Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hZOKItX-etBAiPblfQ1CAZe7uHE.roa
File: hZOKItX-etBAiPblfQ1CAZe7uHE.roa (raw, json)
Hash identifier: sYzljHvCgIcP4Jdmw3I75U8AWn/+PIylg02nZwb5aVQ=
Subject key identifier: 85:93:8A:22:D5:FE:7A:D0:40:88:F6:E5:7D:0D:42:01:97:BB:B8:71
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0189E38432D6AF5D70A8F577F6240E69DA54
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hZOKItX-etBAiPblfQ1CAZe7uHE.roa
Signing time: Fri 11 Aug 2023 07:33:59 +0000
ROA not before: Fri 11 Aug 2023 07:33:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 949
IP address blocks: 141.98.196.0/22 maxlen: 24
80.66.196.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/22 maxlen: 24
94.124.116.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
195.245.219.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.36.27.0/24 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
91.200.240.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
185.222.221.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
2a06:57c0::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Nov 2023 01:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:84:32:d6:af:5d:70:a8:f5:77:f6:24:0e:69:da:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 11 07:33:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85938a22d5fe7ad04088f6e57d0d420197bbb871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:80:52:e2:d9:b0:0c:ea:06:e9:95:45:67:7f:
62:a6:c9:9c:aa:36:bf:73:17:4d:a7:85:f0:17:ac:
1b:e6:da:05:bb:d4:06:ce:4f:9a:df:48:0b:ca:1f:
5a:2e:c1:67:ce:54:5d:55:3e:2d:c5:52:e8:24:3d:
7f:51:a6:e2:68:65:e8:93:c9:3a:e2:e4:27:f8:96:
aa:b2:91:39:26:51:17:c0:be:b0:63:3b:15:d7:e7:
d1:7b:ad:03:b4:73:90:cb:c6:50:4c:22:dd:27:f9:
49:fc:23:e2:15:53:11:cd:c9:8c:66:89:3e:0c:63:
5d:07:92:f2:8f:1f:bf:e0:7f:d0:86:9f:0b:b7:99:
7d:e8:ab:ef:4c:08:c4:45:8c:b6:ea:7d:fb:c9:77:
41:91:20:6b:f8:ca:22:4a:68:4e:32:38:e1:8a:91:
57:f9:dc:80:59:35:3f:b5:8d:36:ad:db:2b:84:5b:
3b:8c:65:86:f3:6f:58:b0:69:e6:b6:2f:bc:3c:af:
44:3f:8d:77:28:e0:5c:cf:ee:ad:4e:cb:62:46:22:
1f:03:f1:f0:82:ce:80:5a:ab:b9:c3:de:ab:38:d9:
2c:45:6f:2b:47:ad:81:95:3d:06:1b:d4:a0:65:38:
07:2c:e3:3b:d4:37:46:9c:38:37:87:36:cb:cf:d0:
ec:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:93:8A:22:D5:FE:7A:D0:40:88:F6:E5:7D:0D:42:01:97:BB:B8:71
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hZOKItX-etBAiPblfQ1CAZe7uHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.130.20.0/22
45.139.192.0/22
45.141.44.0/22
45.142.124.0/22
45.143.232.0/22
80.66.196.0/22
91.200.240.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.213.151.0/24
185.222.216.0/21
193.32.148.0/22
194.36.27.0/24
