Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/9ouqdq-MmdgM9TvB10glEbTsP0k.roa
File: 9ouqdq-MmdgM9TvB10glEbTsP0k.roa (raw, json)
Hash identifier: gFIxto8EDxvJh4WIw9qW2EbYed59jvzU+yRUHd5KAec=
Subject key identifier: F6:8B:AA:76:AF:8C:99:D8:0C:F5:3B:C1:D7:48:25:11:B4:EC:3F:49
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01872370539306C91F48E59002C02FA5E9EB
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/9ouqdq-MmdgM9TvB10glEbTsP0k.roa
Signing time: Mon 27 Mar 2023 14:19:36 +0000
ROA not before: Mon 27 Mar 2023 14:19:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.201.188.0/24 maxlen: 24
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
77.246.152.0/22 maxlen: 22
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jul 2023 04:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:70:53:93:06:c9:1f:48:e5:90:02:c0:2f:a5:e9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 27 14:19:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f68baa76af8c99d80cf53bc1d7482511b4ec3f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5e:df:bb:95:5d:2c:06:d4:80:03:19:a8:3a:
55:c5:8d:21:22:98:57:fd:d6:0b:8b:f1:c2:23:eb:
b4:a1:96:a7:c9:51:ab:03:17:66:52:40:0b:d7:61:
e3:fc:de:f5:17:d5:c2:3d:9e:55:5c:aa:f5:b2:45:
ae:80:44:bd:de:78:e9:03:aa:a4:50:4b:6b:51:f1:
b1:9f:82:da:66:8d:a4:f5:6b:9d:64:99:96:d8:da:
0a:db:68:13:a5:01:93:a2:c0:39:f1:55:63:8f:e6:
66:86:e1:3f:27:e9:3b:7b:36:79:82:94:a5:25:a6:
20:94:60:29:85:b2:ce:66:3c:8a:1b:14:7c:23:4d:
c6:9f:c7:4a:0e:4a:54:d8:35:f3:b4:b7:cc:56:c7:
69:31:55:03:41:b7:23:bc:00:13:eb:47:bc:20:13:
b7:89:59:2f:e7:83:91:15:fd:5e:5b:fe:73:42:fd:
b2:a3:6e:29:6d:a9:64:53:29:15:09:e2:7d:7e:37:
e3:bc:3b:af:ec:31:d2:04:02:71:30:22:2e:76:ca:
56:49:79:f5:1f:e6:40:ab:0b:07:71:9e:98:37:63:
8c:0e:b6:9d:91:f9:5f:e7:7a:fa:39:9e:2d:09:c2:
93:3c:45:9c:b5:33:c0:60:3c:56:16:90:51:c2:dc:
8b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8B:AA:76:AF:8C:99:D8:0C:F5:3B:C1:D7:48:25:11:B4:EC:3F:49
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/9ouqdq-MmdgM9TvB10glEbTsP0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
77.246.152.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0-185.188.63.255
185.201.188.0/24
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
55:ef:82:3c:e5:30:ce:69:50:12:2c:d4:37:c0:34:09:4a:e6:
2d:f5:d7:ca:f3:76:a2:35:67:60:11:a2:5b:6b:18:c7:b2:d1:
0c:2f:4d:38:9e:db:3a:be:96:14:b7:f1:cc:6b:b2:be:f9:57:
78:58:eb:6e:b8:37:10:1b:e4:a6:09:5c:1c:cc:9f:4a:ce:51:
d1:71:f5:9d:0c:b2:3c:28:9f:9c:b1:42:96:46:39:d7:a7:2b:
71:65:a3:92:22:62:b8:59:94:a0:74:c2:b4:09:7f:e6:3f:9b:
e7:3a:2c:b1:4f:97:b3:f6:dd:33:8b:0b:bf:0e:8e:ea:d8:8b:
e9:6c:ba:93:bc:31:74:00:af:08:32:98:54:d6:9e:b2:75:cb:
db:b7:cf:7e:73:30:9a:3d:2d:f8:1e:3a:ba:73:d8:2a:a9:5f:
c0:67:83:6b:02:11:54:c4:7e:93:90:8e:c8:0c:dd:34:58:57:
d3:ef:9a:f0:2a:bb:0e:43:49:d7:e2:d0:d6:be:a8:22:d3:59:
61:85:10:56:37:98:23:ef:df:bc:5e:93:c1:34:55:06:92:24:
81:3c:3e:d9:92:17:6f:86:01:5b:9a:e0:a7:ee:df:fa:3c:97:
b3:46:4b:ef:d1:fb:4a:d6:86:02:ea:ce:bb:72:d8:31:ec:2a:
b6:41:0f:fa
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYcjcFOTBskfSOWQAsAvpenrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMzI3MTQxOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhiYWE3NmFmOGM5OWQ4MGNmNTNiYzFkNzQ4MjUxMWI0ZWMzZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV7fu5VdLAbUgAMZqDpVxY0hIphX
/dYLi/HCI+u0oZanyVGrAxdmUkAL12Hj/N71F9XCPZ5VXKr1skWugES93njpA6qk
UEtrUfGxn4LaZo2k9WudZJmW2NoK22gTpQGTosA58VVjj+ZmhuE/J+k7ezZ5gpSl
JaYglGAphbLOZjyKGxR8I03Gn8dKDkpU2DXztLfMVsdpMVUDQbcjvAAT60e8IBO3
iVkv54ORFf1eW/5zQv2yo24pbalkUykVCeJ9fjfjvDuv7DHSBAJxMCIudspWSXn1
H+ZAqwsHcZ6YN2OMDradkflf53r6OZ4tCcKTPEWctTPAYDxWFpBRwtyL7QIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFPaLqnavjJnYDPU7wddIJRG07D9JMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvOW91cWRxLU1tZGdNOVR2QjEwZ2xFYlRzUDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgbcEAgABMIGwAwQA
BZquAwQCLV8YAwQCLZBYAwQCLZUcAwQCLZzgAwQCTfaYAwQAUPYeAwQAVmm3AwQA
V+/+AwQAWSP5AwQAWSgYAwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCiAwQB
uWxoAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUAwQAubjkMAwDBAC5vD0D
BAa5vAADBAC5ybwDBAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMq
BSjAAwUDKgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0G
CSqGSIb3DQEBCwUAA4IBAQBV74I85TDOaVASLNQ3wDQJSuYt9dfK83aiNWdgEaJb
axjHstEML004nts6vpYUt/HMa7K++Vd4WOtuuDcQG+SmCVwczJ9KzlHRcfWdDLI8
KJ+csUKWRjnXpytxZaOSImK4WZSgdMK0CX/mP5vnOiyxT5ez9t0ziwu/Do7q2Ivp
bLqTvDF0AK8IMphU1p6ydcvbt89+czCaPS34Hjq6c9gqqV/AZ4NrAhFUxH6TkI7I
DN00WFfT75rwKrsOQ0nX4tDWvqgi01lhhRBWN5gj79+8XpPBNFUGkiSBPD7Zkhdv
hgFbmuCn7t/6PJezRkvv0ftK1oYC6s67ctgx7Cq2QQ/6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org