Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kuIZIYfapfUmrVOLEfjSGQolT5Q.roa
File: kuIZIYfapfUmrVOLEfjSGQolT5Q.roa (raw, json)
Hash identifier: zGvNByHdpijYQQSXEFUzO37ndkGmO5F3Sp8P1Gx+J7Y=
Subject key identifier: 92:E2:19:21:87:DA:A5:F5:26:AD:53:8B:11:F8:D2:19:0A:25:4F:94
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018DD4E6223EF7C61DAD375E497758363483
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kuIZIYfapfUmrVOLEfjSGQolT5Q.roa
Signing time: Fri 23 Feb 2024 07:37:48 +0000
ROA not before: Fri 23 Feb 2024 07:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:e6:22:3e:f7:c6:1d:ad:37:5e:49:77:58:36:34:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Feb 23 07:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92e2192187daa5f526ad538b11f8d2190a254f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:b6:04:94:38:70:e8:ee:a3:e4:f4:30:0f:
f8:17:8f:3d:ef:32:c8:8f:f5:65:0b:e9:11:34:1b:
d0:a4:c8:19:e4:4c:f1:fa:92:5d:48:47:30:aa:1c:
b0:33:2d:30:78:4b:0b:5d:65:69:26:4a:1d:24:53:
91:25:22:f3:39:7e:fa:dd:63:43:c5:62:f2:24:81:
3e:fc:e5:04:16:33:1e:d0:8f:35:c5:d1:74:1f:6e:
1f:72:e7:48:be:e0:da:59:b7:1d:3f:ab:ed:f8:cd:
78:ac:fd:6d:5d:bb:28:61:be:86:df:17:b5:69:16:
07:f1:2b:82:da:1c:4e:83:db:22:ca:63:00:06:98:
67:77:48:3a:5d:2e:91:4f:8a:86:d0:0f:68:e2:6c:
1d:36:b6:72:54:07:29:d6:f5:5f:98:e0:8f:d2:ae:
f8:41:b5:0f:c6:ef:b7:62:4e:bf:e4:7a:99:9a:77:
21:4e:df:63:1f:e7:82:8f:d2:5a:16:c8:17:b7:7e:
ef:a3:1b:50:ae:86:e9:d7:70:d3:ec:33:98:1c:8a:
57:c9:eb:db:0c:ef:04:63:18:38:f4:8a:76:11:23:
cb:69:80:a0:2c:62:bb:66:e7:4a:85:fe:73:a8:41:
e9:5d:4b:fe:32:72:75:98:7c:1a:8a:2d:00:0e:d0:
5d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E2:19:21:87:DA:A5:F5:26:AD:53:8B:11:F8:D2:19:0A:25:4F:94
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kuIZIYfapfUmrVOLEfjSGQolT5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.68.0/22
83.150.240.0/22
95.181.216.0/22
185.75.208.0/22
193.201.248.0/24
193.201.250.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:8c:6b:31:00:87:af:91:c3:04:6e:7d:41:b9:75:2f:78:7e:
96:a8:1f:77:dc:18:59:58:c2:13:ea:fc:91:d6:e1:d0:e0:db:
5f:aa:a6:58:fa:af:c4:e0:05:ff:cc:e6:22:9e:d7:dc:7e:02:
1a:82:47:8a:2a:8b:b7:f8:c2:9a:29:1d:13:47:2a:a0:ad:ed:
dd:48:57:45:8f:3b:f8:d2:27:bb:34:07:08:96:69:85:ae:2c:
a3:86:75:c1:1c:e2:0c:1f:ee:1f:bc:5d:1b:35:3d:39:c3:04:
04:5e:d4:97:ed:6d:3d:73:21:fe:51:cf:77:9a:70:1c:63:9b:
2e:f2:98:d3:8c:a8:ff:9d:66:bb:26:78:0c:1e:07:c7:75:98:
79:be:25:75:64:82:04:01:4f:0e:d9:1e:a8:3b:4e:ed:43:37:
33:e7:a1:49:c4:6b:ab:eb:fe:3c:cb:88:b2:bd:87:5f:9f:97:
37:ad:9d:0c:30:fb:d8:82:1f:ec:37:f3:d7:5d:87:41:70:00:
6a:eb:72:57:e5:16:b1:e4:d4:f1:3b:42:f6:6c:b2:1e:f7:87:
80:35:ca:79:ea:c8:35:b7:85:d9:a6:8a:8e:c1:a7:2d:d7:61:
19:b7:0e:90:b6:e4:7a:a7:88:ba:f3:5a:cd:21:2b:49:bc:d2:
b8:5f:10:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3U5iI+98YdrTdeSXdYNjSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMjIzMDczNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmUyMTkyMTg3ZGFhNWY1MjZhZDUzOGIxMWY4ZDIxOTBhMjU0Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYq2BJQ4cOjuo+T0MA/4F4897zLI
j/VlC+kRNBvQpMgZ5Ezx+pJdSEcwqhywMy0weEsLXWVpJkodJFORJSLzOX763WND
xWLyJIE+/OUEFjMe0I81xdF0H24fcudIvuDaWbcdP6vt+M14rP1tXbsoYb6G3xe1
aRYH8SuC2hxOg9siymMABphnd0g6XS6RT4qG0A9o4mwdNrZyVAcp1vVfmOCP0q74
QbUPxu+3Yk6/5HqZmnchTt9jH+eCj9JaFsgXt37voxtQrobp13DT7DOYHIpXyevb
DO8EYxg49Ip2ESPLaYCgLGK7ZudKhf5zqEHpXUv+MnJ1mHwaii0ADtBdEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJLiGSGH2qX1Jq1TixH40hkKJU+UMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEva3VJWklZZmFwZlVtclZPTEVmalNHUW9sVDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLY9EAwQC
U5bwAwQCX7XYAwQCuUvQAwQAwcn4AwQBwcn6MA0GCSqGSIb3DQEBCwUAA4IBAQCw
jGsxAIevkcMEbn1BuXUveH6WqB933BhZWMIT6vyR1uHQ4NtfqqZY+q/E4AX/zOYi
ntfcfgIagkeKKou3+MKaKR0TRyqgre3dSFdFjzv40ie7NAcIlmmFriyjhnXBHOIM
H+4fvF0bNT05wwQEXtSX7W09cyH+Uc93mnAcY5su8pjTjKj/nWa7JngMHgfHdZh5
viV1ZIIEAU8O2R6oO07tQzcz56FJxGur6/48y4iyvYdfn5c3rZ0MMPvYgh/sN/PX
XYdBcABq63JX5Rax5NTxO0L2bLIe94eANcp56sg1t4XZpoqOwact12EZtw6QtuR6
p4i681rNIStJvNK4XxAw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org