Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/yKxayeIk-CtROEa9IpnknSAC_bs.roa
File: yKxayeIk-CtROEa9IpnknSAC_bs.roa (raw, json)
Hash identifier: 4Rklq+ckaobT6Vn2iFQ4nRxdbSj0jgcyKIp0x4l1kNs=
Subject key identifier: C8:AC:5A:C9:E2:24:F8:2B:51:38:46:BD:22:99:E4:9D:20:02:FD:BB
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018DC5E2EF1B6D90664E613F680DB61FA334
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/yKxayeIk-CtROEa9IpnknSAC_bs.roa
Signing time: Tue 20 Feb 2024 09:40:00 +0000
ROA not before: Tue 20 Feb 2024 09:40:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
62.169.150.0/24 maxlen: 24
62.169.154.0/24 maxlen: 24
62.169.156.0/24 maxlen: 24
86.54.0.0/16 maxlen: 16
193.108.169.0/24 maxlen: 24
194.62.44.0/22 maxlen: 22
194.164.2.0/24 maxlen: 24
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.100.0/24 maxlen: 24
194.164.104.0/24 maxlen: 24
194.164.106.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.144.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.26.228.0/24 maxlen: 24
195.26.236.0/24 maxlen: 24
195.184.228.0/23 maxlen: 23
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
195.200.0.0/19 maxlen: 19
195.200.22.0/24 maxlen: 24
195.200.27.0/24 maxlen: 24
212.32.28.0/24 maxlen: 24
212.32.42.0/24 maxlen: 24
212.32.44.0/23 maxlen: 23
212.32.44.0/24 maxlen: 24
212.32.55.0/24 maxlen: 24
212.32.66.0/24 maxlen: 24
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
212.56.57.0/24 maxlen: 24
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
217.154.12.0/24 maxlen: 24
217.154.25.0/24 maxlen: 24
217.154.28.0/24 maxlen: 24
217.154.30.0/24 maxlen: 24
217.154.31.0/24 maxlen: 24
217.154.39.0/24 maxlen: 24
217.154.46.0/24 maxlen: 24
217.154.49.0/24 maxlen: 24
217.154.72.0/23 maxlen: 23
217.154.90.0/24 maxlen: 24
217.154.96.0/24 maxlen: 24
217.154.103.0/24 maxlen: 24
217.154.104.0/24 maxlen: 24
217.154.109.0/24 maxlen: 24
217.154.110.0/23 maxlen: 23
217.154.122.0/23 maxlen: 23
217.154.127.0/24 maxlen: 24
217.154.131.0/24 maxlen: 24
217.154.132.0/22 maxlen: 22
217.154.137.0/24 maxlen: 24
217.154.138.0/24 maxlen: 24
217.154.141.0/24 maxlen: 24
217.154.151.0/24 maxlen: 24
217.154.157.0/24 maxlen: 24
217.154.158.0/24 maxlen: 24
217.154.176.0/24 maxlen: 24
217.154.187.0/24 maxlen: 24
217.154.209.0/24 maxlen: 24
217.154.219.0/24 maxlen: 24
217.154.221.0/24 maxlen: 24
217.154.230.0/24 maxlen: 24
217.154.236.0/24 maxlen: 24
217.154.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 10:06:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:e2:ef:1b:6d:90:66:4e:61:3f:68:0d:b6:1f:a3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 20 09:40:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8ac5ac9e224f82b513846bd2299e49d2002fdbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:96:02:49:92:3b:5f:d4:c0:73:a8:cd:a1:93:
82:66:7f:5e:26:1f:6e:a5:e1:84:4a:c8:8b:ce:4a:
53:f8:57:cc:2c:62:ad:5a:ac:d8:e0:4d:16:f6:72:
b4:dc:6f:89:81:b5:fc:82:9f:76:a1:50:8a:37:7f:
9e:2e:fd:76:a5:92:01:b9:f8:65:2c:1c:16:0a:41:
71:e0:ec:82:2e:c3:a6:67:8c:9f:a9:b5:a3:7f:88:
c0:b5:b3:be:09:8d:a4:23:14:3d:6a:c7:fd:fb:b0:
92:9d:86:2b:85:49:b2:a1:a0:df:f9:b5:7d:9d:20:
73:b8:db:c6:ac:3e:ef:1e:82:af:03:7d:01:75:bf:
30:5f:71:9d:18:db:99:e8:0d:b3:03:ee:ee:cb:2f:
82:c8:85:23:05:60:0c:e8:c4:dc:25:34:e3:fa:6b:
8f:cf:22:ba:5b:af:b8:2d:c3:ab:23:41:4b:71:dd:
3a:16:3b:88:77:16:ba:b9:88:0d:14:ad:1a:cd:ba:
cc:91:80:94:e0:9c:d6:49:bc:50:3f:ca:e4:5e:cc:
