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:54:8a:89:3d:a9:06:6d:d8:61:62:24:81:6f:aa:09:21:22:
00:4e:03:e4:16:38:4a:b8:1c:50:a8:24:68:43:f4:42:d2:91:
19:a9:12:60:7f:2e:68:8d:25:ab:b2:e8:a0:94:12:a6:ba:12:
6d:fe:cb:ad:4e:b9:6b:50:bd:af:e0:79:78:ab:7d:40:32:56:
36:75:a9:78:a7:fa:b7:fe:cb:87:fa:89:f8:a3:77:14:0a:ac:
a1:9b:39:15:9c:38:7f:c4:bd:62:0a:82:5b:9d:93:89:6b:fc:
1a:07:07:42:8c:f0:97:c8:78:47:9f:b6:d0:ff:95:15:6c:01:
c5:5a:6c:df:77:3f:de:64:ce:69:f6:ba:15:3d:3e:c3:cf:a5:
30:9b:88:bb:0d:a1:51:61:ad:7c:17:a4:68:61:0f:92:57:c3:
5b:5c:3e:51:c0:12:91:e1:70:ba:65:f5:e0:8f:da:b4:c7:af:
c3:f7:6f:63:11:bc:86:77:37:19:83:76:21:ca:f5:40:56:6d:
8f:f8:7f:a5:2b:a7:d0:42:37:65:78:29:6a:ec:10:0c:03:2f:
a1:4a:2e:40:06:f7:d2:69:16:3b:44:ca:2f:ea:e6:db:3f:6d:
0c:b9:43:6f:90:52:1e:e0:1f:83:99:11:dd:b5:be:30:60:a9:
7a:af:15:69
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAY3GgGeAkpdUhQX0zorKJIr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjIwMTIzMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThhYjgzMGQxNTE4OGVlMjdlY2JlNjlkZWM0MjVhZDhjYWYxY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztHjFUdR34L3K1CRYQ1axoV1orTy
zIXHcxgMVqhi49S3TTWCdKdQ2ktDTtW5XnCFim9vfsjLQIxIB9TqFS80EU75aBQp
ck7FrDPSQieOM7N3W8xZcBHivHWGEruxk73S+h1EhH1utIl7BY/0ixft1cSZbOtq
xtProx5nZbuPjNUz3Cs3UirDgzAXt8X2vOdirPV98UFh9XJ5qAnhEclqwhaZyYZc
JFy6H3TIguPKWu20q4nrhGIEqlf9+Bxs/KN7hj+KqKb3/zu8lP/rYDDZpHAyhnJb
3LUM3EJXmv2DbR+ttgGFimWs60u/hApbb4Wt5AcJH7d9jGHB7cxu5FtLrwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFFGKuDDRUYjuJ+y+ad7EJa2MrxyoMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvVVlxNE1ORlJpTzRuN0w1cDNzUWxyWXl2SEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FjAMAwQHPqSAAwQDPqTAAwQAPqmWAwQAPqmaAwMAVjYDBADBbKkDBADCpAIDBADC
pAwDBADCpCYDBALCpFAwDAMEAMKkVQMEAMKkVgMEAMKkYQMEAMKkZAMEAMKkaAME
AMKkagMEAMKkcjAMAwQCwqSMAwQAwqSQAwQAwqS1AwQAwqTfMAwDBADCpOcDBADC
pOgDBADCpO4wDAMEAMKk8QMEAsKk8AMEAMKk9wMEAMMa5AMEAMMa7AMEAcO45AME
AMO47AMEAMO49QMEBcPIAAMEANQgHAMEANQgKgMEANQgLAMEANQgNwMEANQgQgME
AdQvUAMEANQvVAMEANQ4OQMEANX+qwMEANX+sgMEANX+uQMDANmaMA0GCSqGSIb3
DQEBCwUAA4IBAQAbVIqJPakGbdhhYiSBb6oJISIATgPkFjhKuBxQqCRoQ/RC0pEZ
qRJgfy5ojSWrsuiglBKmuhJt/sutTrlrUL2v4Hl4q31AMlY2dal4p/q3/suH+on4
o3cUCqyhmzkVnDh/xL1iCoJbnZOJa/waBwdCjPCXyHhHn7bQ/5UVbAHFWmzfdz/e
ZM5p9roVPT7Dz6Uwm4i7DaFRYa18F6RoYQ+SV8NbXD5RwBKR4XC6ZfXgj9q0x6/D
929jEbyGdzcZg3YhyvVAVm2P+H+lK6fQQjdleClq7BAMAy+hSi5ABvfSaRY7RMov
6ubbP20MuUNvkFIe4B+DmRHdtb4wYKl6rxVp
-----END CERTIFICATE-----
Generated at Tue Feb 20 20:55:27 2024 by rpki-client on console-ams.rpki-client.org