Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jHslOM9f_GBn4AtTKALkgnKZtQA.roa
File: jHslOM9f_GBn4AtTKALkgnKZtQA.roa (raw, json)
Hash identifier: DNh3ayYwxeNmLYjkCTbVbXXW3lCZ0qD56yoCelh2oMM=
Subject key identifier: 8C:7B:25:38:CF:5F:FC:60:67:E0:0B:53:28:02:E4:82:72:99:B5:00
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C6A4C2C82606922B27FAE3DC7A619F184
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jHslOM9f_GBn4AtTKALkgnKZtQA.roa
Signing time: Thu 14 Dec 2023 21:47:06 +0000
ROA not before: Thu 14 Dec 2023 21:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 194.164.106.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
62.164.128.0/17 maxlen: 17
62.164.144.0/21 maxlen: 21
194.164.144.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.100.0/24 maxlen: 24
194.164.104.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.184.228.0/23 maxlen: 23
194.164.181.0/24 maxlen: 24
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
212.32.56.0/21 maxlen: 21
212.32.54.0/23 maxlen: 23
212.32.64.0/18 maxlen: 18
213.254.160.0/19 maxlen: 19
212.32.0.0/17 maxlen: 17
212.32.0.0/20 maxlen: 20
212.32.16.0/21 maxlen: 21
212.32.24.0/22 maxlen: 22
212.32.28.0/23 maxlen: 23
212.32.32.0/21 maxlen: 21
212.32.42.0/23 maxlen: 23
212.32.44.0/23 maxlen: 23
212.32.48.0/22 maxlen: 22
212.56.57.0/24 maxlen: 24
194.164.2.0/24 maxlen: 24
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
62.169.128.0/20 maxlen: 20
62.169.144.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
62.169.150.0/24 maxlen: 24
62.169.152.0/22 maxlen: 22
62.169.156.0/24 maxlen: 24
62.169.158.0/23 maxlen: 23
193.108.168.0/23 maxlen: 23
194.62.44.0/22 maxlen: 22
195.200.0.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:4c:2c:82:60:69:22:b2:7f:ae:3d:c7:a6:19:f1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Dec 14 21:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c7b2538cf5ffc6067e00b532802e4827299b500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9c:a5:34:33:cd:13:ba:b6:f3:3b:b9:cb:52:
a7:cb:53:df:ce:aa:cc:65:83:18:05:18:0f:6e:56:
18:f3:52:93:fc:1e:2d:7e:a4:54:d0:67:e6:20:0f:
a5:fb:55:28:b0:1e:3d:31:17:c9:c0:d3:fe:ac:35:
55:0a:8f:31:6b:06:c2:26:e8:0d:f4:55:97:90:c3:
66:8a:e3:8c:eb:fe:36:10:02:c2:34:eb:e9:9d:68:
99:88:a8:92:db:86:41:32:3a:9d:b1:14:1b:16:ac:
64:34:e1:8b:7b:e6:9d:23:62:f4:65:c1:0d:3b:ad:
38:fe:0e:63:3e:13:e1:bf:d2:09:7a:9c:5e:84:a8:
c4:4d:ac:2c:69:67:cd:17:2c:a3:07:55:90:a3:b3:
97:27:15:9f:92:e8:a7:a8:f8:de:16:62:c4:f7:5c:
52:2e:9f:d0:54:61:55:e3:94:41:7d:ae:62:6b:ba:
2f:0b:35:f6:a1:bf:6f:d6:68:bb:a2:2d:91:f9:3a:
67:6f:9b:7a:56:8d:b9:0e:2f:e2:4e:ea:95:0d:5c:
2f:aa:a2:17:df:27:c8:e5:99:6a:40:d4:66:ed:1a:
a1:0c:55:53:68:74:a7:ee:23:bd:6a:85:55:b7:a3:
9b:70:60:b9:e6:b3:9b:6c:99:64:17:e5:ae:d6:8b:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7B:25:38:CF:5F:FC:60:67:E0:0B:53:28:02:E4:82:72:99:B5:00
