Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/CKRdKsOdRr2rEBiFGmVonB1ASa4.roa
File: CKRdKsOdRr2rEBiFGmVonB1ASa4.roa (raw, json)
Hash identifier: I9rh+pxgDHVPtR0Tp3J6yS4seo9UEAfCAS7ulKFlxHk=
Subject key identifier: 08:A4:5D:2A:C3:9D:46:BD:AB:10:18:85:1A:65:68:9C:1D:40:49:AE
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 018CC5000CC1F827193E019B2E2DF06C931A
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/CKRdKsOdRr2rEBiFGmVonB1ASa4.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41833
IP address blocks: 95.141.48.0/20 maxlen: 20
95.141.49.0/24 maxlen: 24
95.141.48.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
46.227.255.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
46.227.253.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
141.138.186.144/29 maxlen: 29
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
185.58.200.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
93.185.231.0/29 maxlen: 29
89.249.212.0/28 maxlen: 28
93.185.229.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
93.185.232.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
93.185.230.0/24 maxlen: 24
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.237.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
89.249.212.0/24 maxlen: 24
89.249.213.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
141.138.178.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.179.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
141.138.176.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Mar 2024 13:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0c:c1:f8:27:19:3e:01:9b:2e:2d:f0:6c:93:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08a45d2ac39d46bdab1018851a65689c1d4049ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:71:f1:8c:5e:f6:47:01:d4:13:6c:94:ac:4d:
2d:b3:8b:d2:d9:bb:6b:9a:48:8b:7f:0a:0f:da:2c:
fd:85:3c:27:25:9a:3e:bd:ea:79:40:27:c7:61:ef:
03:ce:f4:4e:7b:4f:95:bf:73:fb:77:e7:cb:40:a9:
35:e2:d9:38:a2:f5:ef:48:b7:d0:50:4f:17:91:3d:
03:36:02:e1:67:39:c0:5c:6d:e6:3d:39:28:c5:34:
d6:1c:0b:cb:69:b5:e2:f5:e3:1f:e8:44:b7:52:4a:
e4:89:41:e5:84:89:40:ae:21:b7:bb:8c:82:0c:92:
3f:8a:74:be:e6:5f:3a:90:c1:7d:0b:e5:96:28:27:
74:4b:37:af:2f:f4:05:a5:24:b3:f0:ea:c0:e6:1d:
d0:a3:c5:03:43:a9:53:4e:3d:fe:61:1b:16:a1:e5:
42:33:36:7a:77:db:31:23:5d:f7:87:c6:e6:f6:e0:
c9:04:0d:44:f1:20:66:d8:85:5c:a5:52:4d:f4:d1:
fd:6b:c1:fd:39:24:b5:e8:05:75:35:69:bf:48:cd:
fe:8b:e4:be:b7:d2:fe:6b:96:3c:03:32:fc:01:02:
81:48:84:23:69:e8:64:d2:ee:ff:f1:ee:95:bb:25:
c9:d7:e8:cc:e6:3f:11:68:5b:09:23:99:3b:9c:d4:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A4:5D:2A:C3:9D:46:BD:AB:10:18:85:1A:65:68:9C:1D:40:49:AE
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/CKRdKsOdRr2rEBiFGmVonB1ASa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
c4:0a:a5:a7:c6:9f:72:bb:57:35:42:90:8e:8e:30:8e:0c:93:
f5:85:91:ba:2e:6f:b0:36:c8:f9:70:80:e6:48:94:c3:ee:df:
4d:21:95:ba:79:bd:c7:be:b6:ed:e4:8c:0f:4e:c2:09:24:32:
98:f8:49:57:38:4d:d6:89:57:35:e9:49:8a:6f:59:a5:4f:63:
9f:6b:5b:06:ec:ce:58:2e:c9:75:2a:ca:4e:2d:a0:bf:aa:60:
d7:0a:28:8c:90:2f:12:1c:15:19:e2:bb:45:21:43:86:b3:ac:
8c:21:03:d4:54:ff:4f:48:3d:dc:42:9d:e7:df:3e:e7:32:f6:
89:72:e9:78:90:b0:b6:79:12:dc:76:99:01:7b:c6:46:55:39:
fb:15:a9:03:2f:e2:c5:6c:fe:14:c4:30:dd:59:a9:9c:23:05:
f5:0e:f2:fc:ee:01:ac:99:f7:2a:04:d3:f7:e9:b7:3e:6c:87:
1f:18:a9:61:5a:d1:a7:0e:b1:c1:13:88:e3:f2:da:7f:0e:e7:
c7:ee:95:47:aa:5e:01:c8:4e:48:af:5c:e2:19:be:4c:b6:cb:
ff:d1:78:52:6c:68:54:10:0c:59:4f:2a:f5:b7:53:97:3c:cd:
6a:0b:94:b7:94:57:f0:c6:a1:38:cb:90:6c:15:2f:34:bd:d4:
37:0f:56:43
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFAAzB+CcZPgGbLi3wbJMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE0NWQyYWMzOWQ0NmJkYWIxMDE4ODUxYTY1Njg5YzFkNDA0OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3HxjF72RwHUE2yUrE0ts4vS2btr
mkiLfwoP2iz9hTwnJZo+vep5QCfHYe8DzvROe0+Vv3P7d+fLQKk14tk4ovXvSLfQ
UE8XkT0DNgLhZznAXG3mPTkoxTTWHAvLabXi9eMf6ES3UkrkiUHlhIlAriG3u4yC
DJI/inS+5l86kMF9C+WWKCd0SzevL/QFpSSz8OrA5h3Qo8UDQ6lTTj3+YRsWoeVC
MzZ6d9sxI133h8bm9uDJBA1E8SBm2IVcpVJN9NH9a8H9OSS16AV1NWm/SM3+i+S+
t9L+a5Y8AzL8AQKBSIQjaehk0u7/8e6VuyXJ1+jM5j8RaFsJI5k7nNQCKQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAikXSrDnUa9qxAYhRplaJwdQEmuMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvQ0tSZEtzT2RScjJyRUJpRkdtVm9uQjFBU2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQDECqWnxp9yu1c1QpCOjjCODJP1hZG6Lm+wNsj5cIDmSJTD
7t9NIZW6eb3Hvrbt5IwPTsIJJDKY+ElXOE3WiVc16UmKb1mlT2Ofa1sG7M5YLsl1
KspOLaC/qmDXCiiMkC8SHBUZ4rtFIUOGs6yMIQPUVP9PSD3cQp3n3z7nMvaJcul4
kLC2eRLcdpkBe8ZGVTn7FakDL+LFbP4UxDDdWamcIwX1DvL87gGsmfcqBNP36bc+
bIcfGKlhWtGnDrHBE4jj8tp/DufH7pVHql4ByE5Ir1ziGb5Mtsv/0XhSbGhUEAxZ
Tyr1t1OXPM1qC5S3lFfwxqE4y5BsFS80vdQ3D1ZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:46 2024 by rpki-client on console-fra.rpki-client.org