Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/CJPl9EcsKvKdpMVwlwXP9wnUEnQ.roa
File: CJPl9EcsKvKdpMVwlwXP9wnUEnQ.roa (raw, json)
Hash identifier: 8/qST8v8eya46qMmqzFoklg58r9gzrlqWbLPbHFiR+4=
Subject key identifier: 08:93:E5:F4:47:2C:2A:F2:9D:A4:C5:70:97:05:CF:F7:09:D4:12:74
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 018D59A8EDB81400719BC8CB78F8351917C2
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/CJPl9EcsKvKdpMVwlwXP9wnUEnQ.roa
Signing time: Tue 30 Jan 2024 09:17:39 +0000
ROA not before: Tue 30 Jan 2024 09:17:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a0b:7b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:a8:ed:b8:14:00:71:9b:c8:cb:78:f8:35:19:17:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jan 30 09:17:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0893e5f4472c2af29da4c5709705cff709d41274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:95:59:f5:51:58:53:45:30:1e:64:b9:52:65:
e2:d1:a2:8e:75:43:f7:aa:2d:08:4e:65:06:db:e2:
e4:75:ff:df:aa:3e:df:60:97:1a:0a:22:15:e9:90:
94:29:ab:c0:23:f9:ac:e3:0c:ab:3e:da:f4:02:97:
bd:5a:e1:d7:91:bd:4e:67:2d:97:16:6a:e9:6d:ab:
f5:38:f8:d8:26:2e:ce:05:c8:da:5b:64:83:28:5a:
a9:03:b4:3d:39:86:8d:5c:cf:1b:cd:6e:ed:4f:01:
05:f4:8b:20:53:ec:96:5f:e9:0f:0c:ff:5f:14:85:
50:7e:1a:2b:fe:b1:70:d2:d4:09:17:b3:9b:38:14:
90:c6:8e:28:a2:f8:92:91:8a:be:f3:ab:ac:eb:d7:
ec:4e:50:07:3a:6a:77:1e:0f:5c:5a:e4:2a:11:38:
e0:af:c6:c3:43:b9:73:c9:21:00:64:79:93:18:8d:
68:69:c1:f7:1b:66:7d:e0:d1:86:06:80:4d:d3:85:
8d:a9:c2:c4:32:28:97:16:91:8b:7d:3b:c9:ab:4c:
ab:8b:6b:5a:2b:bb:32:21:b4:3a:88:dc:df:bb:16:
5f:be:53:df:36:d8:ab:28:1a:20:32:d3:e2:1b:69:
2a:88:38:4f:5a:80:d1:88:ff:fc:22:af:3d:38:96:
49:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:93:E5:F4:47:2C:2A:F2:9D:A4:C5:70:97:05:CF:F7:09:D4:12:74
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/CJPl9EcsKvKdpMVwlwXP9wnUEnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
185.56.156.0/22
185.171.232.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a0b:7b80::/29
Signature Algorithm: sha256WithRSAEncryption
1e:74:f1:e5:98:f2:cc:d0:54:d7:3d:94:0c:02:f7:e2:d8:4c:
26:7b:e9:00:85:74:01:39:a8:4d:64:33:18:82:75:df:08:d6:
52:00:58:cb:0e:2f:e4:d0:17:76:32:85:87:8c:3c:7c:1c:0b:
3c:42:3e:76:e1:49:89:79:ff:19:ef:b7:af:31:9c:5a:e0:79:
57:25:43:bd:04:dc:a9:b7:50:69:bd:a3:28:89:b9:af:93:5a:
12:83:92:49:13:26:e3:e7:4a:39:d9:f7:d4:fb:97:5d:68:1a:
4b:5b:a0:fb:53:45:71:ed:cd:e8:f2:ba:e9:43:b2:86:17:5a:
78:b1:64:90:87:f4:3c:e5:95:a7:92:c1:95:08:59:43:53:39:
df:fe:90:6a:a0:81:80:90:63:15:c9:bf:6f:ae:e9:52:53:cd:
06:2f:39:1c:85:9d:b3:ee:42:1a:2f:1c:60:75:8b:36:85:7a:
af:70:cb:3f:7b:dc:4b:d5:af:7c:ad:8f:b6:8a:f2:a6:63:d8:
d2:84:b3:df:84:1a:62:6e:ad:a2:eb:7b:c7:bc:be:4f:d2:94:
44:96:50:ab:4f:a3:9b:dc:2c:13:24:0c:bf:15:b9:f4:cb:6d:
c4:f4:a8:38:e8:b5:0f:e7:76:f6:2f:5f:1e:2b:5a:ef:3c:5e:
3e:81:45:5c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY1ZqO24FABxm8jLePg1GRfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjQwMTMwMDkxNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODkzZTVmNDQ3MmMyYWYyOWRhNGM1NzA5NzA1Y2ZmNzA5ZDQxMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5VZ9VFYU0UwHmS5UmXi0aKOdUP3
qi0ITmUG2+Lkdf/fqj7fYJcaCiIV6ZCUKavAI/ms4wyrPtr0Ape9WuHXkb1OZy2X
Fmrpbav1OPjYJi7OBcjaW2SDKFqpA7Q9OYaNXM8bzW7tTwEF9IsgU+yWX+kPDP9f
FIVQfhor/rFw0tQJF7ObOBSQxo4ooviSkYq+86us69fsTlAHOmp3Hg9cWuQqETjg
r8bDQ7lzySEAZHmTGI1oacH3G2Z94NGGBoBN04WNqcLEMiiXFpGLfTvJq0yri2ta
K7syIbQ6iNzfuxZfvlPfNtirKBogMtPiG2kqiDhPWoDRiP/8Iq89OJZJ0QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFAiT5fRHLCrynaTFcJcFz/cJ1BJ0MB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvQ0pQbDlFY3NLdktkcE1Wd2x3WFA5d25VRW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAi2RyAME
BE3ygAMEAlXQyAMEAVklRgMEA7IXCAMEArk4nAMEArmr6AMEArm/aAMEArnXkAME
ArnbdAMEALn44wMEALn/HQMEAry/OAMEAtkcQDAUBAIAAjAOAwUAKgJT4AMFAyoL
e4AwDQYJKoZIhvcNAQELBQADggEBAB508eWY8szQVNc9lAwC9+LYTCZ76QCFdAE5
qE1kMxiCdd8I1lIAWMsOL+TQF3YyhYeMPHwcCzxCPnbhSYl5/xnvt68xnFrgeVcl
Q70E3Km3UGm9oyiJua+TWhKDkkkTJuPnSjnZ99T7l11oGktboPtTRXHtzejyuulD
soYXWnixZJCH9DzllaeSwZUIWUNTOd/+kGqggYCQYxXJv2+u6VJTzQYvORyFnbPu
QhovHGB1izaFeq9wyz973EvVr3ytj7aK8qZj2NKEs9+EGmJuraLre8e8vk/SlESW
UKtPo5vcLBMkDL8VufTLbcT0qDjotQ/ndvYvXx4rWu88Xj6BRVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:29 2024 by rpki-client on console-ams.rpki-client.org