Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/CdUQhXtxOCUQtPCEmqKFizuBzu4.roa
File: CdUQhXtxOCUQtPCEmqKFizuBzu4.roa (raw, json)
Hash identifier: x7bT4O18dyWsb03q2i7VhyvGnRhPzfbwn7N/l+giQXM=
Subject key identifier: 09:D5:10:85:7B:71:38:25:10:B4:F0:84:9A:A2:85:8B:3B:81:CE:EE
Certificate issuer: /CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Certificate serial: 018617CAC40BEC80C85332B46007EF0607FB
Authority key identifier: E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/CdUQhXtxOCUQtPCEmqKFizuBzu4.roa
Signing time: Fri 03 Feb 2023 15:00:09 +0000
ROA not before: Fri 03 Feb 2023 15:00:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202596
IP address blocks: 45.12.240.0/22 maxlen: 22
185.225.44.0/22 maxlen: 22
193.39.240.0/22 maxlen: 22
160.19.180.0/22 maxlen: 22
195.26.112.0/20 maxlen: 20
185.14.88.0/22 maxlen: 22
185.236.184.0/22 maxlen: 22
45.139.12.0/22 maxlen: 22
185.159.76.0/22 maxlen: 22
80.249.16.0/20 maxlen: 20
185.176.160.0/22 maxlen: 22
185.250.188.0/22 maxlen: 22
45.92.120.0/22 maxlen: 22
45.149.188.0/22 maxlen: 22
176.97.152.0/22 maxlen: 22
185.239.32.0/22 maxlen: 22
185.240.108.0/22 maxlen: 22
95.141.16.0/20 maxlen: 20
45.95.156.0/22 maxlen: 22
45.152.232.0/22 maxlen: 22
185.254.136.0/22 maxlen: 22
194.6.251.0/24 maxlen: 24
194.6.252.0/24 maxlen: 24
194.6.254.0/24 maxlen: 24
45.145.48.0/22 maxlen: 22
185.222.80.0/22 maxlen: 22
45.141.132.0/22 maxlen: 22
185.247.172.0/22 maxlen: 22
45.80.244.0/22 maxlen: 22
185.111.72.0/22 maxlen: 22
45.134.228.0/22 maxlen: 22
185.106.72.0/22 maxlen: 22
185.248.104.0/22 maxlen: 22
45.133.120.0/21 maxlen: 21
45.133.128.0/22 maxlen: 22
185.226.36.0/22 maxlen: 22
193.29.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 08 Mar 2023 09:27:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:ca:c4:0b:ec:80:c8:53:32:b4:60:07:ef:06:07:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Validity
Not Before: Feb 3 15:00:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d510857b71382510b4f0849aa2858b3b81ceee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cd:f6:77:7b:17:af:30:53:25:fb:9c:84:2f:
fd:5d:52:5f:c0:43:62:1d:53:39:08:dd:6c:80:2f:
d1:e7:71:5b:bc:f0:4b:6e:52:e2:3b:25:a5:5d:81:
b1:d4:21:cf:b1:72:31:47:b9:f2:99:12:8d:2d:48:
74:f4:49:b5:b0:fe:cc:84:04:ac:4f:23:a8:5e:50:
9f:ad:19:09:ec:12:6f:8b:7e:80:10:9c:59:f7:92:
6a:a9:93:35:bc:d3:98:c2:26:ba:af:72:d8:5f:a4:
3a:7f:24:07:30:45:ce:1d:67:25:58:ac:33:f6:41:
57:60:cc:9d:76:ec:cd:38:b5:73:c8:d2:80:33:c3:
67:00:7b:0f:0f:fd:0d:c3:c5:f6:99:92:1f:5f:ba:
a7:c6:66:6c:be:48:16:5a:43:1e:bf:db:4e:fe:79:
f1:14:14:78:e0:e5:80:a1:cd:e5:0c:39:54:41:92:
7c:07:d9:d1:90:90:df:9b:9d:8c:1e:3a:c8:5b:bc:
42:01:87:c8:64:01:43:de:75:df:f4:a0:dc:84:73:
05:b7:85:37:b6:5a:e8:47:d5:1c:a8:31:96:f2:8d:
80:8d:b8:d9:f6:8d:a2:b2:a0:8d:ab:37:d1:a9:fd:
dd:dc:cb:44:08:32:3f:21:66:c3:92:9b:6a:47:e8:
ea:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D5:10:85:7B:71:38:25:10:B4:F0:84:9A:A2:85:8B:3B:81:CE:EE
X509v3 Authority Key Identifier:
keyid:E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/CdUQhXtxOCUQtPCEmqKFizuBzu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.240.0/22
45.80.244.0/22
45.92.120.0/22
