Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/IkwLbksisUeWj_qwzCI1Tm7Bjrk.roa
File: IkwLbksisUeWj_qwzCI1Tm7Bjrk.roa (raw, json)
Hash identifier: +AYjf2k3NQzj32ob/sz2plfRjExRjzcMQ6TbRp/tsQk=
Subject key identifier: 22:4C:0B:6E:4B:22:B1:47:96:8F:FA:B0:CC:22:35:4E:6E:C1:8E:B9
Certificate issuer: /CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Certificate serial: 0186C08B9D9ABF1233EBA53A9DD8A76D1EE2
Authority key identifier: E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/IkwLbksisUeWj_qwzCI1Tm7Bjrk.roa
Signing time: Wed 08 Mar 2023 09:27:00 +0000
ROA not before: Wed 08 Mar 2023 09:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202596
IP address blocks: 45.12.240.0/22 maxlen: 22
185.225.44.0/22 maxlen: 22
193.39.240.0/22 maxlen: 22
195.26.112.0/20 maxlen: 20
160.19.180.0/22 maxlen: 22
185.14.88.0/22 maxlen: 22
185.236.184.0/22 maxlen: 22
45.139.12.0/22 maxlen: 22
185.159.76.0/22 maxlen: 22
80.249.16.0/20 maxlen: 20
185.176.160.0/22 maxlen: 22
185.250.188.0/22 maxlen: 22
45.92.120.0/22 maxlen: 22
45.149.188.0/22 maxlen: 22
176.97.152.0/22 maxlen: 22
185.239.32.0/22 maxlen: 22
185.240.108.0/22 maxlen: 22
95.141.16.0/20 maxlen: 20
45.95.156.0/22 maxlen: 22
45.152.232.0/22 maxlen: 22
185.254.136.0/22 maxlen: 22
194.6.251.0/24 maxlen: 24
194.6.252.0/24 maxlen: 24
194.6.254.0/24 maxlen: 24
45.145.48.0/22 maxlen: 22
185.222.80.0/22 maxlen: 22
45.141.132.0/22 maxlen: 22
185.247.172.0/22 maxlen: 22
45.80.244.0/22 maxlen: 22
185.111.72.0/22 maxlen: 22
45.134.228.0/22 maxlen: 22
185.106.72.0/22 maxlen: 22
158.41.48.0/20 maxlen: 20
185.248.104.0/22 maxlen: 22
45.133.120.0/21 maxlen: 21
45.133.128.0/22 maxlen: 22
185.226.36.0/22 maxlen: 22
193.29.28.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:8b:9d:9a:bf:12:33:eb:a5:3a:9d:d8:a7:6d:1e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Validity
Not Before: Mar 8 09:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=224c0b6e4b22b147968ffab0cc22354e6ec18eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:81:b5:93:a1:d6:7a:17:ef:3b:f5:47:6b:bd:
1d:85:03:21:b1:bf:81:20:a4:00:14:e8:78:de:9c:
49:fb:c2:18:45:33:ee:7d:4f:b5:b6:c2:31:54:76:
8f:2a:eb:51:f7:ca:9c:0c:b2:2d:27:5a:13:c7:be:
c7:2a:fb:4a:6f:f5:0e:f9:f7:67:60:bc:a8:35:73:
35:d9:d4:05:04:b0:92:d2:0c:b1:bc:27:f6:39:98:
71:9d:9f:ec:bd:d6:ce:7f:ae:b7:3e:fd:1c:67:9d:
f7:37:de:5c:95:6b:09:22:d1:f9:e7:0c:4e:5a:a2:
cf:05:5e:24:71:fd:a3:9f:7d:35:c6:6a:fe:7a:50:
37:2d:a4:e8:3e:59:a3:db:78:73:e6:c4:ec:ff:2c:
68:94:f6:e2:f8:d2:2a:e9:ab:9a:f8:53:3d:dc:90:
d0:a5:82:9d:59:15:75:2e:17:46:93:1a:64:3f:64:
1f:e5:a6:31:73:9a:14:66:fd:24:ec:d7:9a:9d:83:
dd:ae:28:de:50:44:f0:c7:60:82:f1:c8:1f:97:26:
a6:3c:01:81:c2:d4:6a:06:3a:e7:1b:96:4a:6b:a7:
cd:48:30:b9:11:eb:0f:a6:7b:d4:6c:77:5c:74:53:
2e:24:35:cb:f4:91:e1:2f:74:84:d5:60:9b:41:24:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:4C:0B:6E:4B:22:B1:47:96:8F:FA:B0:CC:22:35:4E:6E:C1:8E:B9
X509v3 Authority Key Identifier:
keyid:E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/IkwLbksisUeWj_qwzCI1Tm7Bjrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.240.0/22
45.80.244.0/22
45.92.120.0/22
45.95.156.0/22
45.133.120.0-45.133.131.255
45.134.228.0/22
