Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/baZlmDzJ5q5DPfn5iuFd2YSOJd8.roa
File: baZlmDzJ5q5DPfn5iuFd2YSOJd8.roa (raw, json)
Hash identifier: lTiViBTxh9IjpOKze4iCQIzGqXhm4ypFWKTfCMCuDvI=
Subject key identifier: 6D:A6:65:98:3C:C9:E6:AE:43:3D:F9:F9:8A:E1:5D:D9:84:8E:25:DF
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C684511FEB5EFA02A50CB21DB41CE721B
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/baZlmDzJ5q5DPfn5iuFd2YSOJd8.roa
Signing time: Thu 14 Dec 2023 12:20:06 +0000
ROA not before: Thu 14 Dec 2023 12:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 194.164.106.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
62.164.128.0/17 maxlen: 17
62.164.144.0/21 maxlen: 21
194.164.144.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.100.0/24 maxlen: 24
194.164.104.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.184.228.0/23 maxlen: 23
194.164.181.0/24 maxlen: 24
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
212.32.56.0/21 maxlen: 21
212.32.54.0/23 maxlen: 23
212.32.64.0/18 maxlen: 18
213.254.160.0/19 maxlen: 19
212.32.0.0/17 maxlen: 17
212.32.0.0/20 maxlen: 20
212.32.16.0/21 maxlen: 21
212.32.24.0/22 maxlen: 22
212.32.28.0/23 maxlen: 23
212.32.32.0/21 maxlen: 21
212.32.42.0/23 maxlen: 23
212.32.44.0/23 maxlen: 23
212.32.48.0/22 maxlen: 22
212.56.57.0/24 maxlen: 24
194.164.2.0/24 maxlen: 24
212.56.56.0/23 maxlen: 23
212.56.60.0/22 maxlen: 22
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
212.56.48.0/21 maxlen: 21
62.169.128.0/20 maxlen: 20
62.169.144.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
62.169.150.0/24 maxlen: 24
62.169.152.0/22 maxlen: 22
62.169.156.0/24 maxlen: 24
62.169.158.0/23 maxlen: 23
193.108.168.0/23 maxlen: 23
194.62.44.0/22 maxlen: 22
195.200.0.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:45:11:fe:b5:ef:a0:2a:50:cb:21:db:41:ce:72:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Dec 14 12:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da665983cc9e6ae433df9f98ae15dd9848e25df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:65:9b:a1:04:05:47:d7:a0:01:ea:0b:d5:26:
c2:8c:c5:de:9e:91:0e:b8:08:43:a9:12:59:10:21:
de:18:a2:4d:0e:3c:4e:f5:02:21:41:0f:73:51:86:
c9:cd:4c:58:da:c2:cc:d4:36:70:72:9e:ba:4a:0b:
d8:7a:0c:aa:a0:bb:88:4a:c9:94:eb:f5:ce:b1:0c:
d9:82:3c:5a:af:1f:66:a0:7e:48:d0:24:71:84:f1:
2a:c8:66:7f:3f:20:4a:f8:92:d0:6d:04:a1:dd:20:
f1:3d:25:3d:08:e6:c6:0e:8d:39:22:bc:34:92:65:
3d:ef:45:7c:50:70:b6:81:eb:43:24:8d:dd:b6:c3:
b4:61:02:32:5d:0b:26:a1:d1:60:2f:e4:0e:84:93:
fa:ef:a5:53:2d:83:03:07:c7:53:ed:f9:b3:6e:77:
1f:c1:14:dd:cd:0e:82:50:a5:c4:0e:e1:91:55:6f:
1b:a5:36:bb:7c:f9:7b:12:29:3e:ff:21:06:e6:90:
3b:0e:f7:1d:e8:48:79:67:2b:28:78:dd:8b:6d:03:
57:cb:2c:d2:9b:79:b4:99:0b:08:b2:a6:ea:7c:6c:
30:ad:b3:6f:ab:4e:f4:bd:dc:27:8c:17:09:3d:b3:
81:d7:7b:d2:95:6d:da:6b:bc:27:b9:6a:3b:df:1c:
dc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A6:65:98:3C:C9:E6:AE:43:3D:F9:F9:8A:E1:5D:D9:84:8E:25:DF
