Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/385oDnPARhRm_D0ps_jSetBLh9A.roa
File: 385oDnPARhRm_D0ps_jSetBLh9A.roa (raw, json)
Hash identifier: kuEZoRNMge8U0Ex/Dp453moOM3fj4uR2f151bkBZNLk=
Subject key identifier: DF:CE:68:0E:73:C0:46:14:66:FC:3D:29:B3:F8:D2:7A:D0:4B:87:D0
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0189DAC03CA8FE0A43AE2065CE7CB5E16B13
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/385oDnPARhRm_D0ps_jSetBLh9A.roa
Signing time: Wed 09 Aug 2023 14:42:58 +0000
ROA not before: Wed 09 Aug 2023 14:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0f:3380::/29 maxlen: 29
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0f:a500::/29 maxlen: 29
2a0a:9301:1::/48 maxlen: 48
2a0f:4580::/29 maxlen: 29
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0c:77c0::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0d:3880::/29 maxlen: 29
2a0a:9302:1::/48 maxlen: 48
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:c0:3c:a8:fe:0a:43:ae:20:65:ce:7c:b5:e1:6b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 9 14:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfce680e73c0461466fc3d29b3f8d27ad04b87d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6c:45:79:02:08:8c:8d:47:8f:43:47:4d:d3:
89:db:6f:1b:1b:d4:5f:ef:7e:de:2f:ec:68:1e:ca:
2d:43:61:38:63:cd:0e:5a:89:51:e0:18:71:fc:4d:
fa:e8:39:ee:e1:f5:dc:9b:b9:26:be:3f:e5:fd:6e:
24:3f:51:d0:7e:17:7b:74:41:fc:92:c8:77:d4:d4:
d9:a7:56:93:fe:b1:d4:2c:ec:ce:bc:f8:5a:98:c7:
9f:0f:d2:88:6a:8e:6d:00:25:1b:57:da:c6:53:3c:
dd:82:7c:8a:fe:1c:d6:68:ed:0c:22:3f:74:a5:ec:
a1:17:70:69:2a:85:df:2a:77:fd:92:b5:01:ad:c5:
ba:3d:05:12:c8:58:25:a6:57:c4:c3:ea:51:06:40:
7d:2e:64:3b:73:c5:52:12:d4:95:ea:02:20:8d:0a:
69:4f:2e:d2:d5:2e:6a:8c:ba:7f:a9:91:e3:e6:79:
c7:a1:97:08:24:22:9b:28:a6:38:b7:6f:21:8e:86:
56:3b:8c:30:be:93:c2:6f:85:cd:c2:6e:17:e2:f4:
ea:01:4e:96:d2:d8:4c:06:c4:fe:62:4c:ba:98:72:
b1:1b:9e:50:66:24:46:b3:8d:e4:e9:e3:03:22:08:
1a:67:5b:f8:87:ca:77:5f:6e:c7:eb:51:a0:2f:eb:
a5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CE:68:0E:73:C0:46:14:66:FC:3D:29:B3:F8:D2:7A:D0:4B:87:D0
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/385oDnPARhRm_D0ps_jSetBLh9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.109.85.0/24
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0c:77c0::/29
2a0d:3880::/29
2a0f:1180::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:a500::/29
Signature Algorithm: sha256WithRSAEncryption
a8:50:55:fb:2d:f0:cf:03:a1:00:40:f3:a3:23:b2:cd:f2:6c:
21:53:e1:75:a9:87:d8:0d:07:7a:42:e7:1f:5d:8d:83:36:2d:
9d:c7:19:fe:46:a6:69:fb:8b:97:59:f9:d7:1e:2c:29:da:2c:
a0:90:53:b0:d1:bd:c3:39:7e:a8:21:69:17:5e:fb:1c:67:8b:
a1:ec:91:38:64:03:6b:04:9f:d3:1c:35:09:01:1f:f7:fb:ce:
a9:c8:d7:69:51:51:62:41:fa:1b:0f:b4:71:a8:9f:50:08:a5:
24:d1:3d:36:94:0c:b5:15:84:b7:ce:20:8b:4e:a9:5c:92:a5:
a5:25:81:9d:ff:bc:27:3b:b3:8e:00:2c:58:57:8f:f9:55:a9:
33:37:cc:77:ee:4b:c6:be:44:f3:96:d2:2e:14:ed:cc:07:70:
dd:c8:4c:f5:40:e5:2f:cf:00:b2:85:8b:65:ca:75:1f:2c:66:
ec:da:90:13:e9:bf:69:e7:d9:98:7e:53:53:90:82:67:3f:00:
e6:b0:42:3e:d2:3d:77:3a:3b:21:c7:7d:ca:ae:ab:5c:c5:9a:
6a:53:56:dc:64:03:c9:ca:2f:d1:aa:85:0a:fc:05:d0:a7:ba:
58:bb:8d:8b:0f:9b:66:28:7d:5d:27:a5:de:50:45:b6:da:6c:
10:77:12:e2
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYnawDyo/gpDriBlzny14WsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwODA5MTQ0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNlNjgwZTczYzA0NjE0NjZmYzNkMjliM2Y4ZDI3YWQwNGI4N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mxFeQIIjI1Hj0NHTdOJ228bG9Rf
737eL+xoHsotQ2E4Y80OWolR4Bhx/E366Dnu4fXcm7kmvj/l/W4kP1HQfhd7dEH8
ksh31NTZp1aT/rHULOzOvPhamMefD9KIao5tACUbV9rGUzzdgnyK/hzWaO0MIj90
peyhF3BpKoXfKnf9krUBrcW6PQUSyFglplfEw+pRBkB9LmQ7c8VSEtSV6gIgjQpp
Ty7S1S5qjLp/qZHj5nnHoZcIJCKbKKY4t28hjoZWO4wwvpPCb4XNwm4X4vTqAU6W
0thMBsT+Yky6mHKxG55QZiRGs43k6eMDIggaZ1v4h8p3X27H61GgL+ulTwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFN/OaA5zwEYUZvw9KbP40nrQS4fQMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMzg1b0RuUEFSaFJtX0QwcHNfalNldEJMaDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jBgBAIAATBaAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAwW1VAwQEwXywAwQFwkPAAwQAwy/6MHYEAgACMHADBwAq
CpMAAAADBwAqCpMAAAIwEgMHBCoKkwAA0AMHACoKkwAA0jAQAwUAKgqTAQMHACoK
kwEAAgMFACoKkwIDBQMqDHfAAwUDKg04gAMFAyoPEYADBQMqDzOAAwUDKg9FgAMF
AyoPRoADBQMqD6UAMA0GCSqGSIb3DQEBCwUAA4IBAQCoUFX7LfDPA6EAQPOjI7LN
8mwhU+F1qYfYDQd6QucfXY2DNi2dxxn+RqZp+4uXWfnXHiwp2iygkFOw0b3DOX6o
IWkXXvscZ4uh7JE4ZANrBJ/THDUJAR/3+86pyNdpUVFiQfobD7RxqJ9QCKUk0T02
lAy1FYS3ziCLTqlckqWlJYGd/7wnO7OOACxYV4/5VakzN8x37kvGvkTzltIuFO3M
B3DdyEz1QOUvzwCyhYtlynUfLGbs2pAT6b9p59mYflNTkIJnPwDmsEI+0j13Ojsh
x33KrqtcxZpqU1bcZAPJyi/RqoUK/AXQp7pYu42LD5tmKH1dJ6XeUEW22mwQdxLi
-----END CERTIFICATE-----
Generated at Thu Sep 14 08:28:45 2023 by rpki-client on console-fra.rpki-client.org