Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-0y4nKBWaXNBa1LgCbMRvsB_TYU.roa
File: 1-0y4nKBWaXNBa1LgCbMRvsB_TYU.roa (raw, json)
Hash identifier: 5mDruTomjv7SzqBlCQFuWKBpGWXVr0/065MitioZ4OM=
Subject key identifier: FB:4C:B8:9C:A0:56:69:73:41:6B:52:E0:09:B3:11:BE:C0:7F:4D:85
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018BF9BFD9753DA2CA140AEA3E65FA83F873
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-0y4nKBWaXNBa1LgCbMRvsB_TYU.roa
Signing time: Thu 23 Nov 2023 01:16:21 +0000
ROA not before: Thu 23 Nov 2023 01:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 949
IP address blocks: 141.98.196.0/22 maxlen: 24
80.66.196.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/22 maxlen: 24
94.124.116.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
195.245.219.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
91.200.240.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
185.222.221.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
2a06:57c0::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Dec 2023 15:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f9:bf:d9:75:3d:a2:ca:14:0a:ea:3e:65:fa:83:f8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 23 01:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb4cb89ca0566973416b52e009b311bec07f4d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:38:3d:64:b3:95:1c:67:79:eb:cc:8b:3e:db:
69:d4:47:fd:6d:15:72:a1:52:d0:2b:47:f2:6d:b8:
f5:d4:50:5f:39:9f:4e:e4:f7:64:ab:a6:3c:86:f2:
4c:11:39:c0:aa:59:a6:70:f9:d0:5c:80:a7:1c:0e:
59:da:b5:1b:2b:fc:00:d8:73:a5:3c:be:30:99:87:
d3:3d:b6:32:5b:8d:64:c5:16:30:24:7e:2f:5c:8e:
a6:27:86:0c:9f:37:82:b6:af:43:2d:b0:e0:95:d0:
a3:c3:cb:68:22:64:79:55:35:fa:83:c2:11:6a:de:
57:33:dc:5d:1c:07:75:5e:75:5a:48:df:8c:23:1c:
22:71:03:ef:67:ef:e1:6f:ea:f7:79:83:23:79:1d:
8d:41:0e:9b:74:24:9a:c3:c9:8d:45:27:ef:48:09:
c0:fe:92:40:b9:da:93:ca:4d:6b:0b:18:bc:ba:6d:
77:82:ab:f8:18:b5:dd:37:da:35:64:8e:0d:37:a6:
89:fc:27:47:4c:a7:70:8c:8b:ae:e8:51:9b:24:3f:
12:a2:96:68:f1:5b:5a:90:81:4b:70:e0:e2:d6:4b:
6c:c3:59:31:f4:da:a7:a7:47:95:87:b7:39:6b:6b:
f4:b7:28:88:19:7f:c8:b2:38:74:ec:ca:5e:75:44:
c4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4C:B8:9C:A0:56:69:73:41:6B:52:E0:09:B3:11:BE:C0:7F:4D:85
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-0y4nKBWaXNBa1LgCbMRvsB_TYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.130.20.0/22
45.139.192.0/22
45.141.44.0/22
45.142.124.0/22
45.143.232.0/22
80.66.196.0/22
91.200.240.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.213.151.0/24
185.222.216.0/21
193.32.148.0/22
194.104.144.0/24
194.104.152.0/22
194.114.136.0/24
194.169.54.0/23
