Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/nZ8fj3CWWBLbmrp2q3AxWO6l7YQ.roa
File: nZ8fj3CWWBLbmrp2q3AxWO6l7YQ.roa (raw, json)
Hash identifier: d5su7WvY+xueBOpqf+INnibjD9UUp/fwbecuVagq4nY=
Subject key identifier: 9D:9F:1F:8F:70:96:58:12:DB:9A:BA:76:AB:70:31:58:EE:A5:ED:84
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0190BAB35A93D0492D945A6D695C0489CE8C
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/nZ8fj3CWWBLbmrp2q3AxWO6l7YQ.roa
Signing time: Tue 16 Jul 2024 08:40:34 +0000
ROA not before: Tue 16 Jul 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
103.204.222.0/23 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 18 Jul 2024 09:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:b3:5a:93:d0:49:2d:94:5a:6d:69:5c:04:89:ce:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jul 16 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d9f1f8f70965812db9aba76ab703158eea5ed84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:c6:22:a0:ee:8e:dc:ce:ce:7c:d4:73:6c:
4c:da:56:91:7a:2e:47:be:d5:66:77:82:f2:a3:36:
d3:b3:d7:b4:60:f5:16:17:aa:ac:e8:99:cb:e9:e7:
6d:e1:06:37:53:59:5c:c2:20:44:45:3f:4a:ad:08:
a5:32:87:f8:a1:9d:5c:a1:47:c8:ec:42:44:de:5a:
bf:42:6c:59:29:e2:15:9c:f3:de:2a:9b:53:cb:8c:
3c:a6:a1:11:93:8a:d4:a2:17:74:54:98:fa:38:2b:
4c:08:4b:db:40:1d:cb:7d:c9:2e:1a:45:b3:f7:8c:
2b:ff:8d:2a:60:0e:14:a8:c0:5e:db:44:f5:d7:b0:
80:5b:22:f9:56:07:54:f7:c4:43:b6:b7:b9:c8:2d:
c7:5a:37:c6:03:c7:fb:63:35:4e:3f:0a:4c:ff:24:
ae:b7:e4:7a:27:87:df:4a:6e:bd:a4:cf:ac:fd:b8:
0a:b4:a6:bb:94:1c:96:36:53:46:44:21:4a:77:c9:
2d:87:1b:11:ce:a4:e7:f0:e1:3b:c5:d4:88:b9:05:
99:5f:32:44:10:94:48:5a:86:f7:db:dd:6d:dd:f8:
f9:91:1b:eb:58:1b:78:65:b8:a1:e7:2f:ce:f6:00:
2e:e7:d5:7b:e8:59:2e:16:9e:c3:95:a2:2a:06:cf:
18:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9F:1F:8F:70:96:58:12:DB:9A:BA:76:AB:70:31:58:EE:A5:ED:84
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/nZ8fj3CWWBLbmrp2q3AxWO6l7YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
103.204.222.0/23
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
40:89:4a:2e:b9:24:d5:2d:db:8a:4b:d2:6d:34:81:88:63:de:
a2:84:1c:6d:ed:43:99:c2:d6:20:dd:8a:66:9a:b4:36:db:a3:
2c:ed:39:95:8e:4a:1c:ca:49:b8:2d:fb:19:1b:4a:3c:78:12:
4e:70:9a:86:c8:95:50:7c:84:68:8a:1e:66:6e:b8:45:ab:55:
9c:db:8d:68:09:56:52:6c:4c:5f:99:cb:98:ca:f4:c3:ec:1a:
67:83:5e:ab:f8:86:89:1f:33:96:f8:10:a3:86:f9:30:c9:cb:
6b:3e:ee:ad:98:d2:e9:37:c7:87:dd:98:a7:a6:25:0f:96:2e:
b7:ca:9c:ef:68:8e:d5:85:cf:97:8a:5f:82:ca:4f:a3:b6:cf:
dc:69:4d:1d:51:c8:4d:88:ac:55:12:62:cb:c0:74:0d:b8:09:
d6:d3:c6:af:be:d6:3e:d8:3e:6b:4f:fb:fb:eb:ba:d4:0c:fb:
a8:5f:b4:92:d3:0f:c7:3c:9f:97:58:45:82:cc:bb:c2:91:0b:
b9:3d:38:cb:2d:e1:e5:0e:c6:62:78:4b:3f:fd:07:b8:e9:52:
ef:31:84:48:37:6c:15:32:70:84:f6:af:46:7b:ab:23:aa:dd:
cb:d6:4b:7e:6e:50:87:b1:09:28:27:21:f8:9b:b1:6b:b5:45:
54:77:73:83
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZC6s1qT0EktlFptaVwEic6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNzE2MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDlmMWY4ZjcwOTY1ODEyZGI5YWJhNzZhYjcwMzE1OGVlYTVlZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqPGIqDujtzOznzUc2xM2laRei5H
vtVmd4LyozbTs9e0YPUWF6qs6JnL6edt4QY3U1lcwiBERT9KrQilMof4oZ1coUfI
7EJE3lq/QmxZKeIVnPPeKptTy4w8pqERk4rUohd0VJj6OCtMCEvbQB3LfckuGkWz
94wr/40qYA4UqMBe20T117CAWyL5VgdU98RDtre5yC3HWjfGA8f7YzVOPwpM/ySu
t+R6J4ffSm69pM+s/bgKtKa7lByWNlNGRCFKd8kthxsRzqTn8OE7xdSIuQWZXzJE
EJRIWob3291t3fj5kRvrWBt4Zbih5y/O9gAu59V76FkuFp7DlaIqBs8YFQIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFJ2fH49wllgS25q6dqtwMVjupe2EMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvblo4ZmozQ1dXQkxibXJwMnEzQXhXTzZsN1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCB1QQCAAEwgc4D
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEAWfM3gMEALkk/gMEALlgogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZ
lwMEArmgLAMEALmmVAMEALm45AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3
mgMEAMEkWQMEAMMvwjB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYw
QAMFAyoGRsADBQMqBkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoH
R4ADBQMqB5yAAwUDKgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJ
KoZIhvcNAQELBQADggEBAECJSi65JNUt24pL0m00gYhj3qKEHG3tQ5nC1iDdimaa
tDbboyztOZWOShzKSbgt+xkbSjx4Ek5wmobIlVB8hGiKHmZuuEWrVZzbjWgJVlJs
TF+Zy5jK9MPsGmeDXqv4hokfM5b4EKOG+TDJy2s+7q2Y0uk3x4fdmKemJQ+WLrfK
nO9ojtWFz5eKX4LKT6O2z9xpTR1RyE2IrFUSYsvAdA24CdbTxq++1j7YPmtP+/vr
utQM+6hftJLTD8c8n5dYRYLMu8KRC7k9OMst4eUOxmJ4Sz/9B7jpUu8xhEg3bBUy
cIT2r0Z7qyOq3cvWS35uUIexCSgnIfibsWu1RVR3c4M=
Generated at Thu Jul 18 11:03:18 2024 by rpki-client on console-fra.rpki-client.org