45.139.12.0/22
45.141.132.0/22
45.145.48.0/22
45.149.188.0/22
45.152.232.0/22
80.249.16.0/20
95.141.16.0/20
158.41.48.0/20
160.19.180.0/22
176.97.152.0/22
185.14.88.0/22
185.106.72.0/22
185.111.72.0/22
185.159.76.0/22
185.176.160.0/22
185.222.80.0/22
185.225.44.0/22
185.226.36.0/22
185.236.184.0/22
185.239.32.0/22
185.240.108.0/22
185.247.172.0/22
185.248.104.0/22
185.250.188.0/22
185.254.136.0/22
193.29.28.0/22
193.39.240.0/22
194.6.251.0-194.6.252.255
194.6.254.0/24
195.26.112.0/20
Signature Algorithm: sha256WithRSAEncryption
48:51:33:04:b8:a3:3c:09:31:3d:88:a5:32:06:d1:30:64:13:
30:b0:6c:8b:fd:c2:bd:e5:53:a9:4a:20:de:14:53:5c:e7:4e:
27:66:c5:cd:1e:76:f5:bd:e1:60:ce:72:2c:3a:29:9e:6b:71:
64:14:6c:07:fb:66:7f:0b:62:8e:8d:d0:03:01:a1:a1:da:a2:
49:ed:59:3a:fb:dc:aa:8f:71:c5:19:a8:51:92:b2:ad:0e:70:
35:7e:95:af:35:3c:53:cf:4e:bc:e7:44:57:09:16:a1:4e:e1:
9d:f5:2f:f2:6c:af:1b:f6:6b:99:1c:da:bc:56:a6:aa:f7:86:
9f:9f:2e:8b:87:05:f7:a2:34:d3:82:4a:c9:d4:d5:84:93:f0:
e1:31:30:7a:03:b2:f5:59:be:d7:ed:20:80:ac:5c:fa:8c:e6:
3d:ed:f3:92:a0:37:b4:48:0c:7f:e7:fa:0d:be:b8:9e:ce:5c:
dc:ad:7d:da:80:6b:54:0e:ba:45:97:5e:1f:1a:6a:3d:76:97:
ea:87:6b:52:97:b6:a0:40:06:fd:0b:5b:39:a9:0b:6d:c0:bd:
0d:d4:80:40:46:32:7a:d5:30:5e:b8:fa:96:b9:5f:d8:4e:1c:
88:39:0b:f0:3b:86:6b:f3:4b:b4:80:43:6c:9c:69:f1:b2:5c:
d8:bf:41:15
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYbAi52avxIz66U6ndinbR7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZmRmY2RjMzI2MWI1N2FmYWRmZWQ3MzBmYjJkZWRiMjg2
NDlmY2YwHhcNMjMwMzA4MDkyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjRjMGI2ZTRiMjJiMTQ3OTY4ZmZhYjBjYzIyMzU0ZTZlYzE4ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24G1k6HWehfvO/VHa70dhQMhsb+B
IKQAFOh43pxJ+8IYRTPufU+1tsIxVHaPKutR98qcDLItJ1oTx77HKvtKb/UO+fdn
YLyoNXM12dQFBLCS0gyxvCf2OZhxnZ/svdbOf663Pv0cZ533N95clWsJItH55wxO
WqLPBV4kcf2jn301xmr+elA3LaToPlmj23hz5sTs/yxolPbi+NIq6aua+FM93JDQ
pYKdWRV1LhdGkxpkP2Qf5aYxc5oUZv0k7NeanYPdrijeUETwx2CC8cgflyamPAGB
wtRqBjrnG5ZKa6fNSDC5EesPpnvUbHdcdFMuJDXL9JHhL3SE1WCbQSQpvwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFCJMC25LIrFHlo/6sMwiNU5uwY65MB8GA1UdIwQY
MBaAFOn9/NwyYbV6+t/tcw+y3tsoZJ/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgt
MGJjN2U3ZWYwNzYzLzEvSWt3TGJrc2lzVWVXal9xd3pDSTFUbTdCanJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgtMGJjN2U3ZWYwNzYz
LzEvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQC
LQzwAwQCLVD0AwQCLVx4AwQCLV+cMAwDBAMthXgDBAIthYADBAIthuQDBAItiwwD
BAItjYQDBAItkTADBAItlbwDBAItmOgDBARQ+RADBARfjRADBASeKTADBAKgE7QD
BAKwYZgDBAK5DlgDBAK5akgDBAK5b0gDBAK5n0wDBAK5sKADBAK53lADBAK54SwD
BAK54iQDBAK57LgDBAK57yADBAK58GwDBAK596wDBAK5+GgDBAK5+rwDBAK5/ogD
BALBHRwDBALBJ/AwDAMEAMIG+wMEAMIG/AMEAMIG/gMEBMMacDANBgkqhkiG9w0B
AQsFAAOCAQEASFEzBLijPAkxPYilMgbRMGQTMLBsi/3CveVTqUog3hRTXOdOJ2bF
zR529b3hYM5yLDopnmtxZBRsB/tmfwtijo3QAwGhodqiSe1ZOvvcqo9xxRmoUZKy
rQ5wNX6VrzU8U89OvOdEVwkWoU7hnfUv8myvG/ZrmRzavFamqveGn58ui4cF96I0
04JKydTVhJPw4TEwegOy9Vm+1+0ggKxc+ozmPe3zkqA3tEgMf+f6Db64ns5c3K19
2oBrVA66RZdeHxpqPXaX6odrUpe2oEAG/QtbOakLbcC9DdSAQEYyetUwXrj6lrlf
2E4ciDkL8DuGa/NLtIBDbJxp8bJc2L9BFQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:43 2023 by rpki-client on console-fra.rpki-client.org