Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/P9yoWlPIYXzr8vQDeb3s6UibIms.roa
File: P9yoWlPIYXzr8vQDeb3s6UibIms.roa (raw, json)
Hash identifier: jQi5TPNrM69hsaWPuHoE2U0yVVr+tUFrlFl4gvXVDWI=
Subject key identifier: 3F:DC:A8:5A:53:C8:61:7C:EB:F2:F4:03:79:BD:EC:E9:48:9B:22:6B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019169AA6F833BC4E728910B1666864BC578
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/P9yoWlPIYXzr8vQDeb3s6UibIms.roa
Signing time: Mon 19 Aug 2024 08:04:22 +0000
ROA not before: Mon 19 Aug 2024 08:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12541
IP address blocks: 45.10.104.0/22 maxlen: 22
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.42.71.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
89.45.209.0/24 maxlen: 24
91.132.31.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 08:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:aa:6f:83:3b:c4:e7:28:91:0b:16:66:86:4b:c5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Aug 19 08:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fdca85a53c8617cebf2f40379bdece9489b226b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:a8:29:32:f2:e3:3c:46:aa:53:83:a3:6f:
ad:81:76:58:c8:e9:ec:38:ca:28:01:2b:47:83:56:
dc:f0:68:99:86:b0:59:2b:a3:8b:21:0b:ba:8f:d4:
df:bc:b3:97:a2:68:05:ff:ca:2f:2c:78:b9:2e:53:
e6:1e:39:17:be:99:71:30:88:03:b1:3b:40:ca:44:
b0:e0:3d:08:a5:3d:68:44:42:bc:b4:69:d9:20:e0:
2d:39:e7:9d:5b:0b:e7:89:52:37:59:64:6e:23:2a:
3f:3c:c6:15:ae:d9:0f:92:7c:3c:5b:cf:85:d1:b5:
63:f2:cf:e8:85:d0:0e:30:9c:c8:3c:97:0b:a5:b0:
3d:56:1d:38:4e:bf:ad:f4:9a:05:e3:6f:1a:ff:a2:
f7:9e:7c:2c:00:28:61:2e:1e:9d:9c:96:70:fc:89:
d7:ae:41:b9:42:40:1b:3d:cf:84:81:34:1c:63:f8:
ff:f8:51:73:fa:bb:ab:e3:dd:ae:cc:37:f8:f8:14:
56:d8:67:a1:b5:eb:8e:59:32:84:2a:07:3e:e7:64:
7d:9f:7f:ae:a8:50:16:95:c9:9d:ab:99:e4:49:c0:
3e:d5:f8:13:e7:d4:36:87:e0:3a:2e:1f:45:56:91:
36:07:07:08:a7:8f:34:92:0c:7e:ce:9b:c2:55:5a:
7a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DC:A8:5A:53:C8:61:7C:EB:F2:F4:03:79:BD:EC:E9:48:9B:22:6B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/P9yoWlPIYXzr8vQDeb3s6UibIms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.83.50.0/23
80.66.112.0/20
89.42.70.0/23
89.44.150.0/23
89.45.208.0/23
91.132.31.0/24
94.198.46.0/23
178.19.33.0-178.19.35.255
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.229.212.0/22
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ec:54:48:43:74:c6:5a:3a:e6:d2:ef:cf:bf:76:ee:fa:36:
07:ad:0f:27:6f:60:00:ec:da:bf:01:0c:ad:78:2a:11:0e:c4:
c2:a9:07:68:8f:3f:c7:46:76:eb:b3:ae:33:d1:a7:be:ee:2a:
ca:a8:89:74:9e:10:fb:45:41:83:cb:b0:8e:f7:3a:8e:5e:80:
ce:62:d6:05:7d:61:50:cf:be:aa:28:aa:04:70:29:81:ee:5a:
08:d1:d5:85:d6:38:f2:8b:49:b5:1d:d8:ed:fd:67:85:35:2f:
f1:ab:9e:4c:c6:40:1c:de:55:35:50:c7:8f:e8:b9:5d:bd:90:
53:6e:e7:f6:5a:3a:a2:3b:29:fe:cd:6c:62:01:20:06:91:23:
02:f7:3a:6d:38:46:ec:ab:f0:83:ff:7e:04:77:b9:8f:b6:08:
67:f5:6e:dc:6a:4e:50:ff:17:1c:25:91:d4:42:e0:8b:58:8f:
4a:c8:ca:1c:cb:75:01:bf:84:b8:1d:b9:af:6c:9e:0c:49:26:
3c:35:43:11:dc:2c:2b:3e:51:7e:69:fc:74:78:a5:a6:f8:e7:
c1:3f:26:c3:5f:24:ec:56:be:31:e4:00:8a:53:e0:5b:74:1c:
a4:90:84:2d:88:1b:b5:17:69:1c:09:48:c8:3b:e4:e6:79:d0:
21:cf:e3:23
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZFpqm+DO8TnKJELFmaGS8V4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwODE5MDgwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRjYTg1YTUzYzg2MTdjZWJmMmY0MDM3OWJkZWNlOTQ4OWIyMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJuoKTLy4zxGqlODo2+tgXZYyOns
OMooAStHg1bc8GiZhrBZK6OLIQu6j9TfvLOXomgF/8ovLHi5LlPmHjkXvplxMIgD
sTtAykSw4D0IpT1oREK8tGnZIOAtOeedWwvniVI3WWRuIyo/PMYVrtkPknw8W8+F
0bVj8s/ohdAOMJzIPJcLpbA9Vh04Tr+t9JoF428a/6L3nnwsAChhLh6dnJZw/InX
rkG5QkAbPc+EgTQcY/j/+FFz+rur492uzDf4+BRW2GehteuOWTKEKgc+52R9n3+u
qFAWlcmdq5nkScA+1fgT59Q2h+A6Lh9FVpE2BwcIp480kgx+zpvCVVp6DQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFD/cqFpTyGF86/L0A3m97OlImyJrMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUDl5b1dsUElZWHpyOHZRRGViM3M2VWliSW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
CmgDBAEtUzIDBARQQnADBAFZKkYDBAFZLJYDBAFZLdADBABbhB8DBAFexi4wDAME
ALITIQMEArITIAMEArITLAMEALlHHDAMAwQAucsVAwQDucsQAwQCueXUAwQAufKv
AwQAwbLUAwQAwbLaAwQAwboBAwQAwboLAwQAwg+MAwQAwg+SAwQAwg+2AwQAwg/D
MA0GCSqGSIb3DQEBCwUAA4IBAQA+7FRIQ3TGWjrm0u/Pv3bu+jYHrQ8nb2AA7Nq/
AQyteCoRDsTCqQdojz/HRnbrs64z0ae+7irKqIl0nhD7RUGDy7CO9zqOXoDOYtYF
fWFQz76qKKoEcCmB7loI0dWF1jjyi0m1Hdjt/WeFNS/xq55MxkAc3lU1UMeP6Lld
vZBTbuf2WjqiOyn+zWxiASAGkSMC9zptOEbsq/CD/34Ed7mPtghn9W7cak5Q/xcc
JZHUQuCLWI9KyMocy3UBv4S4HbmvbJ4MSSY8NUMR3CwrPlF+afx0eKWm+OfBPybD
XyTsVr4x5ACKU+BbdBykkIQtiBu1F2kcCUjIO+TmedAhz+Mj
-----END CERTIFICATE-----
Generated at Tue Sep 10 10:50:59 2024 by rpki-client on console-ams.rpki-client.org