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jHslOM9f_GBn4AtTKALkgnKZtQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0-62.169.150.255
62.169.152.0-62.169.156.255
62.169.158.0/23
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.97.0/24
194.164.100.0/24
194.164.104.0/24
194.164.106.0/24
194.164.114.0/24
194.164.140.0-194.164.144.255
194.164.181.0/24
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.0.0/17
212.47.80.0/23
212.47.84.0/24
212.56.57.0/24
213.254.160.0/19
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:4d:08:f6:51:ad:da:23:9e:3a:9f:ee:f4:35:b5:aa:e6:c8:
7d:f2:8b:1d:0a:ca:fc:75:0b:97:28:02:62:e0:b7:55:c2:ce:
8b:ad:5b:45:ac:b9:c1:b9:ab:c9:87:e4:19:10:0c:9f:23:b4:
9e:3f:ea:00:08:39:16:81:01:31:8c:67:f8:a1:f8:e4:c7:1f:
27:1c:85:5e:16:d6:ad:a3:82:cd:cc:6e:f3:b2:46:5c:ff:7d:
28:a2:31:81:03:be:5e:e2:ee:3b:b2:65:6f:de:d8:3f:c4:4e:
d5:eb:b2:21:b5:9b:97:16:68:02:c4:4f:de:68:af:6d:22:aa:
3c:29:aa:67:66:c4:30:69:cd:5f:cb:4d:17:10:d8:1d:f9:16:
6f:43:9c:61:50:30:9c:3d:93:f7:1d:2c:fa:74:42:ca:f6:ca:
da:64:69:5b:b8:a7:ea:44:cd:c2:24:c9:00:09:e8:60:28:47:
90:60:c4:c2:a4:8e:20:41:78:4a:ab:ab:ea:52:a5:ed:17:d2:
43:2e:6d:5a:46:f9:04:9a:c0:58:1f:ee:d2:26:d8:f9:dd:69:
a4:1b:ba:01:ed:99:ee:32:9c:27:08:06:05:cd:fb:bc:90:82:
25:4e:33:fc:50:02:4d:74:4a:ef:52:95:d2:db:6e:71:88:78:
4f:50:91:61
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYxqTCyCYGkisn+uPcemGfGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMjE0MjE0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdiMjUzOGNmNWZmYzYwNjdlMDBiNTMyODAyZTQ4MjcyOTliNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJylNDPNE7q28zu5y1Kny1PfzqrM
ZYMYBRgPblYY81KT/B4tfqRU0GfmIA+l+1UosB49MRfJwNP+rDVVCo8xawbCJugN
9FWXkMNmiuOM6/42EALCNOvpnWiZiKiS24ZBMjqdsRQbFqxkNOGLe+adI2L0ZcEN
O604/g5jPhPhv9IJepxehKjETawsaWfNFyyjB1WQo7OXJxWfkuinqPjeFmLE91xS
Lp/QVGFV45RBfa5ia7ovCzX2ob9v1mi7oi2R+Tpnb5t6Vo25Di/iTuqVDVwvqqIX
3yfI5ZlqQNRm7RqhDFVTaHSn7iO9aoVVt6ObcGC55rObbJlkF+Wu1oskvwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFIx7JTjPX/xgZ+ALUygC5IJymbUAMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvakhzbE9NOWZfR0JuNEF0VEtBTGtnbktadFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEBz6kgDAMAwQHPqmAAwQAPqmWMAwDBAM+qZgDBAA+qZwDBAE+qZ4DAwBWNgME
AcFsqAMEAsI+LAMEAMKkAgMEAMKkDAMEAMKkJgMEAsKkUDAMAwQAwqRVAwQAwqRW
AwQAwqRhAwQAwqRkAwQAwqRoAwQAwqRqAwQAwqRyMAwDBALCpIwDBADCpJADBADC
pLUDBADCpN8wDAMEAMKk5wMEAMKk6AMEAMKk7jAMAwQAwqTxAwQCwqTwAwQAwqT3
AwQFwxrgAwQBw7jkAwQAw7jsAwQAw7j1AwQFw8gAAwQH1CAAAwQB1C9QAwQA1C9U
AwQA1Dg5AwQF1f6gAwMA2ZowDQYJKoZIhvcNAQELBQADggEBAJlNCPZRrdojnjqf
7vQ1tarmyH3yix0Kyvx1C5coAmLgt1XCzoutW0WsucG5q8mH5BkQDJ8jtJ4/6gAI
ORaBATGMZ/ih+OTHHycchV4W1q2jgs3MbvOyRlz/fSiiMYEDvl7i7juyZW/e2D/E
TtXrsiG1m5cWaALET95or20iqjwpqmdmxDBpzV/LTRcQ2B35Fm9DnGFQMJw9k/cd
LPp0Qsr2ytpkaVu4p+pEzcIkyQAJ6GAoR5BgxMKkjiBBeEqrq+pSpe0X0kMubVpG
+QSawFgf7tIm2PndaaQbugHtme4ynCcIBgXN+7yQgiVOM/xQAk10Su9SldLbbnGI
eE9QkWE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:50 2024 by rpki-client on console-fra.rpki-client.org