Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/Th0daWpQUohp9aO6P4fIeiokAX4.roa
File: Th0daWpQUohp9aO6P4fIeiokAX4.roa (raw, json)
Hash identifier: JAFzSqgqk4Ymze5drFLs35wsyeKTB0SV1PU+S+X5FXE=
Subject key identifier: 4E:1D:1D:69:6A:50:52:88:69:F5:A3:BA:3F:87:C8:7A:2A:24:01:7E
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 018833C2CD5FA34961207F042208AC642645
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/Th0daWpQUohp9aO6P4fIeiokAX4.roa
Signing time: Fri 19 May 2023 11:26:24 +0000
ROA not before: Fri 19 May 2023 11:26:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
45.144.240.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:c2:cd:5f:a3:49:61:20:7f:04:22:08:ac:64:26:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 19 11:26:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e1d1d696a50528869f5a3ba3f87c87a2a24017e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8b:64:a4:72:e0:6a:b3:ea:34:e6:6c:7d:86:
7b:0b:de:f0:84:3b:c5:8b:34:50:ca:aa:fa:44:0b:
21:ef:ca:a2:0d:63:af:f3:2a:24:82:f3:34:e7:0a:
ce:40:8b:82:9c:2b:ee:ed:e3:a9:bc:5f:48:f9:db:
fb:13:72:d0:ae:5d:a1:3b:cf:17:57:db:d8:72:b0:
2f:43:57:0d:05:5e:07:01:ad:c8:f3:a0:7c:c1:bd:
61:61:06:60:c8:67:60:28:89:7f:bd:19:d1:2f:74:
f7:86:fd:a5:3e:24:63:c4:c6:68:07:c7:9d:23:30:
df:84:c2:37:09:54:39:6e:73:d6:5f:0e:2e:9d:ec:
b3:82:32:6d:9c:0d:c8:a5:81:73:b0:26:84:1f:66:
2d:3d:ec:05:81:c3:49:16:cf:61:79:57:99:e7:92:
86:02:a9:32:53:e3:0a:5a:9f:11:d6:de:a9:52:5f:
47:e8:4f:04:9a:9f:18:80:f4:38:22:d9:73:3b:81:
d2:c7:b2:19:cc:5a:d4:bd:7a:c0:8d:81:b5:4b:d1:
6f:c4:ce:41:99:54:6c:4d:2a:1f:6a:fc:6a:3b:65:
0d:db:2e:16:5b:76:dc:e3:63:59:98:90:4b:96:d7:
ba:54:91:92:84:7a:52:d1:25:42:f3:3b:26:bc:ba:
d8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1D:1D:69:6A:50:52:88:69:F5:A3:BA:3F:87:C8:7A:2A:24:01:7E
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/Th0daWpQUohp9aO6P4fIeiokAX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.240.0/23
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.209.0/24
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
35:0c:96:9d:74:b2:05:61:97:9e:a7:b9:75:cd:79:32:77:05:
c9:b9:d5:9e:8a:2a:07:0d:c4:c5:b3:1a:ef:80:72:df:85:c4:
d1:59:22:1d:83:bd:08:64:6a:92:28:b8:a6:e4:84:8b:e3:13:
54:4d:3f:2f:4a:a7:a5:e9:a9:78:df:ff:ab:63:a7:2a:c8:fe:
93:0c:51:34:0e:b9:38:1b:96:23:29:f5:ac:fe:f1:cd:fe:cc:
dc:95:90:f8:a4:06:db:a6:02:f2:1f:9d:e2:c2:1d:ed:6e:54:
2b:e3:f0:df:d3:5d:0c:ed:3d:31:47:15:31:fd:95:d7:bb:6d:
1b:d6:58:5b:20:95:93:d0:5c:78:03:f3:85:79:1b:23:71:54:
41:5a:57:2e:75:c1:e8:28:97:0a:b6:c2:19:2c:0f:73:da:92:
46:5b:80:bf:e7:85:96:f9:49:17:b5:5a:ee:2e:60:e1:01:7f:
14:49:57:6b:a7:c9:9f:ea:a8:f1:01:d2:e6:1c:14:3c:f8:11:
c4:19:8a:a0:34:bb:f5:46:35:ef:25:7b:fd:14:03:d8:e7:e2:
5e:e0:ee:2b:b3:7c:e7:6b:e3:00:e3:16:32:2a:84:7f:b7:9e:
f6:96:e2:6a:1f:b8:a1:5f:a6:17:a6:7d:3d:43:ce:b0:0c:80:
d5:c9:3b:0f
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYgzws1fo0lhIH8EIgisZCZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTE5MTEyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFkMWQ2OTZhNTA1Mjg4NjlmNWEzYmEzZjg3Yzg3YTJhMjQwMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvItkpHLgarPqNOZsfYZ7C97whDvF
izRQyqr6RAsh78qiDWOv8yokgvM05wrOQIuCnCvu7eOpvF9I+dv7E3LQrl2hO88X
V9vYcrAvQ1cNBV4HAa3I86B8wb1hYQZgyGdgKIl/vRnRL3T3hv2lPiRjxMZoB8ed
IzDfhMI3CVQ5bnPWXw4uneyzgjJtnA3IpYFzsCaEH2YtPewFgcNJFs9heVeZ55KG
AqkyU+MKWp8R1t6pUl9H6E8Emp8YgPQ4ItlzO4HSx7IZzFrUvXrAjYG1S9FvxM5B
mVRsTSofavxqO2UN2y4WW3bc42NZmJBLlte6VJGShHpS0SVC8zsmvLrYNwIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFE4dHWlqUFKIafWjuj+HyHoqJAF+MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvVGgwZGFXcFFVb2hwOWFPNlA0ZkllaW9rQVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBACYWdEwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBADUMlp10
sgVhl56nuXXNeTJ3Bcm51Z6KKgcNxMWzGu+Act+FxNFZIh2DvQhkapIouKbkhIvj
E1RNPy9Kp6XpqXjf/6tjpyrI/pMMUTQOuTgbliMp9az+8c3+zNyVkPikBtumAvIf
neLCHe1uVCvj8N/TXQztPTFHFTH9lde7bRvWWFsglZPQXHgD84V5GyNxVEFaVy51
wegolwq2whksD3PakkZbgL/nhZb5SRe1Wu4uYOEBfxRJV2unyZ/qqPEB0uYcFDz4
EcQZiqA0u/VGNe8le/0UA9jn4l7g7iuzfOdr4wDjFjIqhH+3nvaW4mofuKFfphem
fT1DzrAMgNXJOw8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org