Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/uLMzQ2UtWID3UEvVI2XjA8kq888.roa
File: uLMzQ2UtWID3UEvVI2XjA8kq888.roa (raw, json)
Hash identifier: YIy8e8QUvHw8ZDWxcMbPFoi7mQA555wXVbMopBzkaGY=
Subject key identifier: B8:B3:33:43:65:2D:58:80:F7:50:4B:D5:23:65:E3:03:C9:2A:F3:CF
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018BA54183FADD720C5E358E598D9FD076FC
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/uLMzQ2UtWID3UEvVI2XjA8kq888.roa
Signing time: Mon 06 Nov 2023 15:30:16 +0000
ROA not before: Mon 06 Nov 2023 15:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 194.53.70.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
188.119.154.0/24 maxlen: 32
92.118.208.0/22 maxlen: 32
194.88.143.0/24 maxlen: 32
45.66.176.0/22 maxlen: 32
45.154.192.0/22 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
45.84.228.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
45.82.96.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
45.10.236.0/22 maxlen: 32
185.188.63.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:41:83:fa:dd:72:0c:5e:35:8e:59:8d:9f:d0:76:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Nov 6 15:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8b33343652d5880f7504bd52365e303c92af3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:34:08:a7:05:88:2a:bf:33:b7:10:0d:ba:
13:4a:95:35:fa:2d:dc:65:87:01:23:8c:99:e8:2d:
6e:80:24:90:fa:63:7b:88:1f:fe:35:67:39:72:ba:
87:a3:a9:1b:55:21:0f:34:b7:3e:80:2c:ff:82:32:
c1:b3:3d:06:b2:60:d6:17:c3:4f:ef:f9:13:c3:4c:
7c:bc:ce:06:08:cd:12:e7:e7:34:d7:96:e2:6a:4e:
17:18:a4:f9:f9:9b:0f:2a:05:0f:65:9c:d1:93:16:
a8:a5:7f:18:77:31:0d:31:45:97:db:f4:04:68:5a:
9b:a6:3c:6b:dc:05:cb:8e:99:ae:4c:bd:05:69:eb:
a0:09:ac:a3:b9:a6:3e:e7:2e:cc:25:c1:57:c6:da:
49:13:a1:1a:74:9b:f1:9c:a0:d5:3f:5e:ec:29:4f:
f9:7a:72:f1:97:a0:ab:83:76:be:9a:d3:9b:40:39:
59:20:5c:88:8d:86:23:02:5c:1f:9e:db:89:c0:10:
07:13:b0:ca:4c:32:e6:dc:2b:02:94:c8:6c:1b:61:
e4:85:9e:24:b7:f0:9a:d6:07:3e:55:64:91:bc:34:
cc:86:76:82:87:4d:42:e0:5c:0e:e1:cb:55:19:fb:
d7:da:08:3f:58:41:dd:d7:89:17:70:6e:06:e6:c8:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B3:33:43:65:2D:58:80:F7:50:4B:D5:23:65:E3:03:C9:2A:F3:CF
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/uLMzQ2UtWID3UEvVI2XjA8kq888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.236.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
92.118.208.0/22
139.28.120.0/22
185.36.254.0/24
185.188.63.0/24
185.223.248.0/22
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.88.143.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
Signature Algorithm: sha256WithRSAEncryption
8d:8c:28:dd:5d:1d:ca:89:bb:07:cf:13:b3:03:f9:1a:a9:c7:
06:95:09:e6:b8:8a:8f:f8:3b:ac:dc:65:eb:14:d7:88:4b:f5:
d7:ce:e4:30:0e:2e:6a:c4:9a:08:69:84:78:d3:20:c8:ea:5a:
fd:cd:09:99:54:7f:98:0a:6e:53:f9:bb:88:9e:5d:6e:7e:06:
28:80:43:18:c9:cb:86:96:f3:46:cd:85:0f:33:0f:1c:af:66:
e3:83:38:32:e6:9a:18:ff:59:db:ab:43:a9:a8:ae:9d:40:40:
16:9b:08:48:f5:37:57:82:c7:92:f3:86:59:b7:f8:a2:64:0f:
0b:92:a4:ab:99:2e:54:f0:a2:0b:1f:63:5a:a5:43:28:92:2b:
5c:90:6e:2f:d3:9a:21:e7:91:61:a0:94:bc:70:d8:96:6e:44:
3c:e9:82:c4:3e:42:25:0b:3f:71:16:4e:23:44:f0:4d:d4:3f:
9e:07:be:aa:b4:c0:3c:46:43:af:e3:1c:26:a8:68:38:d4:d8:
4d:11:b2:60:9d:14:7e:70:0d:5c:cb:50:dd:28:a3:c1:29:bc:
47:af:60:dc:81:5a:21:f3:43:30:9b:38:3f:73:c7:2b:39:ae:
5e:bd:8b:98:04:09:da:42:24:e9:ea:d6:f2:4d:29:60:38:a0:
ea:71:21:a9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYulQYP63XIMXjWOWY2f0Hb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMxMTA2MTUzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIzMzM0MzY1MmQ1ODgwZjc1MDRiZDUyMzY1ZTMwM2M5MmFmM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM40CKcFiCq/M7cQDboTSpU1+i3c
ZYcBI4yZ6C1ugCSQ+mN7iB/+NWc5crqHo6kbVSEPNLc+gCz/gjLBsz0GsmDWF8NP
7/kTw0x8vM4GCM0S5+c015biak4XGKT5+ZsPKgUPZZzRkxaopX8YdzENMUWX2/QE
aFqbpjxr3AXLjpmuTL0FaeugCayjuaY+5y7MJcFXxtpJE6EadJvxnKDVP17sKU/5
enLxl6Crg3a+mtObQDlZIFyIjYYjAlwfntuJwBAHE7DKTDLm3CsClMhsG2HkhZ4k
t/Ca1gc+VWSRvDTMhnaCh01C4FwO4ctVGfvX2gg/WEHd14kXcG4G5shdXQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFLizM0NlLViA91BL1SNl4wPJKvPPMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvdUxNelEyVXRXSUQzVUV2VkkyWGpBOGtxODg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAIt
CuwDBAItQrADBAItUmADBAItVOQDBAItmsADBAItnOADBAE/jSQDBAJcdtADBAKL
HHgDBAC5JP4DBAC5vD8DBAK53/gDBAC8d5oDBAHB5DowDAMEAMH+GwMEAMH+HAME
AMIAhQMEAMIAiAMEAMI1RgMEAMJYjzAMAwQAwnzvAwQAwnzwMAwDBADCfPcDBADC
fPgwDQYJKoZIhvcNAQELBQADggEBAI2MKN1dHcqJuwfPE7MD+RqpxwaVCea4io/4
O6zcZesU14hL9dfO5DAOLmrEmghphHjTIMjqWv3NCZlUf5gKblP5u4ieXW5+BiiA
QxjJy4aW80bNhQ8zDxyvZuODODLmmhj/WdurQ6morp1AQBabCEj1N1eCx5Lzhlm3
+KJkDwuSpKuZLlTwogsfY1qlQyiSK1yQbi/TmiHnkWGglLxw2JZuRDzpgsQ+QiUL
P3EWTiNE8E3UP54Hvqq0wDxGQ6/jHCaoaDjU2E0RsmCdFH5wDVzLUN0oo8EpvEev
YNyBWiHzQzCbOD9zxys5rl69i5gECdpCJOnq1vJNKWA4oOpxIak=
-----END CERTIFICATE-----
Generated at Tue Nov 28 10:38:16 2023 by rpki-client on console-ams.rpki-client.org