Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aM8ohvrXQs6YtX_XC2XPMWP9EKs.roa
File: aM8ohvrXQs6YtX_XC2XPMWP9EKs.roa (raw, json)
Hash identifier: Jt8mnqIWzR9DaC/UQ2HJTRkTarVZAuWvNndNu6JEEsY=
Subject key identifier: 68:CF:28:86:FA:D7:42:CE:98:B5:7F:D7:0B:65:CF:31:63:FD:10:AB
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC740BC9E26CB6C2F54B0E8DA85C6BF92
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aM8ohvrXQs6YtX_XC2XPMWP9EKs.roa
Signing time: Tue 20 Feb 2024 16:02:04 +0000
ROA not before: Tue 20 Feb 2024 16:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.84.178.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.129.129.0/24 maxlen: 24
45.129.130.0/24 maxlen: 24
45.129.131.0/24 maxlen: 24
45.132.51.0/24 maxlen: 24
45.138.4.0/24 maxlen: 24
45.138.5.0/24 maxlen: 24
45.138.6.0/24 maxlen: 24
45.142.37.0/24 maxlen: 24
45.146.26.0/24 maxlen: 24
45.159.85.0/24 maxlen: 24
62.3.23.0/24 maxlen: 24
77.246.244.0/24 maxlen: 24
80.68.148.0/24 maxlen: 24
80.68.150.0/24 maxlen: 24
89.107.12.0/24 maxlen: 24
91.247.78.0/24 maxlen: 24
92.119.192.0/24 maxlen: 24
93.93.206.0/24 maxlen: 24
94.103.179.0/24 maxlen: 24
146.19.76.0/24 maxlen: 24
176.116.12.0/24 maxlen: 24
176.222.58.0/24 maxlen: 24
185.81.71.0/24 maxlen: 24
185.207.213.0/24 maxlen: 24
185.222.41.0/24 maxlen: 24
193.32.164.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
193.36.231.0/24 maxlen: 24
193.53.169.0/24 maxlen: 24
193.58.176.0/24 maxlen: 24
193.58.177.0/24 maxlen: 24
193.163.16.0/24 maxlen: 24
194.104.142.0/24 maxlen: 24
195.225.99.0/24 maxlen: 24
212.52.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:40:bc:9e:26:cb:6c:2f:54:b0:e8:da:85:c6:bf:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 20 16:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68cf2886fad742ce98b57fd70b65cf3163fd10ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:bc:df:b0:8b:7b:bc:13:45:bf:50:f1:38:
65:79:25:e4:11:e5:0d:02:56:2e:af:7c:12:69:a2:
53:98:77:93:07:9e:86:cc:4e:92:c5:ed:d8:01:ac:
a5:6c:ce:4d:2e:68:74:57:c3:9a:63:7d:29:2d:fc:
b3:f1:20:4b:f7:56:2b:ad:7c:e7:fc:65:ac:ac:30:
2e:23:df:7d:5d:f2:34:59:22:db:13:f4:a7:a6:1b:
6d:d4:ee:f3:a2:1b:31:da:18:5c:ce:31:32:a2:c6:
e2:c3:e0:3e:9e:dc:f3:88:db:11:eb:2a:d8:14:99:
a6:9d:44:4c:a5:b2:c8:30:a1:d2:e7:13:43:00:46:
3f:73:92:9a:89:f5:7d:b2:77:95:a0:89:fe:96:b5:
c8:61:b0:c7:e0:31:dd:f5:b4:46:07:4a:58:e4:53:
17:cb:92:92:6c:5e:bb:90:4f:06:8e:55:5b:c3:e0:
d4:04:13:a4:0f:d7:c0:8a:82:6d:04:8e:bd:bc:a7:
5d:e9:09:c3:5d:5a:7f:22:e5:da:b9:27:6e:f6:e9:
74:7d:af:4f:dc:cb:d1:80:35:8a:22:ea:90:5e:cc:
d5:c9:d6:d7:b1:30:d9:00:8b:aa:0a:08:c0:9e:59:
a6:d5:92:c1:63:4a:20:c3:29:93:ca:a2:9b:4a:1b:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CF:28:86:FA:D7:42:CE:98:B5:7F:D7:0B:65:CF:31:63:FD:10:AB
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aM8ohvrXQs6YtX_XC2XPMWP9EKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.178.0/24