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/baZlmDzJ5q5DPfn5iuFd2YSOJd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0-62.169.150.255
62.169.152.0-62.169.156.255
62.169.158.0/23
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.97.0/24
194.164.100.0/24
194.164.104.0/24
194.164.106.0/24
194.164.114.0/24
194.164.140.0-194.164.144.255
194.164.181.0/24
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.0.0/17
212.47.80.0/23
212.47.84.0/24
212.56.48.0-212.56.57.255
212.56.60.0/22
213.254.160.0/19
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:16:6f:37:22:31:ff:06:6a:47:37:13:6c:5a:63:c2:c0:7a:
21:c5:3b:27:0e:7b:48:da:53:92:a2:a8:c2:60:14:50:c7:5a:
3c:9c:70:87:e3:72:ff:ac:24:e5:6a:a2:9d:29:8e:a2:ba:b2:
7d:26:43:f3:58:52:46:e3:51:52:c3:cb:eb:f6:30:04:55:d9:
ca:7e:35:2d:44:83:b9:22:af:72:92:25:d8:33:48:ec:8f:e0:
49:28:be:9a:b2:0f:bc:de:8d:9a:f0:25:12:70:48:00:1f:ba:
47:40:d0:2a:56:6c:1d:a3:86:50:a5:86:9b:c7:82:36:2b:c7:
de:65:f7:84:9f:84:fb:07:76:d6:0f:d7:19:e0:8e:b2:de:a7:
ba:65:57:4b:0e:0d:82:1b:34:8d:28:5d:d0:f2:d5:e6:16:77:
75:b6:4f:c6:d6:41:da:5a:ca:0b:df:bc:b6:ba:14:09:ac:12:
13:e5:d4:c7:be:bf:7a:5a:2f:57:ab:f3:d2:e8:c2:e3:f1:25:
a4:ff:af:be:fb:fe:8a:2a:ba:d7:86:a0:57:f9:27:e6:bb:8b:
bc:b7:87:fe:db:97:79:16:b6:93:3b:9d:fe:6b:e0:74:57:94:
fa:52:be:6b:86:65:79:72:41:e7:c9:85:1e:ee:bd:52:04:0f:
d0:00:35:7d
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYxoRRH+te+gKlDLIdtBznIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMjE0MTIyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGE2NjU5ODNjYzllNmFlNDMzZGY5Zjk4YWUxNWRkOTg0OGUyNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2WboQQFR9egAeoL1SbCjMXenpEO
uAhDqRJZECHeGKJNDjxO9QIhQQ9zUYbJzUxY2sLM1DZwcp66SgvYegyqoLuISsmU
6/XOsQzZgjxarx9moH5I0CRxhPEqyGZ/PyBK+JLQbQSh3SDxPSU9CObGDo05Irw0
kmU970V8UHC2getDJI3dtsO0YQIyXQsmodFgL+QOhJP676VTLYMDB8dT7fmzbncf
wRTdzQ6CUKXEDuGRVW8bpTa7fPl7Eik+/yEG5pA7Dvcd6Eh5ZysoeN2LbQNXyyzS
m3m0mQsIsqbqfGwwrbNvq070vdwnjBcJPbOB13vSlW3aa7wnuWo73xzczwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFG2mZZg8yeauQz35+YrhXdmEjiXfMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvYmFabG1Eeko1cTVEUGZuNWl1RmQyWVNPSmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEBz6kgDAMAwQHPqmAAwQAPqmWMAwDBAM+qZgDBAA+qZwDBAE+qZ4DAwBWNgME
AcFsqAMEAsI+LAMEAMKkAgMEAMKkDAMEAMKkJgMEAsKkUDAMAwQAwqRVAwQAwqRW
AwQAwqRhAwQAwqRkAwQAwqRoAwQAwqRqAwQAwqRyMAwDBALCpIwDBADCpJADBADC
pLUDBADCpN8wDAMEAMKk5wMEAMKk6AMEAMKk7jAMAwQAwqTxAwQCwqTwAwQAwqT3
AwQFwxrgAwQBw7jkAwQAw7jsAwQAw7j1AwQFw8gAAwQH1CAAAwQB1C9QAwQA1C9U
MAwDBATUODADBAHUODgDBALUODwDBAXV/qADAwDZmjANBgkqhkiG9w0BAQsFAAOC
AQEAURZvNyIx/wZqRzcTbFpjwsB6IcU7Jw57SNpTkqKowmAUUMdaPJxwh+Ny/6wk
5WqinSmOorqyfSZD81hSRuNRUsPL6/YwBFXZyn41LUSDuSKvcpIl2DNI7I/gSSi+
mrIPvN6NmvAlEnBIAB+6R0DQKlZsHaOGUKWGm8eCNivH3mX3hJ+E+wd21g/XGeCO
st6numVXSw4Nghs0jShd0PLV5hZ3dbZPxtZB2lrKC9+8troUCawSE+XUx76/elov
V6vz0ujC4/ElpP+vvvv+iiq614agV/kn5ruLvLeH/tuXeRa2kzud/mvgdFeU+lK+
a4ZleXJB58mFHu69UgQP0AA1fQ==
Generated at Thu Dec 14 22:27:19 2023 by rpki-client on console-fra.rpki-client.org