Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/ORCHICHYiYZUBd313aBdLXPDbKY.roa
File: ORCHICHYiYZUBd313aBdLXPDbKY.roa (raw, json)
Hash identifier: wSrdKASdBbYIuzHZMm0knNIIdFS1pntvVbWAAegtWL4=
Subject key identifier: 39:10:87:20:21:D8:89:86:54:05:DD:F5:DD:A0:5D:2D:73:C3:6C:A6
Certificate issuer: /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial: 019324AA7096D4065F2338D8AF13687109A4
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/ORCHICHYiYZUBd313aBdLXPDbKY.roa
Signing time: Wed 13 Nov 2024 08:36:09 +0000
ROA not before: Wed 13 Nov 2024 08:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202087
IP address blocks: 45.89.212.0/22 maxlen: 22
45.94.8.0/22 maxlen: 24
45.94.10.0/24 maxlen: 24
94.26.93.0/24 maxlen: 24
94.26.95.0/24 maxlen: 24
94.26.97.0/24 maxlen: 24
94.26.98.0/23 maxlen: 23
94.26.101.0/24 maxlen: 24
94.26.103.0/24 maxlen: 24
94.26.109.0/24 maxlen: 24
94.190.196.0/22 maxlen: 22
94.190.196.0/24 maxlen: 24
94.190.197.0/24 maxlen: 24
94.190.198.0/24 maxlen: 24
94.190.199.0/24 maxlen: 24
104.255.128.0/21 maxlen: 21
153.94.56.0/21 maxlen: 21
185.9.212.0/22 maxlen: 22
185.49.216.0/22 maxlen: 22
185.75.80.0/22 maxlen: 22
185.83.148.0/23 maxlen: 23
185.83.150.0/23 maxlen: 23
185.94.76.0/23 maxlen: 23
185.94.78.0/23 maxlen: 23
192.190.168.0/22 maxlen: 22
2a03:50c0:1000::/36 maxlen: 36
2a03:50c0:3300::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 27 Nov 2024 07:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:aa:70:96:d4:06:5f:23:38:d8:af:13:68:71:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Validity
Not Before: Nov 13 08:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3910872021d889865405ddf5dda05d2d73c36ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:0f:11:76:f5:77:da:c8:3e:4a:a0:34:fb:
bf:e8:69:6c:41:89:7e:a6:a3:7e:49:41:8f:f0:91:
b5:ae:1b:2b:8b:b1:fc:de:70:fc:f5:a2:20:a9:34:
2c:96:d2:36:36:25:01:cf:21:3c:5d:1a:a2:5a:65:
f6:7b:a7:38:52:cf:86:fe:8b:b1:24:fa:98:48:90:
26:c6:8e:8a:91:c1:f8:49:ce:55:e2:99:29:fe:88:
23:29:c1:61:04:10:92:52:bb:28:61:12:27:32:07:
a3:5a:1f:4b:68:10:c2:fd:1d:6d:08:fc:98:27:58:
01:c6:74:6c:92:01:36:7d:93:d4:8f:10:88:b1:be:
2e:c2:10:5e:4f:84:36:19:4e:ca:2f:0c:6a:ce:d2:
32:f4:5e:26:21:66:d6:0c:57:e0:d9:6b:1c:7e:24:
7c:47:4c:e8:95:03:3e:b6:87:25:14:b3:69:cb:49:
2d:a4:d1:dc:0e:1e:e0:d0:3b:34:2f:9a:6d:df:70:
70:f6:73:da:16:f1:05:77:39:db:e2:59:dc:73:70:
47:f0:e3:55:8b:3f:05:74:ad:89:5a:ce:aa:f3:e2:
38:c9:30:8a:03:a1:3e:c5:7e:b1:da:af:a1:97:a6:
3c:14:82:7e:e0:0e:90:6c:6d:25:cd:94:05:a7:90:
af:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:10:87:20:21:D8:89:86:54:05:DD:F5:DD:A0:5D:2D:73:C3:6C:A6
X509v3 Authority Key Identifier:
keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/ORCHICHYiYZUBd313aBdLXPDbKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.212.0/22
45.94.8.0/22
94.26.93.0/24
94.26.95.0/24
94.26.97.0-94.26.99.255
94.26.101.0/24
94.26.103.0/24
94.26.109.0/24
94.190.196.0/22
104.255.128.0/21
153.94.56.0/21
185.9.212.0/22
185.49.216.0/22
185.75.80.0/22
185.83.148.0/22
185.94.76.0/22
192.190.168.0/22
IPv6:
2a03:50c0:1000::/36
2a03:50c0:3300::/40
Signature Algorithm: sha256WithRSAEncryption
43:df:db:96:0d:38:83:1d:b8:f3:91:32:4b:ff:e4:6c:29:9d:
0f:c9:9f:7a:84:1e:fb:4d:d6:ec:87:59:a2:d4:31:c8:3f:1a:
b4:1c:5d:3e:e0:f7:98:98:3b:43:0d:62:6f:04:73:92:3d:15:
4c:dd:02:0a:47:a6:bb:99:d9:91:9b:e1:05:91:73:ef:6f:97:
3d:59:5a:ee:c5:4b:2f:3f:2e:d4:45:d9:b2:e2:f7:06:6e:00:
19:9a:60:28:2f:8f:50:be:f7:8a:9a:7c:4a:37:52:93:66:91:
f3:0a:16:2e:71:f6:37:ca:86:1f:06:83:70:e5:14:92:a8:0c:
29:ca:c0:70:1b:94:11:94:5f:b7:2f:e5:08:bd:75:4c:87:15:
a3:e9:db:9c:93:ca:48:80:2b:47:5a:09:b2:c8:28:16:ac:b7:
35:bf:a0:20:2f:01:f4:29:6c:57:07:60:af:c7:98:57:cb:62:
80:8c:e9:2f:0e:15:09:a1:f2:f0:1e:ca:97:b2:32:5c:4f:bf:
bb:78:bc:5f:7f:48:f4:e8:55:90:3f:1d:db:63:12:02:5f:b3:
8d:17:9d:29:9a:6d:e8:3c:af:d1:55:f7:67:92:40:44:90:ca:
57:29:d0:9f:f9:56:1a:48:e9:45:86:f6:f3:2c:27:0f:f2:cb:
22:9c:36:3d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZMkqnCW1AZfIzjYrxNocQmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjQxMTEzMDgzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTEwODcyMDIxZDg4OTg2NTQwNWRkZjVkZGEwNWQyZDczYzM2Y2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucsPEXb1d9rIPkqgNPu/6GlsQYl+
pqN+SUGP8JG1rhsri7H83nD89aIgqTQsltI2NiUBzyE8XRqiWmX2e6c4Us+G/oux
JPqYSJAmxo6KkcH4Sc5V4pkp/ogjKcFhBBCSUrsoYRInMgejWh9LaBDC/R1tCPyY
J1gBxnRskgE2fZPUjxCIsb4uwhBeT4Q2GU7KLwxqztIy9F4mIWbWDFfg2WscfiR8
R0zolQM+toclFLNpy0ktpNHcDh7g0Ds0L5pt33Bw9nPaFvEFdznb4lncc3BH8ONV
iz8FdK2JWs6q8+I4yTCKA6E+xX6x2q+hl6Y8FIJ+4A6QbG0lzZQFp5CvEQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFDkQhyAh2ImGVAXd9d2gXS1zw2ymMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvT1JDSElDSFlpWVpVQmQzMTNhQmRMWFBEYktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB0BAIAATBuAwQCLVnU
AwQCLV4IAwQAXhpdAwQAXhpfMAwDBABeGmEDBAJeGmADBABeGmUDBABeGmcDBABe
Gm0DBAJevsQDBANo/4ADBAOZXjgDBAK5CdQDBAK5MdgDBAK5S1ADBAK5U5QDBAK5
XkwDBALAvqgwFgQCAAIwEAMGBCoDUMAQAwYAKgNQwDMwDQYJKoZIhvcNAQELBQAD
ggEBAEPf25YNOIMduPORMkv/5GwpnQ/Jn3qEHvtN1uyHWaLUMcg/GrQcXT7g95iY
O0MNYm8Ec5I9FUzdAgpHpruZ2ZGb4QWRc+9vlz1ZWu7FSy8/LtRF2bLi9wZuABma
YCgvj1C+94qafEo3UpNmkfMKFi5x9jfKhh8Gg3DlFJKoDCnKwHAblBGUX7cv5Qi9
dUyHFaPp25yTykiAK0daCbLIKBastzW/oCAvAfQpbFcHYK/HmFfLYoCM6S8OFQmh
8vAeypeyMlxPv7t4vF9/SPToVZA/HdtjEgJfs40XnSmabeg8r9FV92eSQESQylcp
0J/5VhpI6UWG9vMsJw/yyyKcNj0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:56 2025 by rpki-client