Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8T5bS5PTYVt_XcGwtY7_r4BBg7g.roa
File: 8T5bS5PTYVt_XcGwtY7_r4BBg7g.roa (raw, json)
Hash identifier: ValpZIxxS7ZRibMQn4SCsFi+ZsuNegY1QBy1Rs7Otyo=
Subject key identifier: F1:3E:5B:4B:93:D3:61:5B:7F:5D:C1:B0:B5:8E:FF:AF:80:41:83:B8
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018BF9BFDC0479103F8194C727D119EBC5F2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8T5bS5PTYVt_XcGwtY7_r4BBg7g.roa
Signing time: Thu 23 Nov 2023 01:16:22 +0000
ROA not before: Thu 23 Nov 2023 01:16:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.223.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.22.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f9:bf:dc:04:79:10:3f:81:94:c7:27:d1:19:eb:c5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 23 01:16:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f13e5b4b93d3615b7f5dc1b0b58effaf804183b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:23:6f:64:5a:d3:b8:6b:50:e0:2a:56:b4:3e:
af:65:b2:54:a5:68:a9:70:bd:49:5d:b3:73:c3:52:
57:8d:b3:2d:17:9b:7a:46:36:62:4d:ad:5d:cd:e8:
cf:87:00:09:7d:26:bb:dd:71:08:26:6f:a4:54:1a:
b0:cb:06:30:cb:af:62:a4:ac:16:f9:ed:72:08:63:
17:cc:54:50:51:c0:32:09:d3:06:b4:7a:1c:56:f3:
d8:0a:05:fa:0c:67:5b:d6:7e:f0:da:62:cd:f3:3f:
4b:66:1f:9b:be:6f:e7:a8:46:24:93:97:bd:5e:a6:
ce:c2:92:ad:0c:b6:06:dd:70:c6:87:f4:7e:1c:08:
47:48:56:d2:7e:41:4f:ca:a3:a8:7a:6b:53:c8:28:
4c:37:9d:75:08:81:6e:bc:98:37:f7:e9:9f:82:80:
14:34:bf:89:d7:6f:93:b5:e2:d9:e9:30:4a:22:10:
9f:92:82:0a:28:c0:4d:4d:ac:a3:37:c5:29:1c:6c:
01:0c:73:14:01:9d:19:76:38:df:31:14:b3:85:78:
c7:62:6a:5e:c0:51:ee:22:95:34:a1:4b:16:e6:0a:
2e:d5:bd:74:6c:ca:d5:a7:bb:af:52:3b:5f:8e:15:
a7:ce:09:8f:a9:cb:9b:a3:38:f7:95:2d:c1:d1:14:
86:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3E:5B:4B:93:D3:61:5B:7F:5D:C1:B0:B5:8E:FF:AF:80:41:83:B8
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8T5bS5PTYVt_XcGwtY7_r4BBg7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
79.143.140.0/22
88.214.22.0/24
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.184.223.0/24
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
94:46:ca:04:17:67:c8:46:7b:d0:7c:9f:4c:37:1c:c6:83:d0:
cd:3d:e3:c7:80:64:47:31:59:54:5f:e6:6d:66:88:42:30:8e:
f3:a0:e9:d1:98:0f:13:ad:73:f0:a0:b2:29:4b:b8:68:0e:8a:
e8:b6:76:5c:dc:12:f7:8c:3f:97:c0:21:a2:1a:8b:e1:8a:76:
96:a7:4d:ce:ca:a2:a1:6c:54:bf:65:dc:09:29:33:ac:be:49:
78:87:03:b6:68:01:e5:aa:74:50:de:c9:58:1d:41:23:6b:cd:
1a:de:03:35:05:b1:ec:21:b6:eb:3c:94:b8:47:c1:9c:2d:73:
21:3a:6d:22:44:5f:ec:85:26:47:85:27:e9:c6:05:3a:59:5b:
93:aa:cb:76:c6:4d:33:fd:63:28:50:b7:58:9f:7a:7a:cf:57:
70:2f:17:ae:2a:19:69:8f:15:5f:cc:06:a1:71:26:35:b4:47:
7b:04:3e:d6:cc:d0:ba:cb:30:9c:35:47:a4:70:94:f2:14:db:
e0:dd:81:93:c3:1a:7e:bb:96:2c:e1:19:88:1d:b8:02:e1:47:
d0:ab:73:8c:7e:88:d7:f0:43:a2:34:b0:cb:3c:bf:ac:7c:d4:
9e:21:cd:2f:0a:57:f6:6e:33:c0:42:5c:78:0b:b5:aa:1e:05:
49:06:84:c1
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAYv5v9wEeRA/gZTHJ9EZ68XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMTIzMDExNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNlNWI0YjkzZDM2MTViN2Y1ZGMxYjBiNThlZmZhZjgwNDE4M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCNvZFrTuGtQ4CpWtD6vZbJUpWip
cL1JXbNzw1JXjbMtF5t6RjZiTa1dzejPhwAJfSa73XEIJm+kVBqwywYwy69ipKwW
+e1yCGMXzFRQUcAyCdMGtHocVvPYCgX6DGdb1n7w2mLN8z9LZh+bvm/nqEYkk5e9
XqbOwpKtDLYG3XDGh/R+HAhHSFbSfkFPyqOoemtTyChMN511CIFuvJg39+mfgoAU
NL+J12+TteLZ6TBKIhCfkoIKKMBNTayjN8UpHGwBDHMUAZ0ZdjjfMRSzhXjHYmpe
wFHuIpU0oUsW5gou1b10bMrVp7uvUjtfjhWnzgmPqcubozj3lS3B0RSGzwIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFPE+W0uT02Fbf13BsLWO/6+AQYO4MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvOFQ1YlM1UFRZVnRfWGNHd3RZN19yNEJCZzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB8wQCAAEwgewD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAAtghUwDAMEAC2O
fQMEBy2OAAMEAi2P6AMEAi2VnAMEAi2fMAMEAk+PjAMEAFjWFgMEAFvI8AMEAVvI
8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQAlT4sAwQB
lT4uAwQCsHeUAwQAubjfAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQA
wiQYMAwDBADCaJkDBALCaJgDBADCqTYDBADD9dswDAMEAMP18QMEAMP18jAVBAIA
AjAPAwYEKgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQCURsoEF2fIRnvQ
fJ9MNxzGg9DNPePHgGRHMVlUX+ZtZohCMI7zoOnRmA8TrXPwoLIpS7hoDorotnZc
3BL3jD+XwCGiGovhinaWp03OyqKhbFS/ZdwJKTOsvkl4hwO2aAHlqnRQ3slYHUEj
a80a3gM1BbHsIbbrPJS4R8GcLXMhOm0iRF/shSZHhSfpxgU6WVuTqst2xk0z/WMo
ULdYn3p6z1dwLxeuKhlpjxVfzAahcSY1tEd7BD7WzNC6yzCcNUekcJTyFNvg3YGT
wxp+u5Ys4RmIHbgC4UfQq3OMfojX8EOiNLDLPL+sfNSeIc0vClf2bjPAQlx4C7Wq
HgVJBoTB
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:42 2024 by rpki-client on console-ams.rpki-client.org