Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/RnsqZKZQeLiG3NNg8ZE6uenl-qU.roa
File: RnsqZKZQeLiG3NNg8ZE6uenl-qU.roa (raw, json)
Hash identifier: H1+s8hLAsliFSJHKykSTin4fqhirnAA2WfFCoLS+Mbw=
Subject key identifier: 46:7B:2A:64:A6:50:78:B8:86:DC:D3:60:F1:91:3A:B9:E9:E5:FA:A5
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0187108CACCDF70A4B81C447FA9FD0143E08
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/RnsqZKZQeLiG3NNg8ZE6uenl-qU.roa
Signing time: Thu 23 Mar 2023 22:17:47 +0000
ROA not before: Thu 23 Mar 2023 22:17:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 45.140.7.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 20:57:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:8c:ac:cd:f7:0a:4b:81:c4:47:fa:9f:d0:14:3e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:17:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=467b2a64a65078b886dcd360f1913ab9e9e5faa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:27:ab:ff:f9:f3:5a:83:d5:f0:92:2a:e7:30:
c7:99:23:47:8e:09:92:29:c3:97:21:5f:40:4e:1e:
3c:fa:0a:cc:f7:04:db:b2:3a:3c:e4:a1:57:f2:4b:
4f:96:26:f0:6e:d6:dc:ca:6c:2e:26:72:7f:ab:07:
51:84:42:63:60:79:38:d8:b3:92:ba:af:50:6b:e4:
72:65:a5:f6:d6:33:c0:65:0e:df:6f:c4:13:65:dc:
1a:87:f5:70:f9:5e:d8:0b:82:63:3b:d2:3a:01:d3:
a7:4f:20:b6:93:ab:13:6d:42:63:2d:79:58:14:c0:
a4:03:2d:db:32:0b:b5:3a:4a:a3:86:cb:51:25:5a:
e0:ce:6d:3e:3d:21:46:a4:c3:64:88:61:ed:7e:fd:
91:27:bb:21:88:a8:31:a5:9e:8a:99:22:85:ba:df:
a1:3f:d6:dd:86:3f:85:04:2f:c5:50:ab:4d:68:a9:
aa:24:4a:85:90:ba:2b:a1:fb:dd:89:06:cd:c5:eb:
ec:6b:10:2d:de:11:59:78:f9:58:ac:d0:8a:99:ee:
14:0f:79:87:77:00:48:83:ec:8c:4e:2e:ca:b2:2c:
ec:fb:d6:08:1f:85:90:14:04:9f:2a:71:3f:77:11:
4b:48:6a:2b:c8:37:ae:bf:a8:88:23:59:2c:94:c2:
5f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7B:2A:64:A6:50:78:B8:86:DC:D3:60:F1:91:3A:B9:E9:E5:FA:A5
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/RnsqZKZQeLiG3NNg8ZE6uenl-qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
45.130.184.0-45.130.186.255
45.140.7.0/24
88.218.239.0/24
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
193.160.72.0/24
194.28.157.0/24
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
08:60:a1:ab:83:40:be:e5:0f:34:58:86:54:30:3d:75:a5:b5:
07:d6:a1:07:72:6c:d0:c5:c1:fa:77:67:c8:09:8a:dd:4b:35:
d2:ee:3f:2a:dc:8a:5f:2f:17:fa:e0:45:3d:2b:3e:ee:09:f0:
1f:6b:1f:25:01:6e:48:8d:18:c7:74:f0:98:40:bb:69:e5:21:
c1:b6:8f:7e:b8:8d:7a:2f:3c:c1:90:b5:46:fa:81:93:69:15:
fe:db:55:47:1e:6e:4a:74:76:fb:3f:eb:45:39:0c:44:d2:60:
9f:04:4e:b9:89:65:37:42:10:b7:01:e6:1c:ff:56:ed:42:4b:
52:fe:35:cb:19:d8:38:5d:68:78:6b:30:3c:b6:31:93:48:45:
e3:a8:40:98:76:00:4b:6d:68:9d:f9:ec:ec:3d:e2:d3:dc:7d:
ef:d5:cb:77:cd:57:43:b2:78:19:36:fc:be:f7:9a:e1:5a:b5:
ee:b5:8e:fa:40:89:a9:c1:62:b3:12:7a:81:e4:76:98:63:71:
df:12:3a:0f:fd:1b:1c:1f:e9:a6:d2:13:f7:6c:36:03:c8:83:
d5:f2:bd:95:18:ad:dd:81:31:c2:cd:42:9d:52:60:9b:25:51:
dd:3c:a9:85:8a:96:c2:d1:a9:78:36:9c:b4:70:bd:4b:22:a3:
55:16:1a:ef
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYcQjKzN9wpLgcRH+p/QFD4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdiMmE2NGE2NTA3OGI4ODZkY2QzNjBmMTkxM2FiOWU5ZTVmYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyier//nzWoPV8JIq5zDHmSNHjgmS
KcOXIV9ATh48+grM9wTbsjo85KFX8ktPlibwbtbcymwuJnJ/qwdRhEJjYHk42LOS
uq9Qa+RyZaX21jPAZQ7fb8QTZdwah/Vw+V7YC4JjO9I6AdOnTyC2k6sTbUJjLXlY
FMCkAy3bMgu1OkqjhstRJVrgzm0+PSFGpMNkiGHtfv2RJ7shiKgxpZ6KmSKFut+h
P9bdhj+FBC/FUKtNaKmqJEqFkLorofvdiQbNxevsaxAt3hFZePlYrNCKme4UD3mH
dwBIg+yMTi7Ksizs+9YIH4WQFASfKnE/dxFLSGoryDeuv6iII1kslMJfwwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEZ7KmSmUHi4htzTYPGROrnp5fqlMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUm5zcVpLWlFlTGlHM05OZzhaRTZ1ZW5sLXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABWhIAwQB
BWhKMAwDBAMtgrgDBAAtgroDBAAtjAcDBABY2u8DBABb9e8DBAFf1lwDBABf1l8D
BADBoEgDBADCHJ0DBADCfCkDBADURYcwDQYJKoZIhvcNAQELBQADggEBAAhgoauD
QL7lDzRYhlQwPXWltQfWoQdybNDFwfp3Z8gJit1LNdLuPyrcil8vF/rgRT0rPu4J
8B9rHyUBbkiNGMd08JhAu2nlIcG2j364jXovPMGQtUb6gZNpFf7bVUcebkp0dvs/
60U5DETSYJ8ETrmJZTdCELcB5hz/Vu1CS1L+NcsZ2DhdaHhrMDy2MZNIReOoQJh2
AEttaJ357Ow94tPcfe/Vy3fNV0OyeBk2/L73muFate61jvpAianBYrMSeoHkdphj
cd8SOg/9Gxwf6abSE/dsNgPIg9XyvZUYrd2BMcLNQp1SYJslUd08qYWKlsLRqXg2
nLRwvUsio1UWGu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org