Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/x6vKNHK8xkK6JNjto7ZMEFXDC0A.roa
File: x6vKNHK8xkK6JNjto7ZMEFXDC0A.roa (raw, json)
Hash identifier: F8RRY3/W5HhHqT5iyM2iLqDxYio0zBTrHmkHWcekzC4=
Subject key identifier: C7:AB:CA:34:72:BC:C6:42:BA:24:D8:ED:A3:B6:4C:10:55:C3:0B:40
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01859FE2BECCEF74BAAEFECD62442DA50D89
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/x6vKNHK8xkK6JNjto7ZMEFXDC0A.roa
Signing time: Wed 11 Jan 2023 08:11:55 +0000
ROA not before: Wed 11 Jan 2023 08:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.188.62.0/24 maxlen: 24
185.188.63.0/24 maxlen: 24
185.184.228.0/24 maxlen: 32
94.46.206.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
77.246.152.0/22 maxlen: 22
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
195.47.194.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:e2:be:cc:ef:74:ba:ae:fe:cd:62:44:2d:a5:0d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 11 08:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7abca3472bcc642ba24d8eda3b64c1055c30b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:62:31:ac:e4:78:3b:0d:c1:42:ad:4b:e4:
8c:1f:56:dd:02:b3:e6:27:6b:7e:4b:94:6a:35:45:
dc:c2:44:8e:2d:b6:2e:45:28:95:1f:04:4c:78:2a:
30:cf:b3:a7:23:75:4d:7f:0d:a8:ee:ee:ce:b9:48:
38:3a:39:83:4b:34:9c:eb:32:9d:55:ce:d2:89:df:
ac:c7:f4:8b:e1:be:ab:a6:bc:18:b8:10:7d:e2:53:
b1:28:a4:f0:c8:49:59:b2:93:01:ad:ae:7f:8a:6a:
d9:68:71:b0:7f:cf:d9:d1:b4:68:fa:e9:db:76:2d:
e0:a3:33:b8:d5:bb:07:e1:df:5a:46:78:e1:75:5e:
4e:03:08:bb:1e:a7:a2:19:07:e5:30:88:df:38:b8:
63:0d:c8:0a:f0:ed:27:7e:18:84:96:5a:1f:55:2d:
9b:6c:e7:2f:f4:25:85:a2:29:4f:e7:03:14:76:fd:
6c:c4:17:de:39:49:1f:2a:ca:a6:17:c7:f6:e3:38:
95:8d:85:70:a1:34:f5:dc:ea:b8:de:13:74:42:49:
8b:1b:d5:36:e4:e8:95:35:f3:57:26:42:50:b4:f2:
2b:29:39:f2:f4:68:d9:d1:38:f0:b5:0b:df:4a:7c:
f4:c7:7b:cb:55:86:c4:f8:4c:89:be:14:14:16:4e:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AB:CA:34:72:BC:C6:42:BA:24:D8:ED:A3:B6:4C:10:55:C3:0B:40
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/x6vKNHK8xkK6JNjto7ZMEFXDC0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
77.246.152.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0-185.188.63.255
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c2:17:ad:a2:c5:26:26:3f:41:14:6f:49:89:ec:33:56:cf:
48:04:4b:fa:b7:03:e9:e6:08:c7:29:9f:69:e3:ee:76:c9:2c:
a9:89:4c:e7:b3:a5:46:dc:bc:16:a9:79:9a:11:31:bb:9f:d7:
5f:a2:bb:88:1b:65:02:22:f1:5c:00:66:82:6d:9a:fd:65:a7:
10:cf:73:1e:1e:a8:84:1d:d3:88:97:43:6c:06:c9:7f:04:ce:
aa:6c:51:ae:34:ed:eb:7a:94:27:09:cd:29:66:4e:61:16:2a:
2d:87:aa:33:95:27:3f:3f:74:c8:bb:38:11:49:09:69:18:d8:
8f:ff:69:29:72:a9:46:cb:3a:95:36:c4:76:9d:65:cc:08:38:
b6:cb:5a:5f:af:49:32:fc:f2:94:f1:c4:f4:f6:be:25:b5:ec:
87:23:f7:4f:5a:29:33:09:2d:06:06:ca:79:56:09:37:7e:96:
94:ac:e3:a1:b5:1c:03:b7:e6:39:de:85:c8:a7:7e:7c:ae:97:
30:2c:c6:de:59:e5:99:2e:63:46:99:b1:9d:d5:70:04:01:bf:
30:6a:e8:96:6f:ca:4c:87:cb:00:11:2c:c1:ef:f6:35:94:db:
05:71:32:b2:94:e2:fc:59:a3:e6:b1:3c:8a:70:b9:c9:5e:d4:
d9:9f:60:e1
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYWf4r7M73S6rv7NYkQtpQ2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMTExMDgxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2FiY2EzNDcyYmNjNjQyYmEyNGQ4ZWRhM2I2NGMxMDU1YzMwYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBJiMazkeDsNwUKtS+SMH1bdArPm
J2t+S5RqNUXcwkSOLbYuRSiVHwRMeCowz7OnI3VNfw2o7u7OuUg4OjmDSzSc6zKd
Vc7Sid+sx/SL4b6rprwYuBB94lOxKKTwyElZspMBra5/imrZaHGwf8/Z0bRo+unb
di3gozO41bsH4d9aRnjhdV5OAwi7HqeiGQflMIjfOLhjDcgK8O0nfhiEllofVS2b
bOcv9CWFoilP5wMUdv1sxBfeOUkfKsqmF8f24ziVjYVwoTT13Oq43hN0QkmLG9U2
5OiVNfNXJkJQtPIrKTny9GjZ0TjwtQvfSnz0x3vLVYbE+EyJvhQUFk7oAwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFMeryjRyvMZCuiTY7aO2TBBVwwtAMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEveDZ2S05ISzh4a0s2Sk5qdG83Wk1FRlhEQzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgbEEAgABMIGqAwQA
BZquAwQCLV8YAwQCLZBYAwQCLZUcAwQCLZzgAwQCTfaYAwQAUPYeAwQAVmm3AwQA
V+/+AwQAWSP5AwQAWSgYAwQAWSzNAwQAW+TYAwQAXi7OAwQAuST+AwQAuWCiAwQB
uWxoAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUAwQAubjkMAwDBAC5vD0D
BAa5vAADBAK52UADBAC8d5oDBADDL8IwPgQCAAIwOAMFACoBR0ADBQMqBSjAAwUD
KgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcAMA0GCSqGSIb3
DQEBCwUAA4IBAQB6whetosUmJj9BFG9JiewzVs9IBEv6twPp5gjHKZ9p4+52ySyp
iUzns6VG3LwWqXmaETG7n9dforuIG2UCIvFcAGaCbZr9ZacQz3MeHqiEHdOIl0Ns
Bsl/BM6qbFGuNO3repQnCc0pZk5hFioth6ozlSc/P3TIuzgRSQlpGNiP/2kpcqlG
yzqVNsR2nWXMCDi2y1pfr0ky/PKU8cT09r4lteyHI/dPWikzCS0GBsp5Vgk3fpaU
rOOhtRwDt+Y53oXIp358rpcwLMbeWeWZLmNGmbGd1XAEAb8wauiWb8pMh8sAESzB
7/Y1lNsFcTKylOL8WaPmsTyKcLnJXtTZn2Dh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:22 2023 by rpki-client on console-ams.rpki-client.org