Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/9Ua4F0MoSsiN-6GXfmKUMbrM_Xg.roa
File: 9Ua4F0MoSsiN-6GXfmKUMbrM_Xg.roa (raw, json)
Hash identifier: 89ZCl5PWAsSxmGwkxQwveVfzCc6sgUV/Mqsn6L/tfFA=
Subject key identifier: F5:46:B8:17:43:28:4A:C8:8D:FB:A1:97:7E:62:94:31:BA:CC:FD:78
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 018F9ADBC35996391D54A93CF51379D6E18D
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/9Ua4F0MoSsiN-6GXfmKUMbrM_Xg.roa
Signing time: Tue 21 May 2024 11:14:04 +0000
ROA not before: Tue 21 May 2024 11:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.64.0/24 maxlen: 24
45.157.65.0/24 maxlen: 24
45.157.66.0/24 maxlen: 24
45.157.67.0/24 maxlen: 24
94.124.64.0/21 maxlen: 21
94.124.64.0/24 maxlen: 24
94.124.65.0/24 maxlen: 24
94.124.66.0/24 maxlen: 24
94.124.67.0/24 maxlen: 24
94.124.68.0/24 maxlen: 24
94.124.69.0/24 maxlen: 24
94.124.70.0/24 maxlen: 24
94.124.71.0/24 maxlen: 24
178.248.48.0/24 maxlen: 24
178.248.49.0/24 maxlen: 24
178.248.50.0/24 maxlen: 24
178.248.51.0/24 maxlen: 24
178.248.52.0/24 maxlen: 24
178.248.54.0/24 maxlen: 24
185.45.208.0/24 maxlen: 24
185.45.210.0/24 maxlen: 24
185.187.156.0/24 maxlen: 24
185.187.159.0/24 maxlen: 24
2a02:2890:ffff::/48 maxlen: 48
2a02:2891::/48 maxlen: 48
2a02:2891:1::/48 maxlen: 48
2a02:2891:2::/48 maxlen: 48
2a02:2891:4::/48 maxlen: 48
2a02:2891:9::/48 maxlen: 48
2a02:2891:10::/48 maxlen: 48
2a02:2891:12::/48 maxlen: 48
2a02:2891:13::/48 maxlen: 48
2a02:2891:15::/48 maxlen: 48
2a02:2891:16::/48 maxlen: 48
2a02:2891:18::/48 maxlen: 48
2a02:2891:29::/48 maxlen: 48
2a02:2891:ff::/48 maxlen: 48
2a02:2892:32::/48 maxlen: 48
2a02:2892:40::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 15:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:db:c3:59:96:39:1d:54:a9:3c:f5:13:79:d6:e1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: May 21 11:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f546b81743284ac88dfba1977e629431baccfd78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:3d:24:f2:09:d9:55:c2:55:ad:bb:0e:34:
55:39:b3:9b:5d:4a:f8:30:e6:8a:2f:c3:34:0c:b5:
68:0d:76:26:26:10:6f:06:42:f6:20:d9:b7:c9:ef:
51:4d:7d:53:f4:c0:34:8c:ec:3e:db:4e:10:e2:9e:
9f:e0:b5:86:fa:81:ae:de:38:8f:8c:f1:04:c3:6d:
a6:8e:49:fe:73:a8:96:b4:bc:fa:34:b2:d4:61:e8:
fc:19:54:a0:56:b7:41:fc:67:40:78:50:7b:73:28:
8e:0e:f2:16:30:01:81:e0:b2:35:b3:13:ab:be:5c:
3c:9e:2d:f6:2b:9f:f3:3a:fc:c4:f3:86:3d:fb:b4:
42:80:8f:6f:17:c1:ab:a1:b3:03:21:cd:7f:a3:7b:
a6:b0:33:46:45:96:19:2b:1b:e9:e6:00:6d:3e:29:
ac:06:96:7f:24:e0:c1:d7:02:fd:b7:93:a4:b1:8f:
1e:40:b8:d2:ee:e0:f0:23:f3:9b:a1:d4:a9:90:09:
a4:24:86:7c:db:28:00:85:34:71:97:9e:ee:72:c4:
26:72:a4:d8:d8:8e:0a:f2:5e:50:62:5b:28:23:39:
55:f7:b8:9e:c5:6b:c9:0f:b1:95:55:26:3c:6e:71:
e9:32:5f:43:2d:11:dc:53:fe:ac:63:3c:a3:f1:88:
27:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:46:B8:17:43:28:4A:C8:8D:FB:A1:97:7E:62:94:31:BA:CC:FD:78
