Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa
File: xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa (raw, json)
Hash identifier: 15E/5mzIuIMQl7RdjHjcNrZoPlyQbOAZ8ojMLDa8b7M=
Subject key identifier: C4:FE:D5:DD:8D:A4:D6:AC:BF:FC:5F:D1:AA:65:C8:AB:48:94:C8:06
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01897890DCCC813D000DF391C094FF72DA24
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa
Signing time: Fri 21 Jul 2023 13:08:26 +0000
ROA not before: Fri 21 Jul 2023 13:08:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jul 2023 16:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:90:dc:cc:81:3d:00:0d:f3:91:c0:94:ff:72:da:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 21 13:08:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4fed5dd8da4d6acbffc5fd1aa65c8ab4894c806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:c7:58:e9:c0:94:a3:ce:62:01:05:43:99:
02:a7:a0:b2:1d:c2:7c:c0:4f:3d:1f:c5:f4:45:d9:
a7:c1:eb:19:a2:7c:0a:9d:2e:63:9b:ad:16:8c:64:
a9:0a:12:9e:e8:a0:e9:9e:5e:7b:89:61:b6:8b:b2:
8a:e5:0e:30:23:3b:61:0a:83:ff:c8:b7:a1:77:02:
ac:d6:2e:ea:31:41:4e:c6:33:7c:5d:ca:a4:68:06:
86:21:11:e9:7a:74:40:2f:fc:b6:69:a6:09:7b:3e:
fa:6a:d8:6b:16:4c:dc:9c:ee:40:46:87:10:ad:a2:
b9:24:9b:26:23:34:b3:a5:f8:ce:85:9a:9f:be:15:
f9:1e:30:1e:bb:23:f1:47:7b:07:7a:5a:1b:72:db:
5d:08:a5:60:59:d9:10:dc:bd:7c:58:fe:8f:5f:fe:
a4:8b:b5:be:84:2b:3f:6a:a2:da:f2:35:32:00:ee:
81:ea:b4:a0:8c:e1:17:0c:b6:4d:6e:7f:ce:ee:7a:
a1:04:4c:99:06:8f:25:77:bc:7a:35:d1:2b:8e:f9:
9a:d3:cb:a1:c6:f2:fa:30:d1:5e:9f:41:e4:8c:d1:
bf:f4:ad:73:af:65:a8:3d:a3:94:85:76:8e:06:0e:
37:5d:8e:9a:c0:39:bb:12:a3:08:23:15:6c:34:fb:
75:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FE:D5:DD:8D:A4:D6:AC:BF:FC:5F:D1:AA:65:C8:AB:48:94:C8:06
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
69:cd:96:1e:31:f6:28:3d:86:9e:a0:c0:13:63:12:07:db:22:
90:41:f1:e9:c0:c3:d8:13:e9:59:43:ec:6b:44:2c:b0:53:14:
46:71:59:28:25:00:e3:3b:d6:26:cc:39:b4:6e:65:c7:6e:e6:
c7:d3:8b:bd:39:e7:2f:76:93:88:48:8f:0c:a1:d4:0d:5a:24:
76:1c:90:cf:97:fc:8a:54:ee:3a:b9:03:54:ed:3c:cd:c5:b0:
a2:5c:b2:c1:72:7e:35:32:4b:5e:a8:6b:58:c7:d3:60:6c:3e:
70:54:08:6f:c0:2c:41:bd:2c:1f:c7:6d:5d:f2:48:98:80:b3:
e7:5e:06:3c:40:75:3d:b9:d7:6c:04:08:81:a4:85:36:8a:31:
d2:07:f1:0b:7c:85:d9:6e:d6:2c:46:cc:d9:8d:82:e9:91:6c:
c7:a1:1d:71:38:30:79:1c:e2:6c:17:aa:b8:60:5f:67:69:f3:
5c:cb:1c:17:b2:33:d3:40:76:af:c7:33:7b:84:fd:97:e1:83:
ed:ab:9d:2a:2a:98:97:60:11:7e:21:f9:44:28:68:f5:e1:f9:
0f:b5:db:38:0c:77:2c:13:51:5f:55:e6:1d:5f:0f:91:cd:15:
3e:bc:87:73:99:34:22:a8:42:23:b0:7b:37:fe:b9:61:a0:38:
c5:a3:48:60
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYl4kNzMgT0ADfORwJT/ctokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzIxMTMwODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZlZDVkZDhkYTRkNmFjYmZmYzVmZDFhYTY1YzhhYjQ4OTRjODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdHHWOnAlKPOYgEFQ5kCp6CyHcJ8
wE89H8X0RdmnwesZonwKnS5jm60WjGSpChKe6KDpnl57iWG2i7KK5Q4wIzthCoP/
yLehdwKs1i7qMUFOxjN8XcqkaAaGIRHpenRAL/y2aaYJez76athrFkzcnO5ARocQ
raK5JJsmIzSzpfjOhZqfvhX5HjAeuyPxR3sHelobcttdCKVgWdkQ3L18WP6PX/6k
i7W+hCs/aqLa8jUyAO6B6rSgjOEXDLZNbn/O7nqhBEyZBo8ld7x6NdErjvma08uh
xvL6MNFen0HkjNG/9K1zr2WoPaOUhXaOBg43XY6awDm7EqMIIxVsNPt1EQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFMT+1d2NpNasv/xf0aplyKtIlMgGMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveFA3VjNZMmsxcXlfX0ZfUnFtWElxMGlVeUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAQW0iAME
AAX8dAMEAC1ZQAMEAC2F9QMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AMEALkRAgME
ALlepwMEALlo+gMEALlpdgMEALm8tQMEAMFtVAMEAMI1NgMEAMJDyAMEAMNCVzAN
BAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAac2WHjH2KD2GnqDAE2MS
B9sikEHx6cDD2BPpWUPsa0QssFMURnFZKCUA4zvWJsw5tG5lx27mx9OLvTnnL3aT
iEiPDKHUDVokdhyQz5f8ilTuOrkDVO08zcWwolyywXJ+NTJLXqhrWMfTYGw+cFQI
b8AsQb0sH8dtXfJImICz514GPEB1PbnXbAQIgaSFNoox0gfxC3yF2W7WLEbM2Y2C
6ZFsx6EdcTgweRzibBequGBfZ2nzXMscF7Iz00B2r8cze4T9l+GD7audKiqYl2AR
fiH5RCho9eH5D7XbOAx3LBNRX1XmHV8Pkc0VPryHc5k0IqhCI7B7N/65YaA4xaNI
YA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org