Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/2usXFUCPTaWmrpNMPLru26p_VXI.roa
File: 2usXFUCPTaWmrpNMPLru26p_VXI.roa (raw, json)
Hash identifier: VQoTx/JH3Z/o6cK9MaHoKKQbRim0Vc09MZKro1Jm+EU=
Subject key identifier: DA:EB:17:15:40:8F:4D:A5:A6:AE:93:4C:3C:BA:EE:DB:AA:7F:55:72
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018E3761E179968EA846A4A9033D145F4F25
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/2usXFUCPTaWmrpNMPLru26p_VXI.roa
Signing time: Wed 13 Mar 2024 10:35:45 +0000
ROA not before: Wed 13 Mar 2024 10:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 12:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:61:e1:79:96:8e:a8:46:a4:a9:03:3d:14:5f:4f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 13 10:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daeb1715408f4da5a6ae934c3cbaeedbaa7f5572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:58:f2:62:a5:39:0c:0d:ac:83:74:16:2f:47:
84:31:4f:7e:e5:15:dd:02:53:82:56:bf:4a:e3:f1:
a6:66:23:44:2e:04:34:94:e5:f8:d8:15:38:43:ba:
6d:1b:2a:8b:6a:b8:0c:15:02:e9:1f:09:55:39:d3:
3e:e4:64:3d:1f:86:8b:70:11:05:34:fd:0d:d1:dc:
a6:65:7f:e5:42:04:23:59:03:54:33:1c:29:fe:da:
c9:de:5c:cf:de:37:e0:70:77:1e:07:73:9a:ec:ff:
fd:c6:8b:e4:3e:ae:51:38:19:ff:01:89:a9:aa:d3:
42:91:50:64:9a:4a:0d:8d:ff:59:32:9d:58:a1:a7:
54:fd:46:67:ae:22:6d:47:bf:cc:83:08:3d:65:43:
5a:78:54:ba:88:cf:92:f0:0a:b1:fe:85:87:72:e9:
61:f8:49:96:ff:7f:a2:47:31:14:4e:84:88:8d:18:
9f:da:15:e8:cc:c9:cf:76:99:b5:c3:8f:93:71:2c:
27:61:09:ab:4d:3c:2e:cd:a9:8d:ef:99:76:7a:89:
71:a9:59:33:df:ec:4c:4f:b3:75:05:c2:cf:c2:3f:
ea:50:81:54:df:2b:97:74:5d:c9:5a:e2:90:16:e5:
e4:f8:12:28:64:e4:22:25:0b:ac:3b:b3:6b:6b:fd:
1c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EB:17:15:40:8F:4D:A5:A6:AE:93:4C:3C:BA:EE:DB:AA:7F:55:72
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/2usXFUCPTaWmrpNMPLru26p_VXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
43:c4:37:ac:9d:9c:d0:35:9c:9c:51:3b:be:44:ed:51:c4:e6:
99:65:76:56:cf:3b:dc:8d:6a:92:d6:28:e3:30:be:6a:4c:24:
51:9a:2a:7c:db:2c:aa:d0:5a:f9:63:fe:86:25:6e:6a:70:92:
25:8c:86:6e:30:64:12:3c:d7:3e:df:6d:2b:67:6a:6b:99:9c:
5d:8f:ad:cd:a6:ee:46:92:70:24:e1:11:53:ca:36:f4:d6:1c:
aa:ba:a2:24:e8:b0:4b:c7:13:70:9b:4f:76:58:3e:57:24:cd:
23:78:db:30:ad:29:0c:2e:58:f7:4f:ca:39:2a:c9:ee:e1:2e:
dc:09:68:92:fd:89:da:2b:f8:bd:54:92:6e:52:20:2f:05:bd:
54:58:63:63:11:75:26:d7:a1:0d:fc:19:cd:7a:4b:37:7d:2d:
b2:c7:f0:13:a1:b4:5a:db:82:7f:fb:6e:c2:a0:52:5e:96:0a:
79:27:79:d8:4f:2d:c9:6a:83:92:bf:f8:4b:81:9d:f9:19:5f:
d1:5f:60:7e:b5:d5:c7:34:c5:88:2c:28:2d:79:9f:00:ed:5e:
67:27:38:b1:50:95:ba:d8:71:d8:46:a2:07:07:44:b8:8c:dc:
5e:cf:e1:d7:34:07:aa:7e:26:6f:4c:6d:76:f7:cf:c6:11:b0:
af:0f:b1:4c
-----BEGIN CERTIFICATE-----
MIIGQDCCBSigAwIBAgISAY43YeF5lo6oRqSpAz0UX08lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzEzMTAzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWViMTcxNTQwOGY0ZGE1YTZhZTkzNGMzY2JhZWVkYmFhN2Y1NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVjyYqU5DA2sg3QWL0eEMU9+5RXd
AlOCVr9K4/GmZiNELgQ0lOX42BU4Q7ptGyqLargMFQLpHwlVOdM+5GQ9H4aLcBEF
NP0N0dymZX/lQgQjWQNUMxwp/trJ3lzP3jfgcHceB3Oa7P/9xovkPq5ROBn/AYmp
qtNCkVBkmkoNjf9ZMp1YoadU/UZnriJtR7/Mgwg9ZUNaeFS6iM+S8Aqx/oWHculh
+EmW/3+iRzEUToSIjRif2hXozMnPdpm1w4+TcSwnYQmrTTwuzamN75l2eolxqVkz
3+xMT7N1BcLPwj/qUIFU3yuXdF3JWuKQFuXk+BIoZOQiJQusO7Nra/0c/wIDAQAB
o4IDTDCCA0gwHQYDVR0OBBYEFNrrFxVAj02lpq6TTDy67tuqf1VyMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMnVzWEZVQ1BUYVdtcnBOTVBMcnUyNnBfVlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYAYIKwYBBQUHAQcBAf8EggFPMIIBSzCByQQCAAEwgcID
BAAFmq4DBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c4AMEAFD2
HgMEAFZptwMEAFfv/gMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4uzgMEALkk
/gMEALlgogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZlwMEArmgLAMEALmm
VAMEALm45AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3mgMEAMEkWQMEAMMv
wjB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoGRsADBQMq
BkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMqB5yAAwUD
KgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcNAQELBQAD
ggEBAEPEN6ydnNA1nJxRO75E7VHE5plldlbPO9yNapLWKOMwvmpMJFGaKnzbLKrQ
Wvlj/oYlbmpwkiWMhm4wZBI81z7fbStnamuZnF2Prc2m7kaScCThEVPKNvTWHKq6
oiTosEvHE3CbT3ZYPlckzSN42zCtKQwuWPdPyjkqye7hLtwJaJL9idor+L1Ukm5S
IC8FvVRYY2MRdSbXoQ38Gc16Szd9LbLH8BOhtFrbgn/7bsKgUl6WCnknedhPLclq
g5K/+EuBnfkZX9FfYH611cc0xYgsKC15nwDtXmcnOLFQlbrYcdhGogcHRLiM3F7P
4dc0B6p+Jm9MbXb3z8YRsK8PsUw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:49 2025 by rpki-client