Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TMPcuQHUfP_z8_GPKSy7rfw1KyI.roa
File: TMPcuQHUfP_z8_GPKSy7rfw1KyI.roa (raw, json)
Hash identifier: szOYBGiGaUMQOBOsXHg2FJ20UoBv43F7cKQitnaiUUI=
Subject key identifier: 4C:C3:DC:B9:01:D4:7C:FF:F3:F3:F1:8F:29:2C:BB:AD:FC:35:2B:22
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0193205714AA0BFEF683A16570091D579B47
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TMPcuQHUfP_z8_GPKSy7rfw1KyI.roa
Signing time: Tue 12 Nov 2024 12:26:38 +0000
ROA not before: Tue 12 Nov 2024 12:26:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.70.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 20:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:57:14:aa:0b:fe:f6:83:a1:65:70:09:1d:57:9b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 12 12:26:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc3dcb901d47cfff3f3f18f292cbbadfc352b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b8:68:ac:a0:1e:de:06:e1:cb:55:d4:98:68:
85:3d:54:cd:0a:a3:92:c9:e3:11:6c:be:da:5f:48:
d7:96:bb:81:61:57:68:91:bd:59:4e:d0:0a:72:31:
e9:53:e5:b3:e0:5d:2a:1a:8d:99:d6:c0:c7:27:fc:
17:85:78:a2:f3:61:71:5a:71:bf:b1:58:07:0a:46:
37:29:c0:ba:83:82:13:30:de:36:3c:40:a6:08:f3:
44:a2:74:38:ec:8b:2d:c2:81:70:6a:b9:fb:3c:db:
bb:96:ec:f4:60:cf:5d:37:c8:e9:b6:9a:b4:0b:83:
30:45:39:ef:75:95:ca:73:a6:89:5d:e9:d3:68:ac:
bc:4e:52:62:e6:d6:17:97:4c:a6:9c:73:96:75:95:
a0:8f:6f:f8:8a:5b:aa:e8:5b:8c:fa:3f:c7:32:e9:
78:69:8d:86:86:8b:00:8b:54:e3:51:50:95:5f:02:
9b:62:84:95:7e:69:7c:13:a4:9a:0c:63:ef:7c:bc:
f4:36:5b:47:1f:2c:cb:2a:d0:49:00:cf:de:15:77:
25:a7:b7:67:25:18:c7:0e:09:d8:e5:8d:58:e2:00:
c2:f0:33:19:58:44:e7:b6:ef:6d:a2:85:0b:4a:d0:
e9:6f:00:68:54:d5:df:9b:f7:a8:4f:0c:8c:a4:d6:
de:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C3:DC:B9:01:D4:7C:FF:F3:F3:F1:8F:29:2C:BB:AD:FC:35:2B:22
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TMPcuQHUfP_z8_GPKSy7rfw1KyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:f3:13:29:d5:c4:0f:98:4b:aa:79:c7:0e:ac:1e:67:9d:0c:
9a:57:73:3b:94:8c:6b:45:bf:32:75:af:6d:9b:9a:f1:ea:8f:
66:8d:3e:fb:22:df:62:87:d0:bc:ec:3b:34:31:cd:87:de:dc:
3d:e9:1f:84:6a:15:bb:f2:ea:d9:27:82:01:cd:1a:40:b9:0c:
4a:08:d9:5a:3b:63:3e:15:50:b4:fd:a8:fc:6e:1d:2d:ae:0f:
d3:5d:e7:dd:18:34:9d:90:a3:8a:88:49:92:03:d2:b4:92:11:
6b:ec:98:28:30:50:ae:73:60:a0:bc:ee:a8:16:24:b9:ab:74:
a2:d5:f5:8f:23:50:c2:45:3a:cf:7f:ae:a2:b8:1f:ef:21:72:
89:77:c6:4e:f1:c6:61:f1:03:7b:dc:12:27:4a:49:76:5c:60:
e1:df:b1:61:fc:a8:77:e1:0d:8f:62:6f:27:5f:6f:0c:81:23:
20:9d:8d:b2:e3:ee:0f:ed:1f:d6:38:ba:da:4b:60:93:f8:d7:
49:f8:7f:08:dc:6c:e8:aa:95:6e:0c:27:a2:d8:73:33:64:99:
34:f2:73:3e:c0:37:72:3d:cf:40:90:85:cc:52:17:6a:26:fe:
a8:8d:54:e8:86:fd:27:99:57:55:62:ed:31:69:d0:44:bf:37:
ec:ec:5b:6d
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZMgVxSqC/72g6FlcAkdV5tHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQxMTEyMTIyNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MzZGNiOTAxZDQ3Y2ZmZjNmM2YxOGYyOTJjYmJhZGZjMzUyYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLhorKAe3gbhy1XUmGiFPVTNCqOS
yeMRbL7aX0jXlruBYVdokb1ZTtAKcjHpU+Wz4F0qGo2Z1sDHJ/wXhXii82FxWnG/
sVgHCkY3KcC6g4ITMN42PECmCPNEonQ47IstwoFwarn7PNu7luz0YM9dN8jptpq0
C4MwRTnvdZXKc6aJXenTaKy8TlJi5tYXl0ymnHOWdZWgj2/4iluq6FuM+j/HMul4
aY2GhosAi1TjUVCVXwKbYoSVfml8E6SaDGPvfLz0NltHHyzLKtBJAM/eFXclp7dn
JRjHDgnY5Y1Y4gDC8DMZWETntu9tooULStDpbwBoVNXfm/eoTwyMpNbe1wIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFEzD3LkB1Hz/8/Pxjyksu638NSsiMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVE1QY3VRSFVmUF96OF9HUEtTeTdyZncxS3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCBkQQCAAEwgYoD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBALB3cADBADCH40DBALCMhADBALCOOADBALUawwwcQQCAAIw
awMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsLh/+0AwcA
KgsLh//SAwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYq
C3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQCw8xMp1cQPmEuqeccOrB5n
nQyaV3M7lIxrRb8yda9tm5rx6o9mjT77It9ih9C87Ds0Mc2H3tw96R+EahW78urZ
J4IBzRpAuQxKCNlaO2M+FVC0/aj8bh0trg/TXefdGDSdkKOKiEmSA9K0khFr7Jgo
MFCuc2CgvO6oFiS5q3Si1fWPI1DCRTrPf66iuB/vIXKJd8ZO8cZh8QN73BInSkl2
XGDh37Fh/Kh34Q2PYm8nX28MgSMgnY2y4+4P7R/WOLraS2CT+NdJ+H8I3GzoqpVu
DCei2HMzZJk08nM+wDdyPc9AkIXMUhdqJv6ojVTohv0nmVdVYu0xadBEvzfs7Ftt
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:21:00 2024 by rpki-client on console-ams.rpki-client.org