Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/izOR0bsrD82Z68ic5izQr_89Gb4.roa
File: izOR0bsrD82Z68ic5izQr_89Gb4.roa (raw, json)
Hash identifier: vyr0ifYLq8qhOe06IIjKQpMy3CcyjCD9WeBOjssZ2To=
Subject key identifier: 8B:33:91:D1:BB:2B:0F:CD:99:EB:C8:9C:E6:2C:D0:AF:FF:3D:19:BE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01862C701CE15EEF39A4301C0EA44D3169D8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/izOR0bsrD82Z68ic5izQr_89Gb4.roa
Signing time: Tue 07 Feb 2023 15:13:10 +0000
ROA not before: Tue 07 Feb 2023 15:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 Mar 2023 09:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:70:1c:e1:5e:ef:39:a4:30:1c:0e:a4:4d:31:69:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 7 15:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3391d1bb2b0fcd99ebc89ce62cd0afff3d19be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9f:04:9c:46:aa:e9:4f:64:ed:90:3c:89:09:
38:cb:4d:90:1c:bd:d0:bd:88:47:c3:c7:f4:b1:e7:
e0:0d:74:3a:b3:e2:8b:91:e2:d3:d9:54:f9:f2:5a:
a7:18:cb:f1:89:4e:3c:21:9f:d1:09:a3:e9:ba:54:
1a:0e:ac:b4:f3:21:ef:cc:7b:9d:d1:20:bc:69:04:
35:8d:ed:d9:ee:af:60:0e:3f:3f:09:9d:83:87:01:
c9:72:1e:ec:0f:1c:74:72:a5:84:29:87:f7:67:07:
d3:c3:a2:8c:7d:cb:eb:7b:26:2d:27:ac:2b:81:34:
d4:63:6b:43:94:55:36:87:61:e6:d6:9b:8e:29:d0:
0b:62:53:7d:ec:05:84:e4:f2:bc:66:a2:c5:84:e9:
0e:d3:8f:3c:cd:da:c2:cf:81:3b:c6:fd:42:3b:e1:
cb:7e:2f:ea:19:8c:7f:a8:7c:5c:25:b1:fd:3b:68:
a8:2e:41:30:cc:ab:27:cc:d7:77:12:f8:ff:6d:97:
1b:e2:c9:93:aa:1b:07:20:b6:a2:53:4f:fd:f6:c0:
32:2a:ea:55:b3:2d:1e:0b:b0:c6:e7:35:fc:97:62:
45:73:c4:4c:ef:12:29:83:57:2b:50:f5:d6:ea:14:
77:ea:cd:5e:d2:31:27:52:33:9e:bb:9d:e1:b8:48:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:33:91:D1:BB:2B:0F:CD:99:EB:C8:9C:E6:2C:D0:AF:FF:3D:19:BE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/izOR0bsrD82Z68ic5izQr_89Gb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.221.0/24
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
9a:e2:c5:ff:36:d2:35:a1:20:07:4e:6e:4e:f1:b9:b2:03:10:
3a:3d:fc:5a:b1:89:8c:19:91:33:94:50:32:bb:bc:d8:52:18:
ad:49:a5:3e:4a:e1:c7:2c:51:ae:b1:38:1d:a0:c6:22:8d:ad:
0f:f8:65:bd:de:f1:17:b4:a9:11:f9:f3:5f:96:e0:71:7f:0a:
2b:d2:f4:e1:57:a8:02:aa:fb:3b:d7:6d:f7:a7:ab:78:d4:39:
0e:b3:6c:c2:b6:c8:83:8b:0b:f6:f0:ba:b0:c3:c1:5e:1d:58:
29:df:78:f6:57:6a:65:10:99:c3:97:f1:3e:55:c3:fd:eb:76:
d1:39:7a:40:2a:75:24:71:a3:74:d4:2f:dc:c6:01:28:c3:7a:
eb:0c:98:4b:5b:ae:09:f1:eb:6a:23:64:63:87:6b:6a:32:f6:
0c:c2:e4:1c:5e:9f:01:87:ad:70:02:f4:52:c9:d2:28:b5:1c:
d5:72:79:7d:b2:dc:6a:97:b8:69:07:aa:50:9a:12:3a:16:34:
61:1f:46:64:3a:c0:33:a5:f9:f0:63:fd:90:a2:eb:6f:2b:dc:
d7:06:c7:d2:4e:52:8a:32:70:ec:5d:be:a4:ff:b4:f5:06:a6:
e0:9f:1c:8a:e0:b9:a7:15:f6:ef:f0:c1:ef:ac:5e:3b:f7:04:
64:4c:62:e6
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYYscBzhXu85pDAcDqRNMWnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMjA3MTUxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMzOTFkMWJiMmIwZmNkOTllYmM4OWNlNjJjZDBhZmZmM2QxOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ8EnEaq6U9k7ZA8iQk4y02QHL3Q
vYhHw8f0sefgDXQ6s+KLkeLT2VT58lqnGMvxiU48IZ/RCaPpulQaDqy08yHvzHud
0SC8aQQ1je3Z7q9gDj8/CZ2DhwHJch7sDxx0cqWEKYf3ZwfTw6KMfcvreyYtJ6wr
gTTUY2tDlFU2h2Hm1puOKdALYlN97AWE5PK8ZqLFhOkO0488zdrCz4E7xv1CO+HL
fi/qGYx/qHxcJbH9O2ioLkEwzKsnzNd3Evj/bZcb4smTqhsHILaiU0/99sAyKupV
sy0eC7DG5zX8l2JFc8RM7xIpg1crUPXW6hR36s1e0jEnUjOeu53huEjz5wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFIszkdG7Kw/NmevInOYs0K//PRm+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaXpPUjBic3JEODJaNjhpYzVpelFyXzg5R2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQBBbSIAwQA
Bfx0AwQALVlAAwQALYX1AwQALhFqAwQAVdEAAwQAX9YIAwQAixzdAwQAuRECAwQA
uV6nAwQAuWj6AwQAuby1AwQAwW1UAwQAwjU2MA0EAgACMAcDBQAqCpMAMA0GCSqG
SIb3DQEBCwUAA4IBAQCa4sX/NtI1oSAHTm5O8bmyAxA6PfxasYmMGZEzlFAyu7zY
UhitSaU+SuHHLFGusTgdoMYija0P+GW93vEXtKkR+fNfluBxfwor0vThV6gCqvs7
1233p6t41DkOs2zCtsiDiwv28Lqww8FeHVgp33j2V2plEJnDl/E+VcP963bROXpA
KnUkcaN01C/cxgEow3rrDJhLW64J8etqI2Rjh2tqMvYMwuQcXp8Bh61wAvRSydIo
tRzVcnl9stxql7hpB6pQmhI6FjRhH0ZkOsAzpfnwY/2QoutvK9zXBsfSTlKKMnDs
Xb6k/7T1BqbgnxyK4LmnFfbv8MHvrF479wRkTGLm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org