Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/iMBIsnZ3tmPy9a_dx7GKzjSw7EA.roa
File: iMBIsnZ3tmPy9a_dx7GKzjSw7EA.roa (raw, json)
Hash identifier: H+YA5CTdzSJpKL6e2NW1OkdktXe5Ih6Wx3w7j/X6km8=
Subject key identifier: 88:C0:48:B2:76:77:B6:63:F2:F5:AF:DD:C7:B1:8A:CE:34:B0:EC:40
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 018CC5DC002B0EFA5472A64E75FCD13DF0F6
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/iMBIsnZ3tmPy9a_dx7GKzjSw7EA.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34373
IP address blocks: 185.97.228.0/22 maxlen: 22
185.165.68.0/22 maxlen: 22
45.128.64.0/22 maxlen: 24
86.48.68.0/22 maxlen: 22
91.219.76.0/22 maxlen: 22
77.74.124.0/22 maxlen: 24
185.63.56.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
185.56.52.0/22 maxlen: 22
185.69.204.0/22 maxlen: 22
45.132.40.0/22 maxlen: 22
185.116.40.0/22 maxlen: 23
185.210.128.0/22 maxlen: 24
217.61.253.0/24 maxlen: 24
2a0b:ec00::/29 maxlen: 29
2a00:4140::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 29
2a0b:57c0::/29 maxlen: 36
2a06:900::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 06 May 2024 10:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:00:2b:0e:fa:54:72:a6:4e:75:fc:d1:3d:f0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88c048b27677b663f2f5afddc7b18ace34b0ec40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:06:f2:6e:7c:3d:90:f9:27:e2:8d:28:a6:4d:
0a:8c:5e:60:1d:c0:e4:22:c1:ed:9d:dc:67:13:91:
c6:d4:2f:f7:0c:e6:2c:8a:38:c6:4a:dd:2b:0f:5e:
6e:97:8c:92:08:a2:eb:6f:a0:34:73:71:1b:c5:d0:
9f:cb:10:3d:3e:1d:c9:74:a2:49:37:5f:d2:ec:c4:
c1:ae:93:f0:8d:12:b4:9d:d2:16:ea:83:96:b6:16:
27:2f:97:f3:70:bb:3a:ec:ed:a7:63:5c:ad:e9:ed:
97:9d:b3:85:45:82:9f:32:25:88:81:74:d4:e5:58:
5d:7a:5d:3c:8a:5c:b5:20:e8:89:fe:a9:44:d8:42:
5e:e3:70:c0:78:61:55:ee:2c:56:77:06:58:40:8a:
20:02:5b:64:99:97:86:98:df:16:fc:38:b6:9d:f3:
70:14:4a:29:72:f8:d4:11:45:00:34:61:8f:1f:b3:
94:92:bb:e6:95:10:0f:c4:51:0d:4a:db:75:89:40:
47:81:a7:e3:67:ce:a5:32:f5:f7:55:eb:32:61:08:
4d:9b:a8:9c:a1:a9:0b:0d:d8:a9:f7:b2:e7:09:f7:
2a:82:58:67:b2:10:ee:88:10:65:d8:81:15:d3:ac:
12:c0:18:93:fb:3c:7b:6e:74:00:8e:df:ac:5d:37:
4b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C0:48:B2:76:77:B6:63:F2:F5:AF:DD:C7:B1:8A:CE:34:B0:EC:40
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/iMBIsnZ3tmPy9a_dx7GKzjSw7EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
77.74.124.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
71:ac:9b:de:e8:d3:3f:8d:b1:73:ee:7e:56:28:74:c5:e3:a1:
a3:03:9a:10:4a:7e:15:4a:0e:28:4a:e4:bd:cd:1f:e1:2c:10:
5f:67:ec:a6:a7:a7:f1:f7:34:46:e2:84:ff:4f:1a:60:5e:8c:
c6:73:9c:61:5d:40:93:af:df:07:0f:fd:7d:38:8c:83:b7:2e:
e8:60:e7:60:af:43:b5:82:ee:5b:39:15:06:b2:9a:da:36:6b:
54:c7:61:5e:3b:67:ee:26:94:2b:7f:f4:23:03:82:2a:77:34:
c3:df:d6:71:e5:d1:53:36:ec:4f:4a:e9:4e:80:6d:e4:96:db:
fc:4e:ee:30:12:09:84:c0:2d:e2:77:14:f0:75:3b:41:11:16:
6c:02:bb:0f:df:a2:73:50:2d:50:b0:f7:24:f5:f3:d3:b6:73:
eb:86:77:24:51:91:68:36:9b:f0:c0:0d:a1:3e:0d:e2:cb:65:
d8:98:86:f3:8d:8f:82:25:d0:40:3b:16:4f:72:51:57:b7:4d:
8d:7e:18:4a:d6:c7:83:c7:ef:c4:b5:4e:e0:e4:38:db:4f:26:
0a:33:cf:8d:43:a2:6f:27:d2:73:f6:79:38:8a:ce:1f:b8:59:
49:c3:4d:cb:3d:68:d1:95:6b:b5:57:2a:47:7b:03:32:5d:10:
2c:e0:e1:f6
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYzF3AArDvpUcqZOdfzRPfD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMwNDhiMjc2NzdiNjYzZjJmNWFmZGRjN2IxOGFjZTM0YjBlYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAbybnw9kPkn4o0opk0KjF5gHcDk
IsHtndxnE5HG1C/3DOYsijjGSt0rD15ul4ySCKLrb6A0c3EbxdCfyxA9Ph3JdKJJ
N1/S7MTBrpPwjRK0ndIW6oOWthYnL5fzcLs67O2nY1yt6e2XnbOFRYKfMiWIgXTU
5Vhdel08ily1IOiJ/qlE2EJe43DAeGFV7ixWdwZYQIogAltkmZeGmN8W/Di2nfNw
FEopcvjUEUUANGGPH7OUkrvmlRAPxFENStt1iUBHgafjZ86lMvX3VesyYQhNm6ic
oakLDdip97LnCfcqglhnshDuiBBl2IEV06wSwBiT+zx7bnQAjt+sXTdLEwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFIjASLJ2d7Zj8vWv3cexis40sOxAMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvaU1CSXNuWjN0bVB5OWFfZHg3R0t6alN3N0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBgBAIAATBaAwQCLYBA
AwQCLYQoAwQCTUp8AwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAs
AwQCuWHkAwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMq
AEFAAwUDKgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOC
AQEAcayb3ujTP42xc+5+Vih0xeOhowOaEEp+FUoOKErkvc0f4SwQX2fspqen8fc0
RuKE/08aYF6MxnOcYV1Ak6/fBw/9fTiMg7cu6GDnYK9DtYLuWzkVBrKa2jZrVMdh
Xjtn7iaUK3/0IwOCKnc0w9/WceXRUzbsT0rpToBt5Jbb/E7uMBIJhMAt4ncU8HU7
QREWbAK7D9+ic1AtULD3JPXz07Zz64Z3JFGRaDab8MANoT4N4stl2JiG842PgiXQ
QDsWT3JRV7dNjX4YStbHg8fvxLVO4OQ4208mCjPPjUOibyfSc/Z5OIrOH7hZScNN
yz1o0ZVrtVcqR3sDMl0QLODh9g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:53 2025 by rpki-client