195.245.219.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:6::/32
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
78:f8:76:f1:d4:a8:30:68:e0:2e:bd:35:95:63:ce:3b:b9:71:
88:31:1b:78:83:f0:4b:63:e5:7f:8d:bf:bb:58:eb:72:ad:f2:
2e:e7:e8:9b:fd:74:93:a7:0c:7e:f7:dd:d6:ff:f4:7a:60:c6:
22:e2:25:06:0e:50:4b:76:ec:5b:05:f1:98:1b:b0:e4:87:6c:
06:bd:ed:07:6c:da:9a:ea:cb:c4:e3:61:c3:55:6b:97:9b:e2:
67:87:ea:bf:e0:1e:eb:7f:f7:2f:18:a1:4e:9c:a4:7f:f9:f2:
68:03:e9:65:cb:da:e8:ee:fa:43:9c:d1:5c:0e:dd:3e:a2:43:
e1:89:fd:18:0f:d7:ce:89:ef:6a:f2:d9:60:a8:90:9f:50:47:
66:5d:de:0c:3a:68:1c:31:aa:47:08:1c:f6:78:b9:b1:a5:ec:
53:55:83:aa:c7:3c:3f:40:b3:36:f7:67:18:ec:b1:91:d5:13:
a4:b5:44:af:43:21:c9:af:22:15:f1:53:44:ac:c6:67:92:86:
86:2d:bc:05:7f:8f:8f:ab:6b:45:e8:01:87:1f:93:f9:0d:70:
e0:33:c8:93:44:f5:d2:a5:70:57:4f:c7:9f:ce:ee:8c:71:9d:
9d:5e:eb:58:31:51:44:e1:a4:d4:ad:35:ae:10:a7:82:0e:4b:
66:70:4b:cf
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAYv5v9l1PaLKFArqPmX6g/hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMTIzMDExNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRjYjg5Y2EwNTY2OTczNDE2YjUyZTAwOWIzMTFiZWMwN2Y0ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozg9ZLOVHGd568yLPttp1Ef9bRVy
oVLQK0fybbj11FBfOZ9O5Pdkq6Y8hvJMETnAqlmmcPnQXICnHA5Z2rUbK/wA2HOl
PL4wmYfTPbYyW41kxRYwJH4vXI6mJ4YMnzeCtq9DLbDgldCjw8toImR5VTX6g8IR
at5XM9xdHAd1XnVaSN+MIxwicQPvZ+/hb+r3eYMjeR2NQQ6bdCSaw8mNRSfvSAnA
/pJAudqTyk1rCxi8um13gqv4GLXdN9o1ZI4NN6aJ/CdHTKdwjIuu6FGbJD8SopZo
8VtakIFLcODi1ktsw1kx9Nqnp0eVh7c5a2v0tyiIGX/Isjh07MpedUTEtQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFPtMuJygVmlzQWtS4AmzEb7Af02FMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMS0weTRuS0JXYVhOQmExTGdDYk1SdnNCX1RZVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRl
MS8xL3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASEGCCsGAQUFBwEHAQH/BIIBEDCCAQwwgZ8EAgABMIGY
AwQCLVdcAwQCLYIUAwQCLYvAAwQCLY0sAwQCLY58AwQCLY/oAwQCUELEAwQCW8jw
AwQCXnx0AwQCX9akAwQCjWLEAwQClT4sAwQCucI0AwQCuchAAwQAudWXAwQDud7Y
AwQCwSCUAwQAwmiQAwQCwmiYAwQAwnKIAwQBwqk2AwQAw/XbAwQAw/XlMAwDBADD
9fEDBADD9fIwaAQCAAIwYgMFAyoGT8ADBQMqBlfAAwUDKgfpAAMFAyoH+gADBQAq
CQAGAwUDKgztQAMFAyoNH8ADBQMqDTZAAwUDKg1DQAMFAyoNS8ADBQMqDXVAAwUD
Kg3egAMFAyoOYgADBQMqECYAMA0GCSqGSIb3DQEBCwUAA4IBAQB4+Hbx1KgwaOAu
vTWVY847uXGIMRt4g/BLY+V/jb+7WOtyrfIu5+ib/XSTpwx+993W//R6YMYi4iUG
DlBLduxbBfGYG7Dkh2wGve0HbNqa6svE42HDVWuXm+Jnh+q/4B7rf/cvGKFOnKR/
+fJoA+lly9ro7vpDnNFcDt0+okPhif0YD9fOie9q8tlgqJCfUEdmXd4MOmgcMapH
CBz2eLmxpexTVYOqxzw/QLM292cY7LGR1ROktUSvQyHJryIV8VNErMZnkoaGLbwF
f4+Pq2tF6AGHH5P5DXDgM8iTRPXSpXBXT8efzu6McZ2dXutYMVFE4aTUrTWuEKeC
DktmcEvP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org