Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a9l7UfrKSKifDOaRlzGnSdtr9aI.roa
File: a9l7UfrKSKifDOaRlzGnSdtr9aI.roa (raw, json)
Hash identifier: /cuejNraKDKEwgd/PpwbXXzuhKoLhfBnYSe4K0973aU=
Subject key identifier: 6B:D9:7B:51:FA:CA:48:A8:9F:0C:E6:91:97:31:A7:49:DB:6B:F5:A2
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C1B6B31F4F91390F3597E7B673C99
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a9l7UfrKSKifDOaRlzGnSdtr9aI.roa
Signing time: Mon 02 Jan 2023 05:54:56 +0000
ROA not before: Mon 02 Jan 2023 05:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35196
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
139.28.220.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
45.9.73.184/32 maxlen: 32
195.66.87.0/24 maxlen: 24
45.9.73.179/32 maxlen: 32
94.142.136.0/21 maxlen: 21
94.142.138.0/24 maxlen: 24
185.105.119.0/24 maxlen: 24
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
185.87.48.18/32 maxlen: 32
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
94.142.136.67/32 maxlen: 32
185.105.116.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
45.9.73.236/32 maxlen: 32
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
193.124.176.0/20 maxlen: 20
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.208.0/20 maxlen: 20
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a09:5302:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1b:6b:31:f4:f9:13:90:f3:59:7e:7b:67:3c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bd97b51faca48a89f0ce6919731a749db6bf5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:95:76:fe:41:bc:11:c0:a6:22:ae:a3:30:
9c:10:90:c6:fb:e2:ed:e4:da:bd:3c:7e:26:4b:96:
c9:42:80:ea:45:5a:ae:02:db:c8:13:ab:7a:f1:a4:
97:28:db:50:3c:58:09:2b:a7:98:fa:a7:21:db:e9:
38:68:2e:f3:ac:67:43:7d:bf:fc:f3:a3:8a:c1:11:
28:2b:d1:c5:bb:f6:f5:02:62:52:c9:2e:d9:fb:ed:
34:c2:65:c5:0a:bc:b8:41:5d:89:9e:4f:27:ad:4b:
d6:6c:d3:fe:8e:25:89:83:01:7e:2b:00:ba:af:7d:
e5:ff:36:82:e5:05:0b:98:cc:81:34:76:1d:2b:ff:
d8:ae:5e:b4:ba:79:b5:2a:88:21:23:70:76:d6:16:
52:3e:c8:c5:f7:2a:f5:f0:14:d8:1e:8b:dc:dd:57:
f7:64:dd:e8:80:9e:43:fd:a0:a4:ac:26:b6:af:06:
80:ff:98:b4:2c:6c:6c:04:28:d4:c2:99:b6:ae:42:
2a:3a:49:ae:80:83:24:8c:fe:08:b1:15:17:9f:0f:
1f:52:75:64:75:a8:3e:8c:f3:22:af:3d:a5:d6:b3:
17:e1:9c:79:8c:c0:a0:73:f8:30:59:67:b6:3a:3c:
9d:a4:a7:8f:80:33:d1:56:65:f4:7f:3a:48:66:d5:
dc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D9:7B:51:FA:CA:48:A8:9F:0C:E6:91:97:31:A7:49:DB:6B:F5:A2
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a9l7UfrKSKifDOaRlzGnSdtr9aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
