Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Ay9bMBE8L2RYnYdXEYmnSlx4OLA.roa
File: Ay9bMBE8L2RYnYdXEYmnSlx4OLA.roa (raw, json)
Hash identifier: oP8LNU3CGf9Ru4qvLV8a/qzjFQwSCK8mA6l/iJ4ZwpI=
Subject key identifier: 03:2F:5B:30:11:3C:2F:64:58:9D:87:57:11:89:A7:4A:5C:78:38:B0
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018E0D66C0388BFF572FA805C87F45E044FE
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Ay9bMBE8L2RYnYdXEYmnSlx4OLA.roa
Signing time: Tue 05 Mar 2024 06:57:01 +0000
ROA not before: Tue 05 Mar 2024 06:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 45.10.236.0/22 maxlen: 32
45.66.176.0/22 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
45.154.192.0/22 maxlen: 32
45.156.224.0/22 maxlen: 32
63.141.36.0/23 maxlen: 32
82.115.213.0/24 maxlen: 32
92.118.208.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.188.63.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
188.119.154.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
194.53.70.0/24 maxlen: 32
194.88.143.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
2a05:6700::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 10:28:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:66:c0:38:8b:ff:57:2f:a8:05:c8:7f:45:e0:44:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 5 06:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=032f5b30113c2f64589d87571189a74a5c7838b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:51:d8:2a:eb:2f:a0:05:b2:4e:4c:01:e4:
e6:97:79:34:ee:e3:c9:20:51:dc:26:10:8f:d7:e4:
6d:d5:ae:8d:ab:b4:44:03:9b:c2:6f:9f:fc:7c:dc:
d4:1a:57:a2:e3:e9:80:9e:d2:cd:d1:6d:c2:06:f1:
16:6c:c8:a0:88:57:4c:bb:3c:3c:c1:ed:75:da:de:
39:56:ee:32:74:ae:e6:fe:b6:e8:f3:2f:86:05:e8:
62:ac:fa:d1:a1:51:a0:d0:37:56:0a:5c:8a:a5:c2:
12:56:6a:63:e6:3f:27:c3:84:da:e7:93:ac:d2:5e:
d6:8f:dd:96:69:a6:a9:dd:d1:b4:a6:49:82:2c:e3:
aa:f7:03:c2:1f:4b:09:7e:3d:31:be:07:af:83:0c:
7d:91:80:7a:f6:a6:23:04:62:80:5b:bc:e8:9f:a6:
d1:6f:b8:f3:9d:11:85:92:e2:7f:09:02:eb:87:57:
82:a9:bc:72:41:60:4e:b3:1f:d5:84:fa:03:00:5f:
ef:1e:36:84:a8:1d:d1:12:d7:1b:d9:cf:f0:80:dd:
cc:51:00:0c:d9:86:30:da:bc:80:b5:1b:7f:44:6a:
58:1b:1e:9b:5f:d8:86:46:a4:7c:38:fa:9b:95:33:
36:9d:ef:89:36:3b:9f:3c:e0:10:85:b3:3c:ce:05:
50:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2F:5B:30:11:3C:2F:64:58:9D:87:57:11:89:A7:4A:5C:78:38:B0
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Ay9bMBE8L2RYnYdXEYmnSlx4OLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.236.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
82.115.213.0/24
92.118.208.0/22
139.28.120.0/22
