Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/koJbccE9ybV1rp3xUBbnzvCuRr8.roa
File: koJbccE9ybV1rp3xUBbnzvCuRr8.roa (raw, json)
Hash identifier: YMMCbqBypI1npSBdrmqRPMS+PUZjmKPF5fG5P5CWbGQ=
Subject key identifier: 92:82:5B:71:C1:3D:C9:B5:75:AE:9D:F1:50:16:E7:CE:F0:AE:46:BF
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01899C1237A3E86F430E3F6FE20E433CE4DF
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/koJbccE9ybV1rp3xUBbnzvCuRr8.roa
Signing time: Fri 28 Jul 2023 10:36:26 +0000
ROA not before: Fri 28 Jul 2023 10:36:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.201.188.0/24 maxlen: 24
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 13 Aug 2023 07:09:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:12:37:a3:e8:6f:43:0e:3f:6f:e2:0e:43:3c:e4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jul 28 10:36:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92825b71c13dc9b575ae9df15016e7cef0ae46bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c6:cb:2b:2b:1e:23:5c:75:ef:81:d0:86:50:
36:9f:b3:33:ca:bb:5a:0f:dd:8e:cc:3f:9f:0b:2c:
86:9e:a6:6f:35:8c:7f:94:df:43:22:35:2d:75:68:
02:85:f7:0a:7a:23:d5:92:f9:26:87:ea:32:02:af:
1b:02:34:a8:9c:bd:c1:1b:74:f0:d6:dc:f1:40:08:
34:13:16:d2:eb:a3:bd:69:60:73:ef:6a:39:28:12:
54:f5:e9:9b:e4:6b:44:1d:a4:36:fd:bf:8d:08:94:
9f:92:a4:3e:79:29:bb:13:a1:71:0f:94:04:b1:6b:
8e:9b:4f:25:eb:9d:d9:e3:7c:4a:e9:39:01:96:0a:
f0:05:95:af:df:32:f7:d6:68:5a:90:cc:4b:bd:f8:
ef:62:74:bc:e2:74:62:2f:02:c4:d3:6c:15:7d:26:
0c:17:91:38:c1:d5:17:26:d1:41:10:e6:c8:ac:fe:
51:93:de:6d:a5:18:15:44:9c:f0:76:e9:84:b6:48:
a1:dd:4d:b9:eb:02:38:f8:99:80:00:cf:4a:d4:d2:
2d:e7:7b:fe:b3:9e:41:55:17:fd:a2:cd:6c:32:84:
2b:f3:76:e8:00:f4:48:0a:52:92:b8:3b:05:44:d2:
2d:03:3a:3c:7b:f8:19:9f:66:1d:2a:fe:75:c1:63:
b0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:5B:71:C1:3D:C9:B5:75:AE:9D:F1:50:16:E7:CE:F0:AE:46:BF
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/koJbccE9ybV1rp3xUBbnzvCuRr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0-185.188.63.255
185.201.188.0/24
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
52:3d:5a:1a:fb:76:26:13:8b:46:2f:b8:50:e8:5a:51:91:5e:
52:16:6d:c1:fc:33:49:fa:eb:0d:00:61:ac:c8:66:9f:1c:72:
64:1c:49:a1:30:ea:ad:c3:ae:f3:c9:05:49:43:98:82:a4:9b:
a0:a8:1b:eb:ab:b3:eb:d7:9f:20:62:f5:dd:53:69:b4:1d:3e:
01:22:11:20:80:f2:06:c1:de:ea:14:a5:68:b4:e0:c0:9d:e3:
3c:81:d6:f3:c2:e8:eb:be:2d:96:5d:fe:94:b7:88:19:08:5f:
81:5e:f4:fb:f1:a1:09:dc:c9:8d:bf:75:a8:15:f0:6b:86:b0:
02:b9:10:a4:7c:79:dc:15:40:79:3c:b5:20:62:9e:2f:c4:c6:
48:5b:cf:64:cb:59:4e:99:b4:eb:81:84:86:86:9b:b5:67:e6:
af:d0:bb:c8:cc:ae:93:cd:a5:7d:dd:e1:ba:e6:a0:6c:f7:b3:
2a:45:b5:4d:e0:fe:cc:34:f6:4a:67:35:be:9e:8b:4b:57:ad:
bd:8c:57:a4:b9:d1:4c:91:3b:54:97:c6:d3:40:ef:09:41:f9:
9c:db:87:c7:a6:6f:17:1d:9d:87:4b:a5:54:b4:44:ea:21:0f:
02:ae:7d:ea:e0:23:ca:f8:d1:e9:17:5a:77:b2:6a:f2:37:d8:
91:c7:2f:0b
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYmcEjej6G9DDj9v4g5DPOTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwNzI4MTAzNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjgyNWI3MWMxM2RjOWI1NzVhZTlkZjE1MDE2ZTdjZWYwYWU0NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMbLKyseI1x174HQhlA2n7Mzyrta
D92OzD+fCyyGnqZvNYx/lN9DIjUtdWgChfcKeiPVkvkmh+oyAq8bAjSonL3BG3Tw
1tzxQAg0ExbS66O9aWBz72o5KBJU9emb5GtEHaQ2/b+NCJSfkqQ+eSm7E6FxD5QE
sWuOm08l653Z43xK6TkBlgrwBZWv3zL31mhakMxLvfjvYnS84nRiLwLE02wVfSYM
F5E4wdUXJtFBEObIrP5Rk95tpRgVRJzwdumEtkih3U256wI4+JmAAM9K1NIt53v+
s55BVRf9os1sMoQr83boAPRIClKSuDsFRNItAzo8e/gZn2YdKv51wWOwSwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFJKCW3HBPcm1da6d8VAW587wrka/MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEva29KYmNjRTl5YlYxcnAzeFVCYm56dkN1UnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgbcEAgABMIGwAwQA
BZquAwQCLV8YAwQCLZBYAwQCLZUcAwQCLZzgAwQAUPYeAwQAVmm3AwQAV+/+AwQA
WSP5AwQAWSgYAwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCiAwQBuWxoAwQC
uZOMAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUAwQAubjkMAwDBAC5vD0D
BAa5vAADBAC5ybwDBAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMq
BSjAAwUDKgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSPVoa+3YmE4tGL7hQ6FpRkV5SFm3B/DNJ+usNAGGs
yGafHHJkHEmhMOqtw67zyQVJQ5iCpJugqBvrq7Pr158gYvXdU2m0HT4BIhEggPIG
wd7qFKVotODAneM8gdbzwujrvi2WXf6Ut4gZCF+BXvT78aEJ3MmNv3WoFfBrhrAC
uRCkfHncFUB5PLUgYp4vxMZIW89ky1lOmbTrgYSGhpu1Z+av0LvIzK6TzaV93eG6
5qBs97MqRbVN4P7MNPZKZzW+notLV629jFekudFMkTtUl8bTQO8JQfmc24fHpm8X
HZ2HS6VUtETqIQ8Crn3q4CPK+NHpF1p3smryN9iRxy8L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org