Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/AO0dKYAEPxnaHHCvzcLHABi5M14.roa
File: AO0dKYAEPxnaHHCvzcLHABi5M14.roa (raw, json)
Hash identifier: LMop7moTtDBv5z5gAIO8KJfwdHudlFoHeKAJxEMtpkM=
Subject key identifier: 00:ED:1D:29:80:04:3F:19:DA:1C:70:AF:CD:C2:C7:00:18:B9:33:5E
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0186E56FAEF4DC603D07E3889079FD641B8A
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/AO0dKYAEPxnaHHCvzcLHABi5M14.roa
Signing time: Wed 15 Mar 2023 13:22:27 +0000
ROA not before: Wed 15 Mar 2023 13:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34244
IP address blocks: 94.46.136.0/22 maxlen: 22
178.236.65.48/29 maxlen: 29
178.255.112.0/22 maxlen: 22
178.236.73.112/29 maxlen: 29
178.236.73.176/29 maxlen: 29
193.221.219.0/24 maxlen: 24
178.236.72.28/30 maxlen: 30
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
178.236.72.48/28 maxlen: 28
178.236.72.88/29 maxlen: 29
178.236.74.88/29 maxlen: 29
185.121.44.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
94.46.240.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
178.236.73.160/29 maxlen: 29
178.236.73.224/29 maxlen: 29
185.247.236.0/22 maxlen: 22
92.39.32.0/20 maxlen: 20
31.170.28.0/22 maxlen: 22
31.170.26.0/23 maxlen: 23
81.92.196.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.73.200/29 maxlen: 29
193.221.93.0/24 maxlen: 24
37.221.104.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
178.236.73.80/29 maxlen: 29
141.98.236.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
5.180.0.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
195.210.52.0/23 maxlen: 23
178.236.73.128/29 maxlen: 29
45.131.188.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
185.4.8.0/22 maxlen: 22
178.236.64.0/20 maxlen: 20
45.14.4.0/22 maxlen: 22
2a02:80::/32 maxlen: 32
2a02:1610::/32 maxlen: 32
2a02:80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Jul 2023 11:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:6f:ae:f4:dc:60:3d:07:e3:88:90:79:fd:64:1b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Mar 15 13:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00ed1d2980043f19da1c70afcdc2c70018b9335e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:ff:a8:34:3e:62:a9:2e:fe:31:e0:4f:3b:
58:18:33:90:0c:5f:89:33:7c:19:a3:9c:2d:16:fa:
6e:d4:af:a8:61:ca:67:10:9c:e6:b1:66:e5:0f:46:
39:a0:b2:31:29:01:5e:f8:40:68:6a:fc:0f:27:91:
ab:17:7d:01:8e:1a:d6:bf:23:79:37:50:c1:91:35:
7c:11:ca:5e:f9:ec:d3:70:86:2e:9f:22:3a:82:e2:
1d:e7:33:08:05:8d:35:7c:d2:08:e4:f4:4a:97:9b:
7b:74:14:6e:e2:16:46:e5:e0:ec:0f:80:e9:3f:b8:
d8:bf:13:e6:6c:b8:25:5e:dc:fd:1a:ef:60:09:8f:
6f:ed:9b:af:e3:3f:ba:88:f8:47:f4:11:6f:7a:77:
56:4a:2c:dd:d4:e1:c4:ed:1d:50:b7:32:73:dd:b6:
a4:97:c2:0c:7e:78:23:f1:39:10:f5:48:b7:99:43:
e5:f4:d8:90:3c:4c:8e:26:6c:9c:c9:da:28:b0:e6:
66:8f:8a:9b:d1:f2:04:86:e4:29:c7:22:da:9b:f0:
60:f3:53:6f:d9:c5:aa:b0:7b:3f:57:99:a3:e6:ea:
79:49:47:77:4c:32:dd:aa:27:7e:45:cb:bd:4b:21:
2c:0a:2b:62:fe:ae:df:6a:4c:38:dd:d6:34:d3:56:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:ED:1D:29:80:04:3F:19:DA:1C:70:AF:CD:C2:C7:00:18:B9:33:5E
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/AO0dKYAEPxnaHHCvzcLHABi5M14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
8f:e6:be:a1:52:95:8f:22:01:75:e7:5e:3e:33:91:52:c2:ec:
2e:3a:09:fd:24:4a:6b:b4:bc:ba:d5:2b:71:69:16:11:e8:98:
39:46:34:ef:da:31:d2:71:ad:2e:2b:ae:2b:3d:6a:19:71:12:
cd:7e:09:d3:b5:92:9e:1a:c0:37:79:11:f4:cb:22:7f:e1:9a:
d7:f8:79:9c:1a:93:ef:f6:09:37:d1:27:a6:91:4a:1c:ef:6e:
43:9a:00:e8:a5:14:5a:44:77:36:dd:67:69:c1:92:33:5f:86:
84:dc:b6:25:c4:5a:40:90:18:a4:61:54:80:21:df:d5:90:fc:
09:cf:2f:d4:c2:a1:54:ac:c7:6d:57:67:a1:26:2d:fc:6a:7a:
8c:b1:c5:68:08:22:ad:4f:65:41:a0:a4:39:5b:be:fe:89:8d:
a0:df:c4:78:5c:cb:d9:15:2d:f0:5b:29:58:45:e1:86:80:37:
c2:75:85:9e:90:d8:8a:85:bc:be:b2:16:c6:3c:65:36:3b:37:
21:1a:03:86:06:0a:e0:23:1d:04:29:30:18:5f:34:f9:f9:5b:
d7:c4:3d:57:0c:f6:36:c9:3d:ea:c1:61:f1:6d:51:19:83:55:
bf:a5:74:9c:7a:6f:f6:ca:b7:19:07:8a:1d:99:ac:8d:07:00:
9f:70:b4:38
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYblb6703GA9B+OIkHn9ZBuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwMzE1MTMyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVkMWQyOTgwMDQzZjE5ZGExYzcwYWZjZGMyYzcwMDE4YjkzMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqD/qDQ+Yqku/jHgTztYGDOQDF+J
M3wZo5wtFvpu1K+oYcpnEJzmsWblD0Y5oLIxKQFe+EBoavwPJ5GrF30BjhrWvyN5
N1DBkTV8Ecpe+ezTcIYunyI6guId5zMIBY01fNII5PRKl5t7dBRu4hZG5eDsD4Dp
P7jYvxPmbLglXtz9Gu9gCY9v7Zuv4z+6iPhH9BFvendWSizd1OHE7R1QtzJz3bak
l8IMfngj8TkQ9Ui3mUPl9NiQPEyOJmycydoosOZmj4qb0fIEhuQpxyLam/Bg81Nv
2cWqsHs/V5mj5up5SUd3TDLdqid+Rcu9SyEsCiti/q7fakw43dY001aFPwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFADtHSmABD8Z2hxwr83CxwAYuTNeMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvQU8wZEtZQUVQeG5hSEhDdnpjTEhBQmk1TTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB0wQCAAEwgcwDBAIF
tAADBAMfqhgDBAIl3WgDBAItCJgDBAItDgQDBAItXegDBAItg7wDBAItmKwDBAJR
XMQDBAJRXNwDBAZVHoADBARcJyADBAJeLogDBAJeLvADBAOAf7gDBAKNYuwDBAOb
iRgDBASy7EADBAKy/3ADBAK5BAgDBAK5eSwDBAK5sBwDBAK5uiADBAK5xeADBAK5
2JgDBAK53+wDBAK58NADBAK59+wDBAK8QjADBADB3V0DBADB3XgDBADB3XsDBADB
3dsDBAHD0jQwFAQCAAIwDgMFAyoCAIADBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCP5r6hUpWPIgF1514+M5FSwuwuOgn9JEprtLy61StxaRYR6Jg5RjTv2jHSca0u
K64rPWoZcRLNfgnTtZKeGsA3eRH0yyJ/4ZrX+HmcGpPv9gk30SemkUoc725DmgDo
pRRaRHc23WdpwZIzX4aE3LYlxFpAkBikYVSAId/VkPwJzy/UwqFUrMdtV2ehJi38
anqMscVoCCKtT2VBoKQ5W77+iY2g38R4XMvZFS3wWylYReGGgDfCdYWekNiKhby+
shbGPGU2OzchGgOGBgrgIx0EKTAYXzT5+VvXxD1XDPY2yT3qwWHxbVEZg1W/pXSc
em/2yrcZB4odmayNBwCfcLQ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:05 2024 by rpki-client on console-ams.rpki-client.org