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/9Ua4F0MoSsiN-6GXfmKUMbrM_Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
94.124.64.0/21
178.248.48.0-178.248.52.255
178.248.54.0/24
185.45.208.0/24
185.45.210.0/24
185.187.156.0/24
185.187.159.0/24
IPv6:
2a02:2890:ffff::-2a02:2891:2:ffff:ffff:ffff:ffff:ffff
2a02:2891:4::/48
2a02:2891:9::/48
2a02:2891:10::/48
2a02:2891:12::/47
2a02:2891:15::-2a02:2891:16:ffff:ffff:ffff:ffff:ffff
2a02:2891:18::/48
2a02:2891:29::/48
2a02:2891:ff::/48
2a02:2892:32::/48
2a02:2892:40::/48
Signature Algorithm: sha256WithRSAEncryption
61:8d:fb:c5:0a:64:07:1d:ba:9a:5b:e3:66:79:34:fb:fa:3b:
6d:30:10:3b:27:a2:77:86:dc:bd:71:c7:8a:2e:b1:d2:3e:d6:
26:23:5d:fc:c5:9c:c2:6f:63:57:c8:b3:36:69:9d:71:be:5d:
e4:3d:c7:2c:ff:5d:99:fe:72:05:49:ac:eb:39:2f:b1:f8:2b:
8f:3e:d6:df:3b:ce:4d:57:0b:69:71:b2:9d:94:85:af:77:f8:
d2:81:6e:dd:7a:55:ee:82:8e:78:fd:60:b0:4f:95:e7:c1:79:
e1:66:46:9d:ed:12:74:75:78:94:f5:23:62:b1:a3:e0:fa:3a:
b7:70:c4:c4:d5:c1:94:e0:f9:d4:7b:fb:71:14:13:2a:aa:f5:
1d:bd:be:f1:9c:35:5c:e6:d8:c9:0f:8a:9c:30:c5:34:42:51:
81:52:41:dc:6f:be:e0:4a:7e:e1:06:6f:13:d6:09:df:a4:4b:
20:00:b7:ad:d7:e6:92:62:26:ba:b1:1d:bd:ff:44:7d:d2:8a:
0a:f3:72:f3:63:00:9d:d8:fb:30:e6:34:db:92:78:be:18:51:
9b:40:4f:ca:2b:30:87:42:f4:cf:cc:9b:82:65:3a:be:cf:e4:
e2:69:54:03:e3:3a:0d:65:2b:02:c7:88:8d:28:92:eb:74:8e:
b9:14:dc:f9
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY+a28NZljkdVKk89RN51uGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjQwNTIxMTExNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ2YjgxNzQzMjg0YWM4OGRmYmExOTc3ZTYyOTQzMWJhY2NmZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyU9JPIJ2VXCVa27DjRVObObXUr4
MOaKL8M0DLVoDXYmJhBvBkL2INm3ye9RTX1T9MA0jOw+204Q4p6f4LWG+oGu3jiP
jPEEw22mjkn+c6iWtLz6NLLUYej8GVSgVrdB/GdAeFB7cyiODvIWMAGB4LI1sxOr
vlw8ni32K5/zOvzE84Y9+7RCgI9vF8GrobMDIc1/o3umsDNGRZYZKxvp5gBtPims
BpZ/JODB1wL9t5OksY8eQLjS7uDwI/ObodSpkAmkJIZ82ygAhTRxl57ucsQmcqTY
2I4K8l5QYlsoIzlV97iexWvJD7GVVSY8bnHpMl9DLRHcU/6sYzyj8YgniQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFPVGuBdDKErIjfuhl35ilDG6zP14MB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvOVVhNEYwTW9Tc2lOLTZHWGZtS1VNYnJNX1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTA+BAIAATA4AwQCLZ1A
AwQDXnxAMAwDBASy+DADBACy+DQDBACy+DYDBAC5LdADBAC5LdIDBAC5u5wDBAC5
u58wfwQCAAIweTASAwcAKgIokP//AwcAKgIokQACAwcAKgIokQAEAwcAKgIokQAJ
AwcAKgIokQAQAwcBKgIokQASMBIDBwAqAiiRABUDBwAqAiiRABYDBwAqAiiRABgD
BwAqAiiRACkDBwAqAiiRAP8DBwAqAiiSADIDBwAqAiiSAEAwDQYJKoZIhvcNAQEL
BQADggEBAGGN+8UKZAcduppb42Z5NPv6O20wEDsnoneG3L1xx4ousdI+1iYjXfzF
nMJvY1fIszZpnXG+XeQ9xyz/XZn+cgVJrOs5L7H4K48+1t87zk1XC2lxsp2Uha93
+NKBbt16Ve6Cjnj9YLBPlefBeeFmRp3tEnR1eJT1I2Kxo+D6OrdwxMTVwZTg+dR7
+3EUEyqq9R29vvGcNVzm2MkPipwwxTRCUYFSQdxvvuBKfuEGbxPWCd+kSyAAt63X
5pJiJrqxHb3/RH3SigrzcvNjAJ3Y+zDmNNuSeL4YUZtAT8orMIdC9M/Mm4JlOr7P
5OJpVAPjOg1lKwLHiI0okut0jrkU3Pk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:19 2025 by rpki-client