45.129.1.0/24
45.129.129.0-45.129.131.255
45.132.51.0/24
45.138.4.0-45.138.6.255
45.142.37.0/24
45.146.26.0/24
45.159.85.0/24
62.3.23.0/24
77.246.244.0/24
80.68.148.0/24
80.68.150.0/24
89.107.12.0/24
91.247.78.0/24
92.119.192.0/24
93.93.206.0/24
94.103.179.0/24
146.19.76.0/24
176.116.12.0/24
176.222.58.0/24
185.81.71.0/24
185.207.213.0/24
185.222.41.0/24
193.32.164.0/22
193.36.231.0/24
193.53.169.0/24
193.58.176.0/23
193.163.16.0/24
194.104.142.0/24
195.225.99.0/24
212.52.31.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e2:1e:3f:1b:21:ff:67:d1:04:40:83:15:18:b2:a1:d7:e5:
06:82:31:28:20:c7:8e:47:f1:75:30:ac:a4:44:51:bd:d5:54:
b7:ac:9a:64:18:37:5c:68:f0:41:7e:27:1f:c1:a7:51:bf:3c:
58:9f:93:2d:e5:a4:7b:65:fd:b1:3a:56:83:2e:d4:30:81:c9:
c8:cd:99:10:77:fa:76:a4:6f:55:60:5e:66:53:6b:10:d8:1f:
28:c3:5d:d9:a8:d6:2b:02:b1:5d:3a:ca:63:7b:20:62:a7:b2:
bd:48:17:0b:15:b5:52:ed:9f:0d:2f:0f:ba:fa:5d:a1:79:55:
0f:f0:03:d8:81:95:a1:07:b2:4a:be:35:da:75:4e:5a:0e:1d:
68:dd:d7:87:3e:e2:97:95:06:e6:91:ea:5c:6d:e9:7f:cd:c6:
1e:2c:ff:c4:98:6c:eb:e0:64:90:2f:2f:d3:5c:6c:12:c9:03:
27:36:4a:a1:aa:fc:25:e0:b2:6a:65:82:f2:7c:ab:74:1c:88:
42:bc:91:38:bb:b0:f4:7a:b6:9d:ad:08:8a:31:39:3f:31:60:
b0:77:61:d6:55:d9:1f:0f:b8:fc:6a:bb:1b:30:a1:44:4f:79:
56:34:17:fc:11:2e:fe:25:9f:2a:95:c2:67:e6:8f:5d:53:79:
43:69:15:f9
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAY3HQLyeJstsL1Sw6NqFxr+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIwMTYwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNmMjg4NmZhZDc0MmNlOThiNTdmZDcwYjY1Y2YzMTYzZmQxMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx6837CLe7wTRb9Q8ThleSXkEeUN
AlYur3wSaaJTmHeTB56GzE6Sxe3YAaylbM5NLmh0V8OaY30pLfyz8SBL91YrrXzn
/GWsrDAuI999XfI0WSLbE/Snphtt1O7zohsx2hhczjEyosbiw+A+ntzziNsR6yrY
FJmmnURMpbLIMKHS5xNDAEY/c5KaifV9sneVoIn+lrXIYbDH4DHd9bRGB0pY5FMX
y5KSbF67kE8GjlVbw+DUBBOkD9fAioJtBI69vKdd6QnDXVp/IuXauSdu9ul0fa9P
3MvRgDWKIuqQXszVydbXsTDZAIuqCgjAnlmm1ZLBY0ogwymTyqKbShttfQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFGjPKIb610LOmLV/1wtlzzFj/RCrMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYU04b2h2clhRczZZdFhfWEMyWFBNV1A5RUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAAt
VLIDBAAtgQEwDAMEAC2BgQMEAi2BgAMEAC2EMzAMAwQCLYoEAwQALYoGAwQALY4l
AwQALZIaAwQALZ9VAwQAPgMXAwQATfb0AwQAUESUAwQAUESWAwQAWWsMAwQAW/dO
AwQAXHfAAwQAXV3OAwQAXmezAwQAkhNMAwQAsHQMAwQAsN46AwQAuVFHAwQAuc/V
AwQAud4pAwQCwSCkAwQAwSTnAwQAwTWpAwQBwTqwAwQAwaMQAwQAwmiOAwQAw+Fj
AwQA1DQfMA0GCSqGSIb3DQEBCwUAA4IBAQAS4h4/GyH/Z9EEQIMVGLKh1+UGgjEo
IMeOR/F1MKykRFG91VS3rJpkGDdcaPBBficfwadRvzxYn5Mt5aR7Zf2xOlaDLtQw
gcnIzZkQd/p2pG9VYF5mU2sQ2B8ow13ZqNYrArFdOspjeyBip7K9SBcLFbVS7Z8N
Lw+6+l2heVUP8APYgZWhB7JKvjXadU5aDh1o3deHPuKXlQbmkepcbel/zcYeLP/E
mGzr4GSQLy/TXGwSyQMnNkqhqvwl4LJqZYLyfKt0HIhCvJE4u7D0eradrQiKMTk/
MWCwd2HWVdkfD7j8arsbMKFET3lWNBf8ES7+JZ8qlcJn5o9dU3lDaRX5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org