45.95.156.0/22
45.133.120.0-45.133.131.255
45.134.228.0/22
45.139.12.0/22
45.141.132.0/22
45.145.48.0/22
45.149.188.0/22
45.152.232.0/22
80.249.16.0/20
95.141.16.0/20
160.19.180.0/22
176.97.152.0/22
185.14.88.0/22
185.106.72.0/22
185.111.72.0/22
185.159.76.0/22
185.176.160.0/22
185.222.80.0/22
185.225.44.0/22
185.226.36.0/22
185.236.184.0/22
185.239.32.0/22
185.240.108.0/22
185.247.172.0/22
185.248.104.0/22
185.250.188.0/22
185.254.136.0/22
193.29.28.0/22
193.39.240.0/22
194.6.251.0-194.6.252.255
194.6.254.0/24
195.26.112.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:18:c2:0a:df:42:4a:e5:a1:e7:b7:1a:ea:9b:67:82:bb:b9:
c3:66:af:fa:a3:c6:27:3a:07:d7:ba:41:d5:20:5d:d7:cf:41:
61:ee:2f:3e:6c:d4:4e:d0:53:17:9a:bd:3b:27:ee:e4:74:f5:
f7:e5:3d:df:01:44:dc:52:98:76:1b:c5:ec:df:0c:83:14:18:
38:1d:7c:65:c6:93:73:a4:9a:5b:b4:ac:f8:28:2b:9d:de:45:
1a:0c:12:0d:ba:88:99:d6:87:f3:98:6e:29:92:85:2f:1c:3d:
55:4d:c5:cb:b4:9c:14:96:8b:28:0c:42:17:6d:64:f6:6c:a7:
67:da:44:34:7e:02:cd:08:e9:38:02:f5:d8:97:09:5c:db:b4:
f3:7e:c5:52:77:cb:07:38:14:32:9f:1d:7e:7e:26:a0:5d:45:
1a:d2:50:ee:43:13:d5:23:63:f3:5b:19:cb:1a:1b:ed:a7:ae:
fb:cc:61:0f:88:61:0c:83:21:c4:38:14:eb:38:76:4c:43:e6:
47:b4:d0:b5:6e:6a:18:6c:30:0b:a2:07:51:0e:d4:80:69:ea:
0a:25:53:96:ac:47:28:47:96:34:59:0c:41:f6:93:31:5d:85:
f9:0f:4b:a3:ff:4f:0c:8b:99:fb:56:36:fb:65:83:76:02:97:
bd:2b:24:fa
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYYXysQL7IDIUzK0YAfvBgf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZmRmY2RjMzI2MWI1N2FmYWRmZWQ3MzBmYjJkZWRiMjg2
NDlmY2YwHhcNMjMwMjAzMTUwMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ1MTA4NTdiNzEzODI1MTBiNGYwODQ5YWEyODU4YjNiODFjZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic32d3sXrzBTJfuchC/9XVJfwENi
HVM5CN1sgC/R53FbvPBLblLiOyWlXYGx1CHPsXIxR7nymRKNLUh09Em1sP7MhASs
TyOoXlCfrRkJ7BJvi36AEJxZ95JqqZM1vNOYwia6r3LYX6Q6fyQHMEXOHWclWKwz
9kFXYMydduzNOLVzyNKAM8NnAHsPD/0Nw8X2mZIfX7qnxmZsvkgWWkMev9tO/nnx
FBR44OWAoc3lDDlUQZJ8B9nRkJDfm52MHjrIW7xCAYfIZAFD3nXf9KDchHMFt4U3
tlroR9UcqDGW8o2AjbjZ9o2isqCNqzfRqf3d3MtECDI/IWbDkptqR+jq8wIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFAnVEIV7cTglELTwhJqihYs7gc7uMB8GA1UdIwQY
MBaAFOn9/NwyYbV6+t/tcw+y3tsoZJ/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgt
MGJjN2U3ZWYwNzYzLzEvQ2RVUWhYdHhPQ1VRdFBDRW1xS0ZpenVCenU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgtMGJjN2U3ZWYwNzYz
LzEvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAIt
DPADBAItUPQDBAItXHgDBAItX5wwDAMEAy2FeAMEAi2FgAMEAi2G5AMEAi2LDAME
Ai2NhAMEAi2RMAMEAi2VvAMEAi2Y6AMEBFD5EAMEBF+NEAMEAqATtAMEArBhmAME
ArkOWAMEArlqSAMEArlvSAMEArmfTAMEArmwoAMEArneUAMEArnhLAMEArniJAME
ArnsuAMEArnvIAMEArnwbAMEArn3rAMEArn4aAMEArn6vAMEArn+iAMEAsEdHAME
AsEn8DAMAwQAwgb7AwQAwgb8AwQAwgb+AwQEwxpwMA0GCSqGSIb3DQEBCwUAA4IB
AQAeGMIK30JK5aHntxrqm2eCu7nDZq/6o8YnOgfXukHVIF3Xz0Fh7i8+bNRO0FMX
mr07J+7kdPX35T3fAUTcUph2G8Xs3wyDFBg4HXxlxpNzpJpbtKz4KCud3kUaDBIN
uoiZ1ofzmG4pkoUvHD1VTcXLtJwUlosoDEIXbWT2bKdn2kQ0fgLNCOk4AvXYlwlc
27TzfsVSd8sHOBQynx1+fiagXUUa0lDuQxPVI2PzWxnLGhvtp677zGEPiGEMgyHE
OBTrOHZMQ+ZHtNC1bmoYbDALogdRDtSAaeoKJVOWrEcoR5Y0WQxB9pMxXYX5D0uj
/08Mi5n7Vjb7ZYN2Ape9KyT6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org