Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/IMwYXKaE9pMQOHDqvWfBDTVVP6o.roa
File: IMwYXKaE9pMQOHDqvWfBDTVVP6o.roa (raw, json)
Hash identifier: J48LukrOsOE+U0e3T/NqyS4A8Fdw4wL6JsQbGb8L654=
Subject key identifier: 20:CC:18:5C:A6:84:F6:93:10:38:70:EA:BD:67:C1:0D:35:55:3F:AA
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65EDFD662E39BBAA8CF89BD5E64A83
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/IMwYXKaE9pMQOHDqvWfBDTVVP6o.roa
Signing time: Sun 01 Jan 2023 08:14:57 +0000
ROA not before: Sun 01 Jan 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.85.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
95.181.212.0/23 maxlen: 23
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Mar 2023 19:19:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ed:fd:66:2e:39:bb:aa:8c:f8:9b:d5:e6:4a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20cc185ca684f693103870eabd67c10d35553faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:01:d0:29:09:25:28:bb:f7:82:c0:0c:f5:
3a:6e:d7:8a:4a:2b:a0:4b:0d:51:7a:b6:d4:be:d4:
32:2f:0d:f5:e1:93:9f:c4:eb:2c:3a:17:f8:19:cb:
1b:25:63:8a:46:42:34:49:3c:17:0b:9a:32:2a:55:
28:c9:5b:d6:fa:68:88:1c:d9:e8:2e:7a:31:d3:55:
50:8d:1d:05:99:80:1e:bc:f9:62:a3:3b:db:bf:b1:
db:83:84:1b:fe:a8:91:82:06:36:4c:8e:6c:10:73:
52:ce:fa:57:a6:9f:b1:cc:9f:55:3a:7b:9e:65:57:
68:53:a7:ca:c5:5e:37:b9:de:3c:a0:ac:dd:b0:a4:
cd:58:ee:39:7a:67:fc:d9:4d:a2:c4:d5:23:63:0d:
ec:21:5d:bc:c6:9c:00:d8:f3:e9:34:d0:09:40:cf:
51:70:16:c8:37:56:6d:90:fe:aa:04:41:cb:f1:03:
70:8d:38:58:c7:07:63:1e:72:0b:b0:8f:7e:f0:f5:
28:ad:27:4b:2f:b2:1d:5b:31:7b:e7:82:c2:db:4a:
ff:90:44:a3:08:fa:d6:8a:8e:45:f3:3e:55:36:37:
c9:56:4c:74:2e:ab:8b:ef:38:84:8b:01:90:d4:38:
96:85:5e:bb:68:a4:27:d8:d2:93:7d:0f:46:db:c5:
54:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CC:18:5C:A6:84:F6:93:10:38:70:EA:BD:67:C1:0D:35:55:3F:AA
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/IMwYXKaE9pMQOHDqvWfBDTVVP6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.68.0/23
93.179.121.0/24
95.85.83.0/24
95.85.85.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:e9:b5:ae:be:f2:4f:45:a0:34:aa:59:91:6d:11:01:7c:9c:
db:be:55:56:5e:87:48:d6:c0:44:b1:ae:5b:48:ca:80:f1:38:
cc:e8:3f:6a:ae:69:a9:f4:db:30:84:dd:0c:b0:f9:dd:2b:fd:
09:bc:d5:2b:0b:76:66:02:11:8b:0f:8b:08:08:e1:59:6a:70:
a3:c4:3b:77:f1:40:d6:2b:01:6a:ec:f2:5e:fd:07:fb:9a:69:
a3:d6:c7:74:03:15:5b:3c:21:de:9b:12:4c:eb:66:72:01:b2:
e4:37:bb:12:f6:a3:94:a9:50:21:19:ad:41:34:bb:f8:1c:3c:
09:be:1f:52:83:c3:9f:09:1b:d9:dc:c6:0b:c6:d2:3f:1e:24:
9e:9f:b5:21:7b:c5:73:76:31:d6:f6:9e:f2:7b:18:75:ff:5c:
49:de:50:26:d5:ab:dc:f7:68:a3:02:a6:34:bd:52:66:b8:1f:
10:a8:33:07:2e:f9:5b:8b:4e:03:e0:68:d0:3e:36:e0:75:70:
16:7f:3a:f6:f7:e2:bb:a6:6c:f7:a1:97:98:f5:23:c3:2b:7a:
4a:71:3f:8a:b8:af:d5:79:c9:4a:9c:5c:18:47:9a:f2:c3:46:
f7:af:ce:2b:51:1c:31:40:ca:eb:86:1c:f1:38:aa:45:21:2d:
ce:a5:75:bf
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVsZe39Zi45u6qM+JvV5kqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGNjMTg1Y2E2ODRmNjkzMTAzODcwZWFiZDY3YzEwZDM1NTUzZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh50B0CkJJSi794LADPU6bteKSiug
Sw1RerbUvtQyLw314ZOfxOssOhf4GcsbJWOKRkI0STwXC5oyKlUoyVvW+miIHNno
Lnox01VQjR0FmYAevPliozvbv7Hbg4Qb/qiRggY2TI5sEHNSzvpXpp+xzJ9VOnue
ZVdoU6fKxV43ud48oKzdsKTNWO45emf82U2ixNUjYw3sIV28xpwA2PPpNNAJQM9R
cBbIN1ZtkP6qBEHL8QNwjThYxwdjHnILsI9+8PUorSdLL7IdWzF754LC20r/kESj
CPrWio5F8z5VNjfJVkx0LquL7ziEiwGQ1DiWhV67aKQn2NKTfQ9G28VU4QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCDMGFymhPaTEDhw6r1nwQ01VT+qMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvSU13WVhLYUU5cE1RT0hEcXZXZkJEVFZWUDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCW8SIAwQA
XbNCAwQBXbNEAwQAXbN5AwQAX1VTAwQAX1VVAwQBX7XUAwQAbcSFAwQAw7YIMBQE
AgACMA4DBQAqBIaAAwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAXOm1rr7yT0Wg
NKpZkW0RAXyc275VVl6HSNbARLGuW0jKgPE4zOg/aq5pqfTbMITdDLD53Sv9CbzV
Kwt2ZgIRiw+LCAjhWWpwo8Q7d/FA1isBauzyXv0H+5ppo9bHdAMVWzwh3psSTOtm
cgGy5De7EvajlKlQIRmtQTS7+Bw8Cb4fUoPDnwkb2dzGC8bSPx4knp+1IXvFc3Yx
1vae8nsYdf9cSd5QJtWr3PdoowKmNL1SZrgfEKgzBy75W4tOA+Bo0D424HVwFn86
9vfiu6Zs96GXmPUjwyt6SnE/iriv1XnJSpxcGEea8sNG96/OK1EcMUDK64Yc8Tiq
RSEtzqV1vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:22 2024 by rpki-client on console-ams.rpki-client.org