dd:63:89:d2:98:74:ba:fd:74:0b:cc:9a:af:78:53:
34:6d:a1:39:c2:82:d9:85:20:af:19:41:a5:a3:e5:
ad:cd:96:45:8d:0e:da:98:66:f6:71:fe:4b:02:8c:
34:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AC:5A:C9:E2:24:F8:2B:51:38:46:BD:22:99:E4:9D:20:02:FD:BB
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/yKxayeIk-CtROEa9IpnknSAC_bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
62.169.150.0/24
62.169.154.0/24
62.169.156.0/24
86.54.0.0/16
193.108.169.0/24
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.97.0/24
194.164.100.0/24
194.164.104.0/24
194.164.106.0/24
194.164.114.0/24
194.164.140.0-194.164.144.255
194.164.181.0/24
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.228.0/23
195.184.236.0/24
195.184.245.0/24
195.200.0.0/19
212.32.28.0/24
212.32.42.0/24
212.32.44.0/23
212.32.55.0/24
212.32.66.0/24
212.47.80.0/23
212.47.84.0/24
212.56.57.0/24
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:72:a6:02:84:d8:c2:71:c1:07:92:0c:3b:69:f1:36:8c:96:
e9:6f:50:82:e9:8b:41:5f:37:ab:2d:50:70:a3:9a:4b:eb:4b:
56:a3:aa:1b:f4:08:fc:02:4c:b6:d4:4c:3f:7c:bc:0f:95:e4:
37:51:d2:b4:42:70:2f:c8:17:74:d2:ec:2e:ef:ac:41:bb:74:
f3:e2:bf:92:bb:e8:9f:5f:9b:6a:bc:45:61:fa:52:43:e5:3a:
0a:e6:64:cc:fb:09:49:1a:ca:5c:53:6e:d2:81:18:bf:17:1c:
01:1c:97:48:7f:a6:29:f7:d2:e1:be:4a:bc:1b:eb:cf:b2:e5:
7e:83:78:da:5c:95:89:09:f1:20:49:15:7b:5b:3d:75:22:1c:
8b:d8:7d:eb:ef:4f:35:cb:2e:e3:8d:16:84:ed:29:3e:43:70:
3b:51:ed:92:83:78:3e:83:2c:61:fe:0e:ab:c3:6a:78:74:ad:
07:32:e4:26:9d:f6:31:e1:59:b7:40:0e:02:e8:ab:28:92:ac:
1a:50:0c:35:d0:9f:30:59:b6:c4:26:27:34:82:7f:76:1d:d9:
33:5e:7e:b1:cf:8a:c3:f9:26:40:0b:3a:34:5a:63:39:e0:ee:
6f:05:34:f2:a5:8c:cf:62:0f:4d:ec:f9:5e:c9:b3:91:b3:dd:
f3:1d:c3:50
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAY3F4u8bbZBmTmE/aA22H6M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjIwMDk0MDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFjNWFjOWUyMjRmODJiNTEzODQ2YmQyMjk5ZTQ5ZDIwMDJmZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JYCSZI7X9TAc6jNoZOCZn9eJh9u
peGESsiLzkpT+FfMLGKtWqzY4E0W9nK03G+JgbX8gp92oVCKN3+eLv12pZIBufhl
LBwWCkFx4OyCLsOmZ4yfqbWjf4jAtbO+CY2kIxQ9asf9+7CSnYYrhUmyoaDf+bV9
nSBzuNvGrD7vHoKvA30Bdb8wX3GdGNuZ6A2zA+7uyy+CyIUjBWAM6MTcJTTj+muP
zyK6W6+4LcOrI0FLcd06FjuIdxa6uYgNFK0azbrMkYCU4JzWSbxQP8rkXszdY4nS
mHS6/XQLzJqveFM0baE5woLZhSCvGUGlo+WtzZZFjQ7amGb2cf5LAow0mQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFMisWsniJPgrUThGvSKZ5J0gAv27MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEveUt4YXllSWstQ3RST0VhOUlwbmtuU0FDX2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HDAMAwQHPqSAAwQDPqTAAwQAPqmWAwQAPqmaAwQAPqmcAwMAVjYDBADBbKkDBALC
PiwDBADCpAIDBADCpAwDBADCpCYDBALCpFAwDAMEAMKkVQMEAMKkVgMEAMKkYQME
AMKkZAMEAMKkaAMEAMKkagMEAMKkcjAMAwQCwqSMAwQAwqSQAwQAwqS1AwQAwqTf
MAwDBADCpOcDBADCpOgDBADCpO4wDAMEAMKk8QMEAsKk8AMEAMKk9wMEBcMa4AME
AcO45AMEAMO47AMEAMO49QMEBcPIAAMEANQgHAMEANQgKgMEAdQgLAMEANQgNwME
ANQgQgMEAdQvUAMEANQvVAMEANQ4OQMEANX+qwMEANX+sgMEANX+uQMDANmaMA0G
CSqGSIb3DQEBCwUAA4IBAQBLcqYChNjCccEHkgw7afE2jJbpb1CC6YtBXzerLVBw
o5pL60tWo6ob9Aj8Aky21Ew/fLwPleQ3UdK0QnAvyBd00uwu76xBu3Tz4r+Su+if
X5tqvEVh+lJD5ToK5mTM+wlJGspcU27SgRi/FxwBHJdIf6Yp99Lhvkq8G+vPsuV+
g3jaXJWJCfEgSRV7Wz11IhyL2H3r7081yy7jjRaE7Sk+Q3A7Ue2Sg3g+gyxh/g6r
w2p4dK0HMuQmnfYx4Vm3QA4C6KsokqwaUAw10J8wWbbEJic0gn92HdkzXn6xz4rD
+SZACzo0WmM54O5vBTTypYzPYg9N7PleybORs93zHcNQ
-----END CERTIFICATE-----
Generated at Tue Feb 20 15:08:30 2024 by rpki-client on console-ams.rpki-client.org