Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/imsH67fS85fRPU6UE5mbDS99RS4.roa
File: imsH67fS85fRPU6UE5mbDS99RS4.roa (raw, json)
Hash identifier: 49XsJqKs3w81DddRZ4dNRz0wkNE7H8cQS7SZtDy8ErM=
Subject key identifier: 8A:6B:07:EB:B7:D2:F3:97:D1:3D:4E:94:13:99:9B:0D:2F:7D:45:2E
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018B8C44B95277AAE1649C2EBF116035F57D
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/imsH67fS85fRPU6UE5mbDS99RS4.roa
Signing time: Wed 01 Nov 2023 19:03:15 +0000
ROA not before: Wed 01 Nov 2023 19:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
139.28.240.0/22 maxlen: 22
5.133.100.0/22 maxlen: 22
31.40.204.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
194.169.92.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
37.221.76.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
176.96.128.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
194.93.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 11 Nov 2023 19:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:44:b9:52:77:aa:e1:64:9c:2e:bf:11:60:35:f5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 1 19:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a6b07ebb7d2f397d13d4e9413999b0d2f7d452e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2e:60:0b:d2:65:77:02:c7:f1:ea:16:40:d4:
ab:d5:88:de:07:39:24:83:f1:7a:a1:ac:72:96:af:
d6:a1:03:db:05:8b:c3:5c:8b:3f:ac:e4:a8:34:42:
7a:df:b9:5c:54:b5:1b:7c:ad:d9:25:37:c0:60:0c:
90:83:a6:72:73:10:d2:09:78:34:7a:9d:1c:5f:fc:
c8:be:7d:c5:57:e7:75:19:e8:81:77:f7:4f:49:bb:
f4:50:bb:60:6f:ca:e2:25:2a:9e:38:b8:ef:08:13:
ed:d2:bf:7a:c1:c5:da:15:ce:a7:45:c5:09:a9:66:
74:97:1a:d6:57:ee:40:65:95:6e:6e:92:52:aa:9c:
53:f9:e4:12:a7:fd:ac:cd:13:f3:b1:97:e0:82:c5:
ab:cd:cd:65:7a:6c:38:8a:02:38:c9:68:82:19:d1:
61:75:91:60:75:4f:0f:91:04:a3:13:53:aa:fa:c3:
5a:a3:67:e0:a9:52:9d:3f:a3:74:c7:55:f8:a2:aa:
d2:81:33:e0:74:19:35:a0:c6:ac:dd:02:ea:19:25:
fd:0e:4d:2b:f6:b1:b4:02:2a:8d:eb:be:7f:31:b8:
22:f6:3e:57:23:c5:ef:0d:79:97:f0:d7:68:73:33:
ca:03:f5:a3:1d:11:97:79:d4:27:d9:1d:44:49:f6:
cd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6B:07:EB:B7:D2:F3:97:D1:3D:4E:94:13:99:9B:0D:2F:7D:45:2E
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/imsH67fS85fRPU6UE5mbDS99RS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
37.221.76.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
139.28.48.0/22
139.28.240.0/22
176.53.156.0/22
176.96.128.0/22
188.119.68.0/22
194.93.48.0/22
194.93.60.0/22
194.169.92.0/22
212.87.196.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
62:9b:03:d7:6b:2c:91:7d:c4:02:a8:21:95:72:14:03:32:1f:
5b:15:f4:fb:a0:07:7e:c1:03:bb:a1:f6:df:35:21:60:aa:c7:
a3:ce:da:11:f5:8d:b5:1a:cc:00:c0:95:23:b0:de:f3:39:06:
8a:86:71:1d:d1:13:d3:55:87:6b:e5:2e:fd:e1:ca:47:06:69:
ce:e2:b3:78:b4:f8:90:e2:bd:08:d5:cd:9b:07:a3:43:28:da:
77:e3:f2:bf:99:6f:30:4d:9d:fe:c4:51:99:d6:ee:05:08:65:
bc:14:e9:1b:3c:39:17:b6:9a:dd:b2:50:30:85:4e:c4:c8:33:
c7:6c:f2:40:45:a4:45:aa:ab:f2:36:32:8a:b6:15:af:01:32:
9f:ae:f8:dc:7c:0d:6a:70:68:cf:09:85:13:9e:39:0b:dd:7a:
4c:ef:8b:db:03:2a:07:90:f9:8d:78:81:b8:6e:ea:fb:9d:13:
fd:7a:9b:a9:ef:6a:42:53:47:15:2b:43:ed:5a:1d:5f:35:b0:
1f:a7:ee:e8:98:3d:41:01:60:94:4c:5f:ff:aa:7c:1f:7f:e3:
3d:91:2b:36:cb:fd:29:fb:e4:86:f6:9b:29:fb:b9:98:b3:e5:
d0:8f:61:b1:3f:b6:6d:c2:9b:c3:5c:3b:ba:36:19:79:09:15:
b7:8a:4d:f2
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYuMRLlSd6rhZJwuvxFgNfV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMTAxMTkwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZiMDdlYmI3ZDJmMzk3ZDEzZDRlOTQxMzk5OWIwZDJmN2Q0NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS5gC9JldwLH8eoWQNSr1YjeBzkk
g/F6oaxylq/WoQPbBYvDXIs/rOSoNEJ637lcVLUbfK3ZJTfAYAyQg6ZycxDSCXg0
ep0cX/zIvn3FV+d1GeiBd/dPSbv0ULtgb8riJSqeOLjvCBPt0r96wcXaFc6nRcUJ
qWZ0lxrWV+5AZZVubpJSqpxT+eQSp/2szRPzsZfggsWrzc1lemw4igI4yWiCGdFh
dZFgdU8PkQSjE1Oq+sNao2fgqVKdP6N0x1X4oqrSgTPgdBk1oMas3QLqGSX9Dk0r
9rG0AiqN675/Mbgi9j5XI8XvDXmX8NdoczPKA/WjHRGXedQn2R1ESfbNQQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIprB+u30vOX0T1OlBOZmw0vfUUuMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvaW1zSDY3ZlM4NWZSUFU2VUU1bWJEUzk5UlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCBYVkAwQC
HyjMAwQCJd1MAwQCU6v0AwQCVQigAwQCXPk8AwQCixwwAwQCixzwAwQCsDWcAwQC
sGCAAwQCvHdEAwQCwl0wAwQCwl08AwQCwqlcAwQC1FfEAwQC1GsEMA0GCSqGSIb3
DQEBCwUAA4IBAQBimwPXayyRfcQCqCGVchQDMh9bFfT7oAd+wQO7ofbfNSFgqsej
ztoR9Y21GswAwJUjsN7zOQaKhnEd0RPTVYdr5S794cpHBmnO4rN4tPiQ4r0I1c2b
B6NDKNp34/K/mW8wTZ3+xFGZ1u4FCGW8FOkbPDkXtprdslAwhU7EyDPHbPJARaRF
qqvyNjKKthWvATKfrvjcfA1qcGjPCYUTnjkL3XpM74vbAyoHkPmNeIG4bur7nRP9
epup72pCU0cVK0PtWh1fNbAfp+7omD1BAWCUTF//qnwff+M9kSs2y/0p++SG9psp
+7mYs+XQj2GxP7ZtwpvDXDu6Nhl5CRW3ik3y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org