Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/imkLqXgLpFec0m20GHQYUnxdS7k.roa
File: imkLqXgLpFec0m20GHQYUnxdS7k.roa (raw, json)
Hash identifier: zYq9VH0AOPR3AZj95xoouAE2uRGmOW1yMhRdVAkNUUk=
Subject key identifier: 8A:69:0B:A9:78:0B:A4:57:9C:D2:6D:B4:18:74:18:52:7C:5D:4B:B9
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0190FD6EA466EEB4D2F6CBF08D7ABDA6F968
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/imkLqXgLpFec0m20GHQYUnxdS7k.roa
Signing time: Mon 29 Jul 2024 07:40:04 +0000
ROA not before: Mon 29 Jul 2024 07:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
193.124.188.0/23 maxlen: 23
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 13:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:6e:a4:66:ee:b4:d2:f6:cb:f0:8d:7a:bd:a6:f9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 29 07:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a690ba9780ba4579cd26db4187418527c5d4bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:4f:06:6f:86:40:53:56:50:01:fb:6c:c7:
7b:3b:3d:9e:7a:70:19:b8:53:7d:de:15:92:63:7b:
94:47:48:b9:56:0d:2f:a1:af:67:6f:d1:95:4d:2a:
81:e2:fd:10:09:38:91:46:cb:a5:b2:c3:a3:fa:2e:
98:f0:5e:86:8a:ac:4c:dc:83:dc:35:06:01:98:f6:
cd:e2:db:b7:04:a5:66:b9:21:41:8f:9e:45:6f:6b:
1f:85:a3:6f:48:78:f4:98:a9:68:02:e9:ad:67:c9:
ff:9d:f3:80:b9:d5:54:20:0a:ea:17:c5:43:29:5d:
7e:26:3a:6f:0e:df:73:5f:ad:37:8d:2e:9e:21:d8:
3f:16:a7:f3:71:08:02:31:ca:28:ab:e8:7f:3c:b7:
3b:1d:ef:55:85:8c:da:10:14:6c:6c:cd:c6:e0:e0:
53:4b:ef:b0:43:30:73:22:e3:74:4d:92:45:92:17:
22:15:66:81:c8:75:a6:ee:ff:eb:0e:93:1e:2b:ef:
0f:0e:12:c8:57:00:54:77:59:51:be:1d:e0:4c:f1:
87:1a:f1:45:d5:f5:81:6c:c6:37:89:1b:82:a9:0a:
6c:16:20:50:13:29:4a:50:67:ab:8e:e0:83:06:08:
9c:29:cb:f6:51:cd:75:c3:82:71:7c:ec:7c:9c:bc:
36:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:69:0B:A9:78:0B:A4:57:9C:D2:6D:B4:18:74:18:52:7C:5D:4B:B9
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/imkLqXgLpFec0m20GHQYUnxdS7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
193.124.188.0/23
193.239.160.0/23
193.239.166.0/23
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
3a:7c:6b:29:21:62:9f:ea:f6:24:fd:ba:8d:86:27:87:ec:b5:
eb:14:8c:2c:77:68:94:24:b0:ee:7d:e7:1a:c9:62:f3:59:de:
27:6b:eb:d3:34:ce:7c:1b:80:c6:05:bd:ea:f6:49:fc:7b:95:
27:74:43:78:ba:a5:59:b3:18:23:d4:a3:d8:a1:84:48:8c:90:
32:c3:ed:06:48:54:ea:d6:73:18:7b:68:c3:23:73:21:20:b7:
86:3a:a9:21:9f:7f:24:37:4a:62:7a:8d:24:33:2b:58:3c:31:
28:55:32:59:35:e6:15:7c:7e:d5:1e:fa:ca:73:52:50:5f:27:
87:03:12:11:c7:b2:23:76:f5:17:a5:ef:67:50:af:02:74:05:
2b:73:29:32:58:e3:bb:bc:c2:07:bd:98:e7:2b:3d:f4:42:dc:
8d:d8:80:3e:d8:d5:f1:7e:e2:b8:01:53:a2:0d:a7:84:d3:7d:
a3:a9:d7:cc:e6:05:9c:e8:47:a4:57:f9:fd:1c:96:77:39:c6:
c4:55:93:35:60:9c:e8:bd:51:19:9f:71:d1:31:ca:6d:9b:df:
98:73:0b:e7:58:b1:cd:e5:15:da:56:4c:8b:e1:08:e9:72:fe:
fc:2e:10:58:6a:85:38:d4:bd:ed:f9:af:2d:18:87:96:96:74:
b9:d6:a0:af
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZD9bqRm7rTS9svwjXq9pvloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNzI5MDc0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTY5MGJhOTc4MGJhNDU3OWNkMjZkYjQxODc0MTg1MjdjNWQ0YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApERPBm+GQFNWUAH7bMd7Oz2eenAZ
uFN93hWSY3uUR0i5Vg0voa9nb9GVTSqB4v0QCTiRRsulssOj+i6Y8F6GiqxM3IPc
NQYBmPbN4tu3BKVmuSFBj55Fb2sfhaNvSHj0mKloAumtZ8n/nfOAudVUIArqF8VD
KV1+JjpvDt9zX603jS6eIdg/FqfzcQgCMcooq+h/PLc7He9VhYzaEBRsbM3G4OBT
S++wQzBzIuN0TZJFkhciFWaByHWm7v/rDpMeK+8PDhLIVwBUd1lRvh3gTPGHGvFF
1fWBbMY3iRuCqQpsFiBQEylKUGerjuCDBgicKcv2Uc11w4JxfOx8nLw2YwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFIppC6l4C6RXnNJttBh0GFJ8XUu5MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaW1rTHFYZ0xwRmVjMG0yMEdIUVlVbnhkUzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wga0EAgABMIGmAwQA
LQlIAwQALYpJAwQALhFpAwQCUEwgAwQAW9lMAwQBXHYIAwQBXo6IMAwDBABf1gkD
BAJf1ggDBAC5KAcDBAG5XqQDBAC5ZogDBAK5Z/wDBAC5cFEDBAG5ckgDBAC5dXQD
BAC5dXcDBAC5yL4DBAG56KowDAMEBLnpUAMEALnpUgMEAbnpygMEALn8kAMEAcF8
vAMEAcHvoAMEAcHvpgMEAcIksjA8BAIAAjA2AwcAKgRSAABoAwcAKgRSAQACAwcA
KgRSAQAEAwcBKgRSAQAGAwcAKgRSAQAJAwcAKgRSAYAYMA0GCSqGSIb3DQEBCwUA
A4IBAQA6fGspIWKf6vYk/bqNhieH7LXrFIwsd2iUJLDufecayWLzWd4na+vTNM58
G4DGBb3q9kn8e5UndEN4uqVZsxgj1KPYoYRIjJAyw+0GSFTq1nMYe2jDI3MhILeG
Oqkhn38kN0pieo0kMytYPDEoVTJZNeYVfH7VHvrKc1JQXyeHAxIRx7IjdvUXpe9n
UK8CdAUrcykyWOO7vMIHvZjnKz30QtyN2IA+2NXxfuK4AVOiDaeE032jqdfM5gWc
6EekV/n9HJZ3OcbEVZM1YJzovVEZn3HRMcptm9+YcwvnWLHN5RXaVkyL4Qjpcv78
LhBYaoU41L3t+a8tGIeWlnS51qCv
-----END CERTIFICATE-----
Generated at Thu Aug 1 16:11:52 2024 by rpki-client on console-fra.rpki-client.org