Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_5xE7K5sLhko0SUR5A8dhUwPIOA.roa
File: _5xE7K5sLhko0SUR5A8dhUwPIOA.roa (raw, json)
Hash identifier: DP0mAIX0ZSEn42bvfSWwfEnqorsxBzMe/NrHKydfoak=
Subject key identifier: FF:9C:44:EC:AE:6C:2E:19:28:D1:25:11:E4:0F:1D:85:4C:0F:20:E0
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018752FD73C796A3EFA7F30C6233E349DA07
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_5xE7K5sLhko0SUR5A8dhUwPIOA.roa
Signing time: Wed 05 Apr 2023 19:55:54 +0000
ROA not before: Wed 05 Apr 2023 19:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.223.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.22.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:fd:73:c7:96:a3:ef:a7:f3:0c:62:33:e3:49:da:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 5 19:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff9c44ecae6c2e1928d12511e40f1d854c0f20e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:46:4f:2e:9d:91:fc:18:65:02:1a:87:f8:
6b:9b:d6:9f:5c:75:b9:61:b5:94:0d:37:1a:af:16:
45:20:4e:7f:18:4d:48:44:f0:80:39:85:85:c0:80:
96:95:e9:b9:93:26:e6:5d:3b:df:c4:ef:63:c3:a1:
c9:01:d8:b2:77:bc:bb:77:0d:7f:2b:c7:92:b6:cc:
7a:34:0e:8f:89:91:6e:d9:7b:f6:34:e3:5a:d0:39:
ac:97:03:88:63:1a:94:b9:13:90:07:49:19:60:4c:
76:72:4b:31:d8:9e:02:eb:6f:a0:e7:18:13:b8:66:
2d:ba:57:32:6e:12:0c:4c:ef:6b:3d:90:12:af:90:
46:4d:37:f7:cc:45:01:dd:ce:f1:f4:68:45:11:c4:
43:1c:b7:89:95:ca:e0:7d:d2:e7:eb:e5:f2:ef:2a:
93:5c:29:19:23:04:a6:d1:99:2a:54:2c:41:e9:94:
76:17:80:d2:04:36:a9:a5:fc:4d:1b:bb:16:38:62:
37:65:4e:68:43:73:82:d0:29:71:f6:ae:04:3a:68:
10:4d:5a:b2:15:31:d1:3e:5c:ca:4e:0d:4d:49:70:
87:6f:dd:54:14:d0:9c:45:7a:cf:88:86:75:83:e1:
bb:29:e3:81:02:c2:05:fe:89:96:b3:70:88:76:36:
18:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9C:44:EC:AE:6C:2E:19:28:D1:25:11:E4:0F:1D:85:4C:0F:20:E0
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_5xE7K5sLhko0SUR5A8dhUwPIOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
79.143.140.0/22
88.214.22.0/24
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.184.223.0/24
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
7b:a3:3f:4c:f6:4d:a1:23:a2:b5:f8:a1:20:6c:42:d9:ec:ce:
1d:f2:cd:05:fc:c6:67:29:89:a2:c1:1b:6d:68:86:90:66:ec:
80:42:e3:07:d1:77:95:37:0c:e5:2c:fa:ae:34:66:bf:40:44:
a0:28:bc:9b:c6:89:c5:59:28:2a:52:12:85:b7:55:ba:93:8d:
af:84:a4:6a:ef:39:c7:80:94:e9:3f:cb:cc:0a:4e:44:12:45:
d3:3c:f9:93:1a:ea:f4:6d:03:74:7b:ed:ef:9c:9d:a4:68:b7:
3e:93:35:76:dc:30:43:2c:3c:1e:32:95:7b:d9:df:a1:a1:3c:
90:7b:0f:d4:58:26:e8:e2:d1:f4:03:94:58:3e:17:bc:ac:67:
a0:62:86:62:c0:78:23:fd:31:5c:c0:b2:d3:06:a4:62:3b:5f:
44:fc:87:d3:67:37:97:71:53:3c:5c:51:b6:f2:17:db:a5:18:
a8:8a:67:24:75:8c:d5:f7:8c:1c:0e:98:2f:aa:d5:68:31:0e:
91:52:61:29:d8:dc:7f:64:b7:4d:70:68:e5:c0:34:c5:7c:f8:
8e:2a:b1:79:25:64:7c:df:ee:1e:25:b8:9a:40:ff:63:40:01:
0c:6b:35:c7:28:09:b1:92:0e:78:3b:0d:e1:83:57:22:1d:54:
29:2f:52:8e
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAYdS/XPHlqPvp/MMYjPjSdoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwNDA1MTk1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjljNDRlY2FlNmMyZTE5MjhkMTI1MTFlNDBmMWQ4NTRjMGYyMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRlGTy6dkfwYZQIah/hrm9afXHW5
YbWUDTcarxZFIE5/GE1IRPCAOYWFwICWlem5kybmXTvfxO9jw6HJAdiyd7y7dw1/
K8eStsx6NA6PiZFu2Xv2NONa0DmslwOIYxqUuROQB0kZYEx2cksx2J4C62+g5xgT
uGYtulcybhIMTO9rPZASr5BGTTf3zEUB3c7x9GhFEcRDHLeJlcrgfdLn6+Xy7yqT
XCkZIwSm0ZkqVCxB6ZR2F4DSBDappfxNG7sWOGI3ZU5oQ3OC0Clx9q4EOmgQTVqy
FTHRPlzKTg1NSXCHb91UFNCcRXrPiIZ1g+G7KeOBAsIF/omWs3CIdjYYuwIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFP+cROyubC4ZKNElEeQPHYVMDyDgMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvXzV4RTdLNXNMaGtvMFNVUjVBOGRoVXdQSU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKAYIKwYBBQUHAQcBAf8EggEXMIIBEzCB+QQCAAEwgfID
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAAtghUwDAMEAC2O
fQMEBy2OAAMEAi2P6AMEAi2VnAMEAi2fMAMEAk+PjAMEAFjWFgMEAFvI8AMEAVvI
8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQAlT4sAwQB
lT4uAwQCsHeUAwQAubjfAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQA
wiQYAwQAwiQbMAwDBADCaJkDBALCaJgDBADCqTYDBADD9dswDAMEAMP18QMEAMP1
8jAVBAIAAjAPAwYEKgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQB7oz9M
9k2hI6K1+KEgbELZ7M4d8s0F/MZnKYmiwRttaIaQZuyAQuMH0XeVNwzlLPquNGa/
QESgKLybxonFWSgqUhKFt1W6k42vhKRq7znHgJTpP8vMCk5EEkXTPPmTGur0bQN0
e+3vnJ2kaLc+kzV23DBDLDweMpV72d+hoTyQew/UWCbo4tH0A5RYPhe8rGegYoZi
wHgj/TFcwLLTBqRiO19E/IfTZzeXcVM8XFG28hfbpRioimckdYzV94wcDpgvqtVo
MQ6RUmEp2Nx/ZLdNcGjlwDTFfPiOKrF5JWR83+4eJbiaQP9jQAEMazXHKAmxkg54
Ow3hg1ciHVQpL1KO
-----END CERTIFICATE-----
Generated at Thu Nov 23 01:55:33 2023 by rpki-client on console-fra.rpki-client.org