Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/H0q9KpQtVwaoUTExdb9RODoks20.roa
File: H0q9KpQtVwaoUTExdb9RODoks20.roa (raw, json)
Hash identifier: lxV6DMZIXipR+wgjhcKzwERirzPdQy3GHOJXo3+SCWM=
Subject key identifier: 1F:4A:BD:2A:94:2D:57:06:A8:51:31:31:75:BF:51:38:3A:24:B3:6D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0190FB160EAEBD42EF9FDAA90675A01575D8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/H0q9KpQtVwaoUTExdb9RODoks20.roa
Signing time: Sun 28 Jul 2024 20:44:04 +0000
ROA not before: Sun 28 Jul 2024 20:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12541
IP address blocks: 45.10.104.0/22 maxlen: 22
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.42.71.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
89.45.209.0/24 maxlen: 24
91.132.31.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 20:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fb:16:0e:ae:bd:42:ef:9f:da:a9:06:75:a0:15:75:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 28 20:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f4abd2a942d5706a851313175bf51383a24b36d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b6:17:33:24:f3:44:6b:c9:81:e0:4a:97:c0:
ed:8b:3a:8d:81:f9:c1:1f:43:ff:ec:ab:f9:b2:19:
97:8b:92:9f:b6:71:6b:1a:38:70:03:8c:ae:37:2f:
fd:9b:e4:11:1c:b8:13:f8:6d:cf:b0:f7:f6:ae:5f:
fd:38:6e:37:4a:3a:f7:c5:ff:58:28:d3:d7:05:e0:
99:72:1e:85:8b:16:a9:f5:3f:ea:6c:3d:ec:9c:b5:
4f:b9:38:e5:7c:21:83:0f:60:5c:d5:17:9a:d4:88:
34:cd:d0:d4:bb:80:70:58:1b:7e:08:f7:7e:9d:ea:
e3:46:82:3c:2d:93:31:91:e8:18:5c:e0:9b:af:45:
24:4b:6b:ab:f1:5f:37:11:39:76:c4:a7:2b:6d:be:
af:74:29:21:93:ce:df:fe:5b:88:77:d0:bc:ea:e6:
fb:ce:7b:d7:27:04:64:63:cf:37:af:d8:98:37:da:
cc:16:74:de:e7:8c:8c:d3:a1:ee:6f:d0:ee:1b:cc:
40:5c:d5:1b:eb:c5:8a:0f:e2:ad:00:70:03:57:f9:
31:14:23:77:c2:88:f5:24:c1:a2:87:9c:d2:b3:c3:
7a:aa:4c:4b:08:15:2e:4a:af:11:5b:90:62:99:94:
85:bf:1b:53:c4:44:37:3d:df:18:a9:94:fa:7f:a3:
87:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4A:BD:2A:94:2D:57:06:A8:51:31:31:75:BF:51:38:3A:24:B3:6D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/H0q9KpQtVwaoUTExdb9RODoks20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.83.50.0/23
80.66.112.0/20
89.42.70.0/23
89.44.150.0/23
89.45.208.0/23
91.132.31.0/24
94.198.46.0/23
178.19.32.0/22
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.229.212.0/22
185.242.175.0/24
193.178.212.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
27:4e:4b:42:a9:92:6d:3d:3a:1a:18:ea:e5:81:ae:8c:ad:3c:
a6:d4:bb:c6:b2:b0:dc:33:97:38:62:5e:68:a8:ff:7b:12:f7:
1b:66:24:73:39:17:e2:7a:5f:fa:06:d0:a2:81:2f:f1:27:c9:
44:57:89:98:55:11:2b:5f:a8:01:43:0c:b7:18:4f:71:4f:2e:
8d:91:b0:68:1d:a8:0f:02:3a:e9:e7:62:24:be:b9:ad:04:c1:
25:ec:7b:20:ed:16:b7:55:29:3b:0b:42:02:0c:26:2d:b0:b6:
60:c7:fa:74:37:9c:a2:7d:8e:01:22:d4:22:39:a5:80:8f:3f:
0b:6b:21:56:d7:86:70:d2:87:da:3e:00:00:61:f0:a3:f8:42:
72:c2:21:2d:00:fd:cc:4d:35:9d:30:96:30:89:21:35:db:f5:
90:88:da:e9:13:a7:5d:1a:af:a8:9b:23:2e:b3:5c:84:3c:de:
e3:15:6a:8b:26:73:57:0c:47:0b:57:f5:af:fb:92:2e:28:fb:
2b:03:2e:05:a4:a8:79:76:9a:f8:14:e1:7e:2d:49:24:47:ca:
09:de:2f:d7:a9:49:87:b5:7f:20:57:c6:80:10:21:6a:52:77:
f2:a7:66:3b:21:24:18:4a:ec:dc:a0:d9:43:89:03:95:d4:18:
86:97:09:1c
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZD7Fg6uvULvn9qpBnWgFXXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNzI4MjA0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRhYmQyYTk0MmQ1NzA2YTg1MTMxMzE3NWJmNTEzODNhMjRiMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bYXMyTzRGvJgeBKl8DtizqNgfnB
H0P/7Kv5shmXi5KftnFrGjhwA4yuNy/9m+QRHLgT+G3PsPf2rl/9OG43Sjr3xf9Y
KNPXBeCZch6Fixap9T/qbD3snLVPuTjlfCGDD2Bc1Rea1Ig0zdDUu4BwWBt+CPd+
nerjRoI8LZMxkegYXOCbr0UkS2ur8V83ETl2xKcrbb6vdCkhk87f/luId9C86ub7
znvXJwRkY883r9iYN9rMFnTe54yM06Hub9DuG8xAXNUb68WKD+KtAHADV/kxFCN3
woj1JMGih5zSs8N6qkxLCBUuSq8RW5BimZSFvxtTxEQ3Pd8YqZT6f6OHMwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFB9KvSqULVcGqFExMXW/UTg6JLNtMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSDBxOUtwUXRWd2FvVVRFeGRiOVJPRG9rczIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAi0K
aAMEAS1TMgMEBFBCcAMEAVkqRgMEAVkslgMEAVkt0AMEAFuEHwMEAV7GLgMEArIT
IAMEArITLAMEALlHHDAMAwQAucsVAwQDucsQAwQCueXUAwQAufKvAwQAwbLUAwQA
wg+MAwQAwg+SAwQAwg+2AwQAwg/DMA0GCSqGSIb3DQEBCwUAA4IBAQAnTktCqZJt
PToaGOrlga6MrTym1LvGsrDcM5c4Yl5oqP97EvcbZiRzORfiel/6BtCigS/xJ8lE
V4mYVRErX6gBQwy3GE9xTy6NkbBoHagPAjrp52IkvrmtBMEl7Hsg7Ra3VSk7C0IC
DCYtsLZgx/p0N5yifY4BItQiOaWAjz8LayFW14Zw0ofaPgAAYfCj+EJywiEtAP3M
TTWdMJYwiSE12/WQiNrpE6ddGq+omyMus1yEPN7jFWqLJnNXDEcLV/Wv+5IuKPsr
Ay4FpKh5dpr4FOF+LUkkR8oJ3i/XqUmHtX8gV8aAECFqUnfyp2Y7ISQYSuzcoNlD
iQOV1BiGlwkc
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:36:57 2025 by rpki-client