194.104.144.0/24
194.104.152.0/22
194.114.136.0/24
194.169.54.0/23
195.245.219.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:6::/32
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
68:0a:94:b7:a5:82:1e:cb:2d:78:33:e0:1b:20:56:e5:a1:37:
8f:69:db:91:d3:3a:4c:6b:33:43:aa:da:d2:07:bc:d8:09:94:
50:32:fa:d4:ee:ad:3a:b5:a7:bd:5c:1d:e9:af:85:86:18:bf:
c6:8d:ae:26:2e:2d:89:bd:e6:c7:d0:dc:52:92:4a:55:ac:23:
a6:ff:97:76:20:96:74:6c:bb:aa:4c:10:e1:bb:51:b1:ab:71:
7f:3d:ef:41:51:7c:88:90:fd:b3:e1:d1:68:bd:cc:e4:1a:dd:
2a:7b:ee:3b:9e:04:ef:cf:df:94:bf:fd:5d:8a:8d:28:72:60:
37:b9:0b:ff:83:c1:d9:98:28:fc:b3:89:26:a7:59:72:64:cb:
db:30:d8:76:f4:ea:be:35:00:00:ca:97:10:f9:c4:71:72:98:
f2:de:f5:5b:f8:31:93:a1:92:ae:6f:a8:bc:e5:3c:35:71:16:
e6:01:1a:21:46:f2:8a:c5:7b:c1:5f:5a:f2:7b:8c:7d:73:d6:
e9:97:84:1f:8c:cc:06:09:27:6d:f0:c8:4e:30:f4:75:cd:4f:
8b:86:a8:e4:4d:76:18:73:c3:f1:e6:f6:b7:fd:e8:07:76:55:
b4:c5:92:b7:03:e8:01:35:1e:37:1e:55:90:78:91:e8:c4:f7:
c5:e8:d5:f8
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYnjhDLWr11wqPV39iQOadpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwODExMDczMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTkzOGEyMmQ1ZmU3YWQwNDA4OGY2ZTU3ZDBkNDIwMTk3YmJiODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYBS4tmwDOoG6ZVFZ39ipsmcqja/
cxdNp4XwF6wb5toFu9QGzk+a30gLyh9aLsFnzlRdVT4txVLoJD1/UabiaGXok8k6
4uQn+JaqspE5JlEXwL6wYzsV1+fRe60DtHOQy8ZQTCLdJ/lJ/CPiFVMRzcmMZok+
DGNdB5Lyjx+/4H/Qhp8Lt5l96KvvTAjERYy26n37yXdBkSBr+MoiSmhOMjjhipFX
+dyAWTU/tY02rdsrhFs7jGWG829YsGnmti+8PK9EP413KOBcz+6tTstiRiIfA/Hw
gs6AWqu5w96rONksRW8rR62BlT0GG9SgZTgHLOM71DdGnDg3hzbLz9DsZwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFIWTiiLV/nrQQIj25X0NQgGXu7hxMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaFpPS0l0WC1ldEJBaVBibGZRMUNBWmU3dUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCBpQQCAAEwgZ4D
BAItV1wDBAItghQDBAIti8ADBAItjSwDBAItjnwDBAItj+gDBAJQQsQDBAJbyPAD
BAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAC51ZcDBAO53tgD
BALBIJQDBADCJBsDBADCaJADBALCaJgDBADCcogDBAHCqTYDBADD9dsDBADD9eUw
DAMEAMP18QMEAMP18jBoBAIAAjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6
AAMFACoJAAYDBQMqDO1AAwUDKg0fwAMFAyoNNkADBQMqDUNAAwUDKg1LwAMFAyoN
dUADBQMqDd6AAwUDKg5iAAMFAyoQJgAwDQYJKoZIhvcNAQELBQADggEBAGgKlLel
gh7LLXgz4BsgVuWhN49p25HTOkxrM0Oq2tIHvNgJlFAy+tTurTq1p71cHemvhYYY
v8aNriYuLYm95sfQ3FKSSlWsI6b/l3YglnRsu6pMEOG7UbGrcX8970FRfIiQ/bPh
0Wi9zOQa3Sp77jueBO/P35S//V2KjShyYDe5C/+DwdmYKPyziSanWXJky9sw2Hb0
6r41AADKlxD5xHFymPLe9Vv4MZOhkq5vqLzlPDVxFuYBGiFG8orFe8FfWvJ7jH1z
1umXhB+MzAYJJ23wyE4w9HXNT4uGqORNdhhzw/Hm9rf96Ad2VbTFkrcD6AE1Hjce
VZB4kejE98Xo1fg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org