Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/SaTjkf3F1FMCuee6oa_zs1ogbHM.roa
File: SaTjkf3F1FMCuee6oa_zs1ogbHM.roa (raw, json)
Hash identifier: /wmzt1At5gsd5wG1NKDgwzkEITCJzbm8i5KFDXy5qmQ=
Subject key identifier: 49:A4:E3:91:FD:C5:D4:53:02:B9:E7:BA:A1:AF:F3:B3:5A:20:6C:73
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018A3A82B62ED359554D96A501B3266E7525
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/SaTjkf3F1FMCuee6oa_zs1ogbHM.roa
Signing time: Mon 28 Aug 2023 04:59:19 +0000
ROA not before: Mon 28 Aug 2023 04:59:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.201.188.0/24 maxlen: 24
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:e480::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:6700::/29 maxlen: 29
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:df80::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a07:9c80::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Aug 2023 11:54:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:82:b6:2e:d3:59:55:4d:96:a5:01:b3:26:6e:75:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Aug 28 04:59:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49a4e391fdc5d45302b9e7baa1aff3b35a206c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:ec:17:7d:4f:88:a6:0f:06:39:f5:28:02:
49:0c:c8:3f:ec:55:10:29:70:42:a3:a2:14:2e:98:
56:72:06:0d:2f:58:f4:53:eb:db:c5:6d:96:da:f0:
fd:e2:3d:f1:a2:de:d0:9e:7a:5a:eb:e2:ad:64:6b:
2c:01:90:7f:85:ee:80:c8:af:a5:e9:0d:37:ff:40:
b6:aa:96:a3:28:8c:0a:a3:ee:4e:8d:76:13:3f:c2:
20:2a:b9:26:56:53:ae:aa:02:1f:ee:98:17:a5:ba:
86:7b:0e:20:ce:9f:9a:69:60:ae:1d:d6:94:a2:5d:
33:a9:90:44:7f:4a:22:7f:4c:62:0e:16:00:bf:fd:
8d:12:71:36:fa:2c:92:b2:74:5a:5d:8c:a6:b1:2c:
f8:0f:7a:f0:58:0b:93:e3:6f:5f:ef:ce:46:25:f2:
c2:73:fa:e8:60:d5:51:32:02:89:dd:90:50:f4:24:
ab:67:e7:52:35:92:09:22:ff:e9:2a:c5:9d:a4:d7:
6a:56:b4:6c:d1:2a:df:f0:a7:e9:6c:97:5d:32:15:
41:fd:c2:cf:79:12:54:56:fc:31:b4:7f:e0:42:b1:
12:19:b9:9f:82:b5:db:ed:ab:d9:40:9a:0d:ad:cf:
1e:ef:e4:32:af:1b:11:f7:ce:63:2f:91:42:b3:12:
07:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A4:E3:91:FD:C5:D4:53:02:B9:E7:BA:A1:AF:F3:B3:5A:20:6C:73
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/SaTjkf3F1FMCuee6oa_zs1ogbHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:6700::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0c:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:04:88:20:73:eb:42:d2:2e:36:3a:06:0a:f4:43:b5:8f:35:
fa:85:92:44:5e:05:a4:2f:73:96:19:96:e8:10:d2:ae:59:29:
16:7c:c6:78:34:e5:4b:b5:95:aa:2d:ac:76:d7:39:7e:a8:cf:
23:73:a3:48:12:35:b6:cb:d4:b0:7a:5c:a3:a2:e5:77:f6:f9:
4f:09:70:72:aa:30:08:e4:b4:7e:25:3d:a9:d1:d2:ce:0a:87:
3b:0d:18:a1:07:5e:55:c3:d2:4e:01:f6:9f:e2:86:2a:54:3f:
b1:79:df:cd:b3:5c:a7:94:79:06:2b:40:75:08:01:3c:bb:85:
68:86:c0:9f:2d:68:21:67:1b:01:41:c9:2b:3a:4e:e8:d1:4b:
c5:3a:91:34:b0:bc:df:e5:8e:9f:98:a8:22:90:b7:ea:a6:02:
32:13:1c:d3:0a:0d:f7:23:f2:46:4a:97:fe:a6:05:aa:43:35:
0d:71:55:9a:d3:a7:c0:ae:32:e1:be:32:1d:f1:f6:e0:aa:44:
5e:2e:09:d7:41:75:f3:08:36:47:11:42:01:0c:82:e5:ae:e8:
7d:c2:98:0a:0b:39:0b:62:bc:3a:ff:8e:de:f8:20:d7:82:27:
6a:39:6e:5b:34:65:00:79:46:16:9f:e4:4d:a3:6a:e3:eb:27:
4c:fd:3e:08
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYo6grYu01lVTZalAbMmbnUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwODI4MDQ1OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE0ZTM5MWZkYzVkNDUzMDJiOWU3YmFhMWFmZjNiMzVhMjA2YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDnsF31PiKYPBjn1KAJJDMg/7FUQ
KXBCo6IULphWcgYNL1j0U+vbxW2W2vD94j3xot7Qnnpa6+KtZGssAZB/he6AyK+l
6Q03/0C2qpajKIwKo+5OjXYTP8IgKrkmVlOuqgIf7pgXpbqGew4gzp+aaWCuHdaU
ol0zqZBEf0oif0xiDhYAv/2NEnE2+iySsnRaXYymsSz4D3rwWAuT429f785GJfLC
c/roYNVRMgKJ3ZBQ9CSrZ+dSNZIJIv/pKsWdpNdqVrRs0Srf8KfpbJddMhVB/cLP
eRJUVvwxtH/gQrESGbmfgrXb7avZQJoNrc8e7+QyrxsR985jL5FCsxIHtwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFEmk45H9xdRTArnnuqGv87NaIGxzMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvU2FUamtmM0YxRk1DdWVlNm9hX3pzMW9nYkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCBrwQCAAEwgagD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwDBAItnOADBABQ9h4DBABWabcDBABX7/4D
BABZI/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgD
BAK5k4wDBAK5mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQDBAC5uOQDBAC5vD0D
BAC5ybwDBAK52UADBAC8d5oDBADDL8IwaAQCAAIwYgMFACoBR0ADBQMqBSjAAwUD
KgVnAAMFAyoF9MADBQMqBjBAAwUDKgZGwAMFAyoGSgADBQMqBlAAAwUDKgZXAAMF
AyoG34ADBQMqBuSAAwUDKgecgAMFAyoH8sADBQMqDNjAMA0GCSqGSIb3DQEBCwUA
A4IBAQBtBIggc+tC0i42OgYK9EO1jzX6hZJEXgWkL3OWGZboENKuWSkWfMZ4NOVL
tZWqLax21zl+qM8jc6NIEjW2y9SwelyjouV39vlPCXByqjAI5LR+JT2p0dLOCoc7
DRihB15Vw9JOAfaf4oYqVD+xed/Ns1ynlHkGK0B1CAE8u4VohsCfLWghZxsBQckr
Ok7o0UvFOpE0sLzf5Y6fmKgikLfqpgIyExzTCg33I/JGSpf+pgWqQzUNcVWa06fA
rjLhvjId8fbgqkReLgnXQXXzCDZHEUIBDILlruh9wpgKCzkLYrw6/47e+CDXgidq
OW5bNGUAeUYWn+RNo2rj6ydM/T4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org