Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/12Ue4yLFQIBLEIs398oB1o3kLLc.roa
File: 12Ue4yLFQIBLEIs398oB1o3kLLc.roa (raw, json)
Hash identifier: 6LcaRIJe4ZY0r/bZkdk3wZAB3CsO9ZQLGCF+AyuL/X0=
Subject key identifier: D7:65:1E:E3:22:C5:40:80:4B:10:8B:37:F7:CA:01:D6:8D:E4:2C:B7
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0189F2D1BC74C4DCAA4C8AED68A12CE675E0
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/12Ue4yLFQIBLEIs398oB1o3kLLc.roa
Signing time: Mon 14 Aug 2023 06:52:58 +0000
ROA not before: Mon 14 Aug 2023 06:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 194.53.70.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
185.242.217.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
188.119.154.0/24 maxlen: 32
92.118.208.0/22 maxlen: 32
45.66.176.0/22 maxlen: 32
45.154.192.0/22 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
45.10.236.0/22 maxlen: 32
63.141.36.0/23 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Sep 2023 08:42:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:d1:bc:74:c4:dc:aa:4c:8a:ed:68:a1:2c:e6:75:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Aug 14 06:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7651ee322c540804b108b37f7ca01d68de42cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:5d:ba:09:fc:19:91:2c:d7:2d:4a:92:25:
1a:8b:7e:d9:5e:f1:c9:5e:6e:ee:1c:32:a7:10:4b:
79:b6:05:45:eb:15:27:fe:7e:99:17:1f:e3:83:8e:
4f:7f:dd:ff:f0:0b:a4:35:5d:0f:3a:6b:99:8e:0c:
63:77:15:03:da:ca:55:d2:88:fb:10:84:60:0d:9a:
62:3e:4b:df:32:2b:67:88:81:1c:4f:70:cd:90:15:
2c:ae:f4:3a:a0:72:56:96:01:cd:b6:43:e5:b4:1a:
31:66:52:dc:53:b3:43:a7:1a:4f:d3:4a:f0:8a:78:
4e:fa:0b:7b:64:4c:31:f1:05:76:70:02:05:1f:1e:
fd:5b:b8:8a:7e:d8:da:f6:f7:45:55:87:c4:a6:35:
d0:5b:75:8b:df:0e:72:cf:d5:b5:30:84:98:59:8e:
9e:84:38:6c:50:a6:9d:74:7e:d9:5b:0f:b1:39:3b:
78:8a:1f:2b:43:ce:24:c3:4c:83:17:f5:6b:e7:27:
79:94:29:6e:84:8c:46:a6:0d:f9:34:f3:cc:bf:06:
2f:7e:d3:bc:89:25:7a:07:82:75:9c:58:38:32:59:
14:a0:89:0a:50:6b:63:ef:c5:11:04:77:8b:fb:f0:
6e:c0:92:6b:85:1f:9b:ff:97:97:cf:51:20:56:fc:
e7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:65:1E:E3:22:C5:40:80:4B:10:8B:37:F7:CA:01:D6:8D:E4:2C:B7
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/12Ue4yLFQIBLEIs398oB1o3kLLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.236.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
92.118.208.0/22
139.28.120.0/22
185.36.254.0/24
185.223.248.0/22
185.242.217.0/24
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
Signature Algorithm: sha256WithRSAEncryption
85:3d:2e:8a:a8:d7:7b:03:3a:40:48:36:2f:69:32:09:ca:98:
f3:61:47:b2:cd:a8:c1:55:73:ff:02:d3:9f:6a:5c:2a:67:33:
23:45:b8:da:59:01:03:7e:9e:f2:c4:f8:55:f0:f6:68:5a:0e:
0d:48:79:f7:45:85:78:5b:d3:4d:a7:54:f4:54:a4:ce:d6:08:
d9:02:1d:6d:f6:5e:67:27:13:40:c1:41:bb:b7:d1:b4:f5:70:
f4:0a:01:3e:55:04:23:8e:09:f8:f9:0d:37:14:f5:5e:ac:31:
35:af:8f:fc:b3:c8:da:f7:5c:62:90:3e:40:b8:9f:ce:1a:88:
a0:b3:9b:b1:36:7b:c2:19:f4:d7:d0:87:bb:5d:e9:8d:7b:3a:
48:8f:aa:fd:41:7a:d7:6b:78:d1:e5:34:d4:4d:8f:82:d6:ab:
79:48:11:24:7f:cc:30:7a:4a:11:7e:18:19:db:11:15:3a:26:
9b:a2:1a:8c:72:fc:b3:01:96:da:35:b2:70:2a:9e:aa:7f:9b:
b9:f2:aa:bb:f2:8f:7e:d4:48:e0:e0:f2:7e:72:88:77:bf:62:
92:0e:f1:7b:2e:09:d4:f2:eb:72:78:ca:be:a5:da:de:99:7c:
f4:91:9b:cd:e6:b3:86:1b:d5:97:e1:81:88:82:69:eb:99:08:
f3:db:3a:9c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYny0bx0xNyqTIrtaKEs5nXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwODE0MDY1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY1MWVlMzIyYzU0MDgwNGIxMDhiMzdmN2NhMDFkNjhkZTQyY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFpdugn8GZEs1y1KkiUai37ZXvHJ
Xm7uHDKnEEt5tgVF6xUn/n6ZFx/jg45Pf93/8AukNV0POmuZjgxjdxUD2spV0oj7
EIRgDZpiPkvfMitniIEcT3DNkBUsrvQ6oHJWlgHNtkPltBoxZlLcU7NDpxpP00rw
inhO+gt7ZEwx8QV2cAIFHx79W7iKftja9vdFVYfEpjXQW3WL3w5yz9W1MISYWY6e
hDhsUKaddH7ZWw+xOTt4ih8rQ84kw0yDF/Vr5yd5lCluhIxGpg35NPPMvwYvftO8
iSV6B4J1nFg4MlkUoIkKUGtj78URBHeL+/BuwJJrhR+b/5eXz1EgVvznWwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFNdlHuMixUCASxCLN/fKAdaN5Cy3MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMTJVZTR5TEZRSUJMRUlzMzk4b0IxbzNrTExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
CuwDBAItQrADBAItUmADBAItVOQDBAItmsADBAItnOADBAE/jSQDBAJcdtADBAKL
HHgDBAC5JP4DBAK53/gDBAC58tkDBAC8d5oDBAHB5DowDAMEAMH+GwMEAMH+HAME
AMIAhQMEAMIAiAMEAMI1RjAMAwQAwnzvAwQAwnzwMAwDBADCfPcDBADCfPgwDQYJ
KoZIhvcNAQELBQADggEBAIU9Loqo13sDOkBINi9pMgnKmPNhR7LNqMFVc/8C059q
XCpnMyNFuNpZAQN+nvLE+FXw9mhaDg1IefdFhXhb002nVPRUpM7WCNkCHW32Xmcn
E0DBQbu30bT1cPQKAT5VBCOOCfj5DTcU9V6sMTWvj/yzyNr3XGKQPkC4n84aiKCz
m7E2e8IZ9NfQh7td6Y17OkiPqv1BetdreNHlNNRNj4LWq3lIESR/zDB6ShF+GBnb
ERU6JpuiGoxy/LMBlto1snAqnqp/m7nyqrvyj37USODg8n5yiHe/YpIO8XsuCdTy
63J4yr6l2t6ZfPSRm83ms4Yb1ZfhgYiCaeuZCPPbOpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org