Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ICvhJUxPXV92BTD29-F_fZpmR9s.roa
File: ICvhJUxPXV92BTD29-F_fZpmR9s.roa (raw, json)
Hash identifier: Yn1mmetTf48eaKMaFToEPc9cdGqbcdpbfOSju3u/Gag=
Subject key identifier: 20:2B:E1:25:4C:4F:5D:5F:76:05:30:F6:F7:E1:7F:7D:9A:66:47:DB
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01856E141F78402721DA06E36415A604EA6E
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ICvhJUxPXV92BTD29-F_fZpmR9s.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
5.133.100.0/23 maxlen: 23
5.133.102.0/23 maxlen: 23
31.40.204.0/23 maxlen: 23
31.40.206.0/23 maxlen: 23
212.107.4.0/23 maxlen: 23
212.107.6.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
139.28.212.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
193.187.108.0/22 maxlen: 22
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 20 Jan 2023 05:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1f:78:40:27:21:da:06:e3:64:15:a6:04:ea:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=202be1254c4f5d5f760530f6f7e17f7d9a6647db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f9:8f:2f:fc:3a:63:a1:67:b0:ee:92:b1:61:
77:c6:24:34:25:fc:7a:71:b5:d2:0c:ef:12:1f:57:
f3:32:03:b4:d3:f9:9c:75:0e:ed:59:94:df:47:36:
5a:23:9c:56:69:26:79:8e:f3:bc:3d:27:92:8d:6f:
2d:3b:9a:f0:99:f8:12:09:77:18:16:5e:65:fb:0d:
1e:66:0b:6d:c4:23:b8:82:f9:03:68:41:9d:34:b9:
ac:43:fc:bc:92:e8:d6:ec:2f:c9:c2:c2:ec:12:03:
b5:51:6e:6c:13:e5:01:f4:65:a5:db:eb:65:8b:30:
2d:74:35:10:4e:cb:c7:ca:22:0f:42:97:a0:dd:cf:
9a:4c:93:41:01:6a:a7:3d:10:2e:8e:07:09:84:b1:
f0:64:db:26:7f:55:b4:36:c9:96:fc:0d:e5:96:ac:
72:d6:9b:3e:73:8f:d1:89:a2:4c:fb:ed:87:99:28:
fd:12:74:b4:5d:1e:16:b0:ad:ce:51:17:ff:ea:82:
e6:14:62:96:eb:0e:b0:6b:9d:e5:b4:49:7a:e7:8e:
22:0a:f4:b3:5c:c0:3b:fd:4c:f0:f4:85:3c:0a:18:
99:0b:70:bb:2d:30:86:fe:c0:ee:1b:96:d7:1c:63:
49:b4:ea:f6:6c:da:43:2b:51:bd:11:ea:59:58:4b:
e8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2B:E1:25:4C:4F:5D:5F:76:05:30:F6:F7:E1:7F:7D:9A:66:47:DB
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ICvhJUxPXV92BTD29-F_fZpmR9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
62.182.32.0/22
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
139.28.212.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.187.108.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
69:22:83:e5:f5:d4:41:d7:a0:c5:b4:8e:d6:c2:1e:d5:3a:07:
b3:28:38:aa:fc:18:bd:99:76:39:d7:f0:95:78:73:c5:b3:ae:
ff:29:d2:1c:74:92:e6:7a:4d:43:6c:8b:8b:e7:7f:0f:5c:01:
5b:b0:39:da:20:0f:8c:3e:0b:15:98:da:e2:d7:0e:ec:b0:d7:
ed:6c:0d:97:53:31:21:bd:d5:58:2f:5d:34:7f:a0:c2:53:ed:
6f:45:eb:ab:62:d4:74:bf:99:18:d8:32:7b:8c:ad:df:e0:95:
86:6d:de:f3:3a:93:6b:f5:91:ef:cc:02:cc:75:22:5b:a2:8c:
d0:b2:0e:0b:d0:d4:8e:ec:55:50:9c:ed:8b:3e:78:af:35:76:
77:ff:f5:3c:a8:60:20:ab:52:9d:76:66:b4:8b:3c:9c:c5:2e:
5a:c7:0a:78:3e:57:ac:b2:af:81:d6:f3:77:72:a8:33:36:23:
ad:65:c2:22:51:0c:6e:9f:77:b4:aa:8d:16:77:7d:9c:ce:65:
d1:46:95:d6:55:77:c3:5d:53:5d:24:84:80:04:c2:61:e3:6e:
5a:b7:7e:88:be:ad:90:4f:89:51:12:dc:56:7b:79:02:d7:1e:
29:60:2e:72:35:a8:67:ae:ec:64:11:19:b9:b1:3e:03:06:fd:
e0:2f:6c:fe
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVuFB94QCch2gbjZBWmBOpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJiZTEyNTRjNGY1ZDVmNzYwNTMwZjZmN2UxN2Y3ZDlhNjY0N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/mPL/w6Y6FnsO6SsWF3xiQ0Jfx6
cbXSDO8SH1fzMgO00/mcdQ7tWZTfRzZaI5xWaSZ5jvO8PSeSjW8tO5rwmfgSCXcY
Fl5l+w0eZgttxCO4gvkDaEGdNLmsQ/y8kujW7C/JwsLsEgO1UW5sE+UB9GWl2+tl
izAtdDUQTsvHyiIPQpeg3c+aTJNBAWqnPRAujgcJhLHwZNsmf1W0NsmW/A3llqxy
1ps+c4/RiaJM++2HmSj9EnS0XR4WsK3OURf/6oLmFGKW6w6wa53ltEl6544iCvSz
XMA7/Uzw9IU8ChiZC3C7LTCG/sDuG5bXHGNJtOr2bNpDK1G9EepZWEvodQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCAr4SVMT11fdgUw9vfhf32aZkfbMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvSUN2aEpVeFBYVjkyQlREMjktRl9mWnBtUjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBYVkAwQC
HyjMAwQCPrYgAwQCVDYAAwQCVQiQAwQCVQigAwQCXPk8AwQCixzUAwQCixzwAwQC
sDWcAwQCwSDMAwQCwbtsAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQBpIoPl9dRB
16DFtI7Wwh7VOgezKDiq/Bi9mXY51/CVeHPFs67/KdIcdJLmek1DbIuL538PXAFb
sDnaIA+MPgsVmNri1w7ssNftbA2XUzEhvdVYL100f6DCU+1vReurYtR0v5kY2DJ7
jK3f4JWGbd7zOpNr9ZHvzALMdSJboozQsg4L0NSO7FVQnO2LPnivNXZ3//U8qGAg
q1Kddma0izycxS5axwp4Plessq+B1vN3cqgzNiOtZcIiUQxun3e0qo0Wd32czmXR
RpXWVXfDXVNdJISABMJh425at36Ivq2QT4lREtxWe3kC1x4pYC5yNahnruxkERm5
sT4DBv3gL2z+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org