95.214.9.0-95.214.11.255
139.28.220.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/22
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
98:ab:73:fa:87:f5:cd:77:59:b1:7f:53:5c:20:58:fc:e5:75:
2e:ab:3d:cc:af:84:1f:97:f7:81:f0:2c:7e:83:4c:02:d5:a3:
6e:74:f1:49:2b:9c:54:5b:b9:71:01:0d:58:f2:0b:df:df:9f:
c3:e1:3b:e8:53:70:45:78:81:c6:73:2d:1a:ed:2e:76:83:0b:
98:bf:13:cb:35:48:fa:07:e2:e3:8e:53:40:d2:b6:a8:cf:f0:
94:81:a3:b3:0e:42:48:29:45:1e:40:39:f1:8e:e8:06:e7:2a:
57:06:d1:57:db:7b:af:c5:f8:8e:e4:8a:c4:c1:6f:ad:1d:ec:
6f:1b:23:62:1f:e4:54:2b:be:1c:9f:2e:e7:31:fe:45:71:f2:
07:e8:76:0b:31:68:64:19:cb:8c:6a:3d:2e:a9:26:0c:69:d9:
35:92:74:9c:01:86:8b:af:b0:df:19:93:e1:02:f9:59:4c:4a:
45:b4:bc:e6:2d:1a:b9:5f:59:a5:87:c8:d4:3f:ce:41:2f:9f:
14:85:62:88:8c:a0:5f:9d:90:c1:33:79:02:51:c2:07:b8:62:
0f:33:a9:36:5c:12:35:d0:c3:9e:e6:f2:d6:61:7f:a0:50:a3:
6c:9d:42:de:06:bc:4a:bc:8d:9b:c0:45:d1:0d:c5:f2:f2:da:
db:a3:89:5d
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYVxDBtrMfT5E5DzWX57ZzyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ5N2I1MWZhY2E0OGE4OWYwY2U2OTE5NzMxYTc0OWRiNmJmNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXSVdv5BvBHApiKuozCcEJDG++Lt
5Nq9PH4mS5bJQoDqRVquAtvIE6t68aSXKNtQPFgJK6eY+qch2+k4aC7zrGdDfb/8
86OKwREoK9HFu/b1AmJSyS7Z++00wmXFCry4QV2Jnk8nrUvWbNP+jiWJgwF+KwC6
r33l/zaC5QULmMyBNHYdK//Yrl60unm1KoghI3B21hZSPsjF9yr18BTYHovc3Vf3
ZN3ogJ5D/aCkrCa2rwaA/5i0LGxsBCjUwpm2rkIqOkmugIMkjP4IsRUXnw8fUnVk
dag+jPMirz2l1rMX4Zx5jMCgc/gwWWe2OjydpKePgDPRVmX0fzpIZtXcWQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFGvZe1H6ykionwzmkZcxp0nba/WiMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYTlsN1VmcktTS2lmRE9hUmx6R25TZHRyOWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBkgQCAAEwgYsDBQAt
CUmzAwUALQlJuAMFAC0JSewwDAMEAC1ZQQMEAi1ZQAMEAi2AsAMEAFvZUAMEA16O
iDAMAwQAX9YJAwQCX9YIAwQAixzcAwQCuQX4AwQCuTrMAwQCuVcwAwQCuWl0AwQC
uXWYAwQCuX3YAwQCuX3kAwQEwXywAwQFwkPAAwQAwy/6AwQAw0JXMDEEAgACMCsD
BwAqCVMC//8DBwAqCpMAEAAwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMCMA0GCSqG
SIb3DQEBCwUAA4IBAQCYq3P6h/XNd1mxf1NcIFj85XUuqz3Mr4Qfl/eB8Cx+g0wC
1aNudPFJK5xUW7lxAQ1Y8gvf35/D4TvoU3BFeIHGcy0a7S52gwuYvxPLNUj6B+Lj
jlNA0raoz/CUgaOzDkJIKUUeQDnxjugG5ypXBtFX23uvxfiO5IrEwW+tHexvGyNi
H+RUK74cny7nMf5FcfIH6HYLMWhkGcuMaj0uqSYMadk1knScAYaLr7DfGZPhAvlZ
TEpFtLzmLRq5X1mlh8jUP85BL58UhWKIjKBfnZDBM3kCUcIHuGIPM6k2XBI10MOe
5vLWYX+gUKNsnULeBrxKvI2bwEXRDcXy8trbo4ld
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:37 2023 by rpki-client on console-fra.rpki-client.org