Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/nV8ZaBNa6L6SkIrxlqLeJmnCt3E.roa
File: nV8ZaBNa6L6SkIrxlqLeJmnCt3E.roa (raw, json)
Hash identifier: Gs9zgEnwXMNdrp6dlic9Zinl2fmj+VtTItiFty7HEFQ=
Subject key identifier: 9D:5F:19:68:13:5A:E8:BE:92:90:8A:F1:96:A2:DE:26:69:C2:B7:71
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 018E2C87A27772BDBD6A608CF8E9D5342E1E
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/nV8ZaBNa6L6SkIrxlqLeJmnCt3E.roa
Signing time: Mon 11 Mar 2024 08:01:10 +0000
ROA not before: Mon 11 Mar 2024 08:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 29 Mar 2024 10:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:87:a2:77:72:bd:bd:6a:60:8c:f8:e9:d5:34:2e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Mar 11 08:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5f1968135ae8be92908af196a2de2669c2b771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f3:f0:26:e0:0b:94:1e:e1:2a:bf:c6:87:a8:
3f:28:9a:06:f8:67:13:66:29:00:e6:eb:38:65:94:
18:ec:96:a7:06:c8:53:31:ff:28:a9:cb:cc:57:7a:
94:2f:1b:dd:38:66:c5:8c:92:d8:a4:03:b7:bc:43:
8f:36:4c:3e:51:fd:5d:1e:68:8c:2a:59:69:ad:ab:
26:0d:17:6b:13:ff:97:02:6b:28:4d:84:67:0f:98:
9b:52:2d:25:02:f3:02:8e:39:c2:75:29:e5:22:73:
ae:15:89:cd:ef:b4:8f:b4:ed:93:be:80:7b:0e:ca:
3f:93:22:82:2a:91:6a:4a:5f:11:0b:e6:bf:17:c0:
24:1a:e6:ab:86:94:77:32:09:ad:6c:91:27:36:f9:
58:62:6e:8f:c5:9c:64:c3:c4:a4:af:98:e3:95:ef:
97:13:f3:c4:bc:9b:5e:f9:f7:d6:47:f3:6e:ab:8d:
64:26:5c:7a:dc:98:d3:bc:fd:1e:0a:8c:3c:9c:16:
80:dc:d7:49:b3:f7:62:ca:b1:0a:bc:d2:36:eb:4d:
de:98:58:9d:c7:48:19:be:09:03:31:10:98:20:1f:
cd:ea:60:0c:16:80:22:83:86:06:dc:30:44:2e:03:
09:81:ba:90:00:d7:73:ac:f2:69:d9:3c:4f:39:71:
9c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5F:19:68:13:5A:E8:BE:92:90:8A:F1:96:A2:DE:26:69:C2:B7:71
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/nV8ZaBNa6L6SkIrxlqLeJmnCt3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
185.56.156.0/22
185.171.232.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:06:81:a5:21:65:d2:7d:0d:ce:a3:6e:6b:a5:65:c7:a7:d7:
67:e6:53:d1:09:30:04:65:02:68:17:1d:1f:33:b7:a7:48:8d:
83:ab:97:34:e3:0c:53:26:d1:9f:7d:3a:e8:a8:e0:05:66:89:
83:c0:ee:7f:a3:1b:f7:27:40:39:f4:06:a3:8f:2a:5e:7e:d5:
5a:25:87:b3:2a:b7:7f:3d:8a:2a:b5:33:a6:3d:3d:9e:e7:93:
77:20:de:7c:ba:7d:ba:e1:55:d4:d9:d3:e0:6d:d0:be:42:4d:
43:74:fe:c7:43:61:35:2c:78:0d:83:5a:30:bc:f2:f6:76:e0:
85:4a:ce:67:23:9b:60:7d:51:01:54:fa:ea:48:f7:2e:ca:38:
45:c5:c3:af:c3:42:c2:39:8b:94:25:5d:2b:14:e7:03:ac:cc:
28:67:b9:cc:46:27:d3:b2:f0:d0:0c:a0:87:6d:b6:68:58:d3:
c8:76:af:d8:6f:12:e4:25:1e:46:02:41:88:7e:6f:a5:e5:ca:
b5:68:fd:71:91:90:6a:88:55:86:3a:0d:1a:cf:b1:13:5a:aa:
83:a6:b4:64:50:79:58:24:a1:4e:5d:29:9d:88:49:d4:3f:be:
7f:7a:17:a9:6d:33:4d:08:f0:d5:de:ac:32:b0:e0:55:a1:b2:
08:aa:5a:d5
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY4sh6J3cr29amCM+OnVNC4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjQwMzExMDgwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDVmMTk2ODEzNWFlOGJlOTI5MDhhZjE5NmEyZGUyNjY5YzJiNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/PwJuALlB7hKr/Gh6g/KJoG+GcT
ZikA5us4ZZQY7JanBshTMf8oqcvMV3qULxvdOGbFjJLYpAO3vEOPNkw+Uf1dHmiM
KllprasmDRdrE/+XAmsoTYRnD5ibUi0lAvMCjjnCdSnlInOuFYnN77SPtO2TvoB7
Dso/kyKCKpFqSl8RC+a/F8AkGuarhpR3MgmtbJEnNvlYYm6PxZxkw8Skr5jjle+X
E/PEvJte+ffWR/Nuq41kJlx63JjTvP0eCow8nBaA3NdJs/diyrEKvNI2603emFid
x0gZvgkDMRCYIB/N6mAMFoAig4YG3DBELgMJgbqQANdzrPJp2TxPOXGcawIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFJ1fGWgTWui+kpCK8Zai3iZpwrdxMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvblY4WmFCTmE2TDZTa0lyeGxxTGVKbW5DdDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBaBAIAATBUAwQCLZHI
AwQETfKAAwQCVdDIAwQBWSVGAwQDshcIAwQCuTicAwQCuavoAwQCub9oAwQCudeQ
AwQCudt0AwQAufjjAwQAuf8dAwQCvL84AwQC2RxAMCIEAgACMBwDBQAqAlPgAwUD
Kgt7gAMFAyoP3oADBQMqE1bAMA0GCSqGSIb3DQEBCwUAA4IBAQAyBoGlIWXSfQ3O
o25rpWXHp9dn5lPRCTAEZQJoFx0fM7enSI2Dq5c04wxTJtGffTroqOAFZomDwO5/
oxv3J0A59AajjypeftVaJYezKrd/PYoqtTOmPT2e55N3IN58un264VXU2dPgbdC+
Qk1DdP7HQ2E1LHgNg1owvPL2duCFSs5nI5tgfVEBVPrqSPcuyjhFxcOvw0LCOYuU
JV0rFOcDrMwoZ7nMRifTsvDQDKCHbbZoWNPIdq/YbxLkJR5GAkGIfm+l5cq1aP1x
kZBqiFWGOg0az7ETWqqDprRkUHlYJKFOXSmdiEnUP75/ehepbTNNCPDV3qwysOBV
obIIqlrV
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:34:33 2024 by rpki-client on console-ams.rpki-client.org