Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/u5jz4V9oYQKALKOfTuwCznpm33A.roa
File: u5jz4V9oYQKALKOfTuwCznpm33A.roa (raw, json)
Hash identifier: PvMI0bKmu6LCRX/QKi7A+GKQal499Q021qefDIgSTsM=
Subject key identifier: BB:98:F3:E1:5F:68:61:02:80:2C:A3:9F:4E:EC:02:CE:7A:66:DF:70
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 018CC64AA4C704ADD5111BA0E99B3E898E61
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/u5jz4V9oYQKALKOfTuwCznpm33A.roa
Signing time: Mon 01 Jan 2024 18:30:29 +0000
ROA not before: Mon 01 Jan 2024 18:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 66.22.245.0/24 maxlen: 24
66.22.244.0/24 maxlen: 24
66.22.246.0/24 maxlen: 24
66.22.242.0/24 maxlen: 24
66.22.241.0/24 maxlen: 24
66.22.243.0/24 maxlen: 24
66.22.248.0/24 maxlen: 24
66.22.247.0/24 maxlen: 24
66.22.196.0/22 maxlen: 22
66.22.200.0/22 maxlen: 22
66.22.204.0/22 maxlen: 22
66.22.208.0/22 maxlen: 22
66.22.212.0/22 maxlen: 22
66.22.216.0/23 maxlen: 23
66.22.218.0/23 maxlen: 23
66.22.220.0/23 maxlen: 23
66.22.222.0/23 maxlen: 23
66.22.224.0/23 maxlen: 23
66.22.226.0/23 maxlen: 23
66.22.231.0/24 maxlen: 24
66.22.230.0/24 maxlen: 24
66.22.233.0/24 maxlen: 24
66.22.232.0/24 maxlen: 24
66.22.234.0/24 maxlen: 24
66.22.236.0/24 maxlen: 24
66.22.238.0/24 maxlen: 24
66.22.237.0/24 maxlen: 24
66.22.240.0/24 maxlen: 24
66.22.239.0/24 maxlen: 24
2a0e:5940:50::/44 maxlen: 44
2a0e:5940:190::/44 maxlen: 44
2a0e:5940:d0::/44 maxlen: 44
2a0e:5940:10::/44 maxlen: 44
2a0e:5940:90::/44 maxlen: 44
2a0e:5940:150::/44 maxlen: 44
2a0e:5940:110::/44 maxlen: 44
2a0e:5940:c0::/44 maxlen: 44
2a0e:5940:180::/44 maxlen: 44
2a0e:5940::/44 maxlen: 44
2a0e:5940:140::/44 maxlen: 44
2a0e:5940:80::/44 maxlen: 44
2a0e:5940:40::/44 maxlen: 44
2a0e:5940:100::/44 maxlen: 44
2a0e:5940:f0::/44 maxlen: 44
2a0e:5940:b0::/44 maxlen: 44
2a0e:5940:130::/44 maxlen: 44
2a0e:5940:170::/44 maxlen: 44
2a0e:5940:70::/44 maxlen: 44
2a0e:5940:30::/44 maxlen: 44
2a0e:5940:e0::/44 maxlen: 44
2a0e:5940:20::/44 maxlen: 44
2a0e:5940:60::/44 maxlen: 44
2a0e:5940:160::/44 maxlen: 44
2a0e:5940:120::/44 maxlen: 44
2a0e:5940:a0::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 26 Mar 2024 23:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a4:c7:04:ad:d5:11:1b:a0:e9:9b:3e:89:8e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 18:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb98f3e15f686102802ca39f4eec02ce7a66df70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:91:b6:05:f8:d4:75:cb:23:23:90:5b:c8:8d:
74:17:e9:01:13:f1:30:ed:71:ad:b9:3e:8b:ea:87:
ce:95:9d:10:96:fd:9d:a0:89:b4:a3:89:8e:ed:cf:
61:2b:bd:4a:3a:dd:e8:95:c6:89:8e:08:6a:3b:13:
70:70:d7:41:60:6c:5b:07:74:6c:f1:93:56:90:18:
f1:78:15:13:7e:57:f3:b1:99:aa:76:a6:bf:7f:fc:
c7:a8:d3:aa:95:81:13:12:e9:c4:b0:84:6b:c5:e4:
de:f5:f0:74:93:8b:bd:cf:55:f3:c8:38:0b:bf:e8:
89:4e:c0:33:4e:a0:0b:00:54:2a:36:e2:2b:79:94:
1d:b8:88:1e:49:0c:37:b3:75:33:5a:24:60:b5:e1:
03:c1:3d:0e:73:da:19:29:5b:97:de:60:b0:22:c5:
2e:4c:e8:52:78:27:a5:60:68:99:17:7e:77:8f:53:
33:e8:7d:8b:5c:e8:9d:0c:44:c0:84:24:65:90:cd:
0a:58:4d:cf:3d:24:40:9f:7e:7f:e6:3d:55:63:ba:
d0:f1:cd:54:42:8b:ce:20:ad:62:21:5d:c8:66:3b:
a7:9b:a6:b4:1c:b9:c5:fa:7b:04:fa:c1:07:f8:d8:
39:ac:68:e6:28:55:9c:1c:e2:f5:25:c0:ef:54:22:
66:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:98:F3:E1:5F:68:61:02:80:2C:A3:9F:4E:EC:02:CE:7A:66:DF:70
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/u5jz4V9oYQKALKOfTuwCznpm33A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.196.0-66.22.227.255
66.22.230.0-66.22.234.255
66.22.236.0-66.22.248.255
IPv6:
2a0e:5940::-2a0e:5940:19f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:5c:6a:9e:4f:91:08:a1:f5:6c:fb:c9:f8:ee:2b:79:d4:ed:
5c:9e:0f:29:c0:c4:0f:c4:12:8f:e0:cf:26:07:3b:60:79:2a:
a5:b5:20:a1:39:a9:d4:e1:ea:4b:48:59:4f:c0:2c:98:a2:eb:
17:54:f3:48:a7:82:48:2f:0e:ee:a1:59:8a:04:3b:10:e8:58:
0a:ef:d4:3f:95:12:84:d6:ed:63:e2:12:ff:21:e3:1f:e7:bf:
e6:59:de:59:0a:4a:af:2c:32:f7:2a:8e:b0:60:4d:e6:3d:c0:
2a:bb:58:e7:a4:ed:a7:c7:a1:29:e4:2b:77:f4:a9:25:62:4e:
38:d9:6f:6c:49:90:11:43:0e:3f:17:c7:33:2d:4d:19:4e:37:
35:38:0d:ec:00:0c:16:f5:37:39:78:56:e0:61:c1:9f:2c:08:
21:68:7c:43:e9:83:1e:d2:ef:ae:ee:da:0b:ff:3d:a9:44:ad:
7b:e6:d9:3f:5b:18:5f:30:79:72:be:b2:fe:78:62:5f:f3:89:
35:72:da:50:55:08:5f:96:92:f8:0e:d9:7d:a9:22:73:69:c9:
e7:d7:45:dd:77:ca:b9:ad:b0:54:1c:98:6c:b0:cd:4f:08:28:
ee:d2:74:22:c5:fb:da:ff:05:5c:06:19:50:17:93:79:77:29:
2b:83:dd:2e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzGSqTHBK3VERug6Zs+iY5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjQwMTAxMTgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk4ZjNlMTVmNjg2MTAyODAyY2EzOWY0ZWVjMDJjZTdhNjZkZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpG2BfjUdcsjI5BbyI10F+kBE/Ew
7XGtuT6L6ofOlZ0Qlv2doIm0o4mO7c9hK71KOt3olcaJjghqOxNwcNdBYGxbB3Rs
8ZNWkBjxeBUTflfzsZmqdqa/f/zHqNOqlYETEunEsIRrxeTe9fB0k4u9z1XzyDgL
v+iJTsAzTqALAFQqNuIreZQduIgeSQw3s3UzWiRgteEDwT0Oc9oZKVuX3mCwIsUu
TOhSeCelYGiZF353j1Mz6H2LXOidDETAhCRlkM0KWE3PPSRAn35/5j1VY7rQ8c1U
QovOIK1iIV3IZjunm6a0HLnF+nsE+sEH+Ng5rGjmKFWcHOL1JcDvVCJmOQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLuY8+FfaGECgCyjn07sAs56Zt9wMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvdTVqejRWOW9ZUUtBTEtPZlR1d0N6bnBtMzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAwBAIAATAqMAwDBAJCFsQD
BAJCFuAwDAMEAUIW5gMEAEIW6jAMAwQCQhbsAwQAQhb4MBgEAgACMBIwEAMFBioO
WUADBwUqDllAAYAwDQYJKoZIhvcNAQELBQADggEBAKRcap5PkQih9Wz7yfjuK3nU
7VyeDynAxA/EEo/gzyYHO2B5KqW1IKE5qdTh6ktIWU/ALJii6xdU80ingkgvDu6h
WYoEOxDoWArv1D+VEoTW7WPiEv8h4x/nv+ZZ3lkKSq8sMvcqjrBgTeY9wCq7WOek
7afHoSnkK3f0qSViTjjZb2xJkBFDDj8XxzMtTRlONzU4DewADBb1Nzl4VuBhwZ8s
CCFofEPpgx7S767u2gv/PalErXvm2T9bGF8weXK+sv54Yl/ziTVy2lBVCF+WkvgO
2X2pInNpyefXRd13yrmtsFQcmGywzU8IKO7SdCLF+9r/BVwGGVAXk3l3KSuD3S4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org