185.36.254.0/24
185.188.63.0/24
185.223.248.0/22
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.88.143.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
IPv6:
2a05:6700::/29
Signature Algorithm: sha256WithRSAEncryption
8c:70:7f:c9:69:a8:14:78:ca:2e:a0:d8:8a:51:d2:a0:f0:a6:
0b:03:06:45:9b:f4:ec:fa:55:a6:22:da:cd:46:d5:d0:80:96:
71:66:da:42:d1:77:79:47:26:1b:2a:8c:dd:33:3c:0b:c5:23:
4a:c1:77:0c:4b:5f:5e:6d:22:c9:be:a0:67:1c:98:28:22:41:
a1:4a:b4:c3:41:a6:8f:29:d6:c3:cd:7e:87:c8:f2:68:28:86:
fd:28:e2:16:f9:a1:60:17:6b:b8:d1:42:53:b7:e0:fd:f4:81:
ac:9e:0f:3e:8a:68:0c:1f:2f:50:88:32:74:14:5c:11:97:4f:
08:98:d9:fb:18:03:04:89:4e:e9:37:9e:aa:27:fc:5f:18:32:
03:13:94:20:28:83:66:61:cf:38:55:e6:ab:c7:25:83:62:84:
c6:5a:e2:5d:16:8a:36:f1:86:82:93:0b:a3:9c:0b:79:9b:01:
40:10:e9:ee:8a:c6:98:f0:2f:7d:df:20:ea:32:e6:fc:ae:63:
e7:4a:c5:64:21:a0:c8:aa:e2:b6:0d:e4:5b:b9:58:b3:52:f1:
06:11:40:2d:2c:dd:2d:55:f4:e7:b5:b4:7b:91:4f:a6:d1:fe:
fe:da:8f:72:3c:de:42:7a:82:cd:77:30:62:07:96:45:64:5c:
a6:81:08:fe
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAY4NZsA4i/9XL6gFyH9F4ET+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzA1MDY1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzJmNWIzMDExM2MyZjY0NTg5ZDg3NTcxMTg5YTc0YTVjNzgzOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FhR2CrrL6AFsk5MAeTml3k07uPJ
IFHcJhCP1+Rt1a6Nq7REA5vCb5/8fNzUGlei4+mAntLN0W3CBvEWbMigiFdMuzw8
we112t45Vu4ydK7m/rbo8y+GBehirPrRoVGg0DdWClyKpcISVmpj5j8nw4Ta55Os
0l7Wj92Waaap3dG0pkmCLOOq9wPCH0sJfj0xvgevgwx9kYB69qYjBGKAW7zon6bR
b7jznRGFkuJ/CQLrh1eCqbxyQWBOsx/VhPoDAF/vHjaEqB3REtcb2c/wgN3MUQAM
2YYw2ryAtRt/RGpYGx6bX9iGRqR8OPqblTM2ne+JNjufPOAQhbM8zgVQFQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFAMvWzARPC9kWJ2HVxGJp0pceDiwMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvQXk5Yk1CRThMMlJZbllkWEVZbW5TbHg0T0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAIt
CuwDBAItQrADBAItUmADBAItVOQDBAItmsADBAItnOADBAE/jSQDBABSc9UDBAJc
dtADBAKLHHgDBAC5JP4DBAC5vD8DBAK53/gDBAC8d5oDBAHB5DowDAMEAMH+GwME
AMH+HAMEAMIAhQMEAMIAiAMEAMI1RgMEAMJYjzAMAwQAwnzvAwQAwnzwMAwDBADC
fPcDBADCfPgwDQQCAAIwBwMFAyoFZwAwDQYJKoZIhvcNAQELBQADggEBAIxwf8lp
qBR4yi6g2IpR0qDwpgsDBkWb9Oz6VaYi2s1G1dCAlnFm2kLRd3lHJhsqjN0zPAvF
I0rBdwxLX15tIsm+oGccmCgiQaFKtMNBpo8p1sPNfofI8mgohv0o4hb5oWAXa7jR
QlO34P30gayeDz6KaAwfL1CIMnQUXBGXTwiY2fsYAwSJTuk3nqon/F8YMgMTlCAo
g2ZhzzhV5qvHJYNihMZa4l0WijbxhoKTC6OcC3mbAUAQ6e6KxpjwL33fIOoy5vyu
Y+dKxWQhoMiq4rYN5Fu5WLNS8QYRQC0s3S1V9Oe1tHuRT6bR/v7aj3I83kJ6gs13
MGIHlkVkXKaBCP4=
-----END CERTIFICATE-----
Generated at Wed May 8 14:39:18 2024 by rpki-client on console-fra.rpki-client.org