Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/42MQGvCgjj5DzoV8jpdQ4PrksBI.roa
File: 42MQGvCgjj5DzoV8jpdQ4PrksBI.roa (raw, json)
Hash identifier: 3LdhiQR0ZQl0xe/mV3c/uqwalTEoEvIR2z9uEIIb6kQ=
Subject key identifier: E3:63:10:1A:F0:A0:8E:3E:43:CE:85:7C:8E:97:50:E0:FA:E4:B0:12
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01922EF126594424866A14B727EA8E48CB16
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/42MQGvCgjj5DzoV8jpdQ4PrksBI.roa
Signing time: Thu 26 Sep 2024 15:26:48 +0000
ROA not before: Thu 26 Sep 2024 15:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47690
IP address blocks: 45.43.144.0/24 maxlen: 24
45.43.145.0/24 maxlen: 24
45.43.146.0/24 maxlen: 24
45.43.148.0/24 maxlen: 24
45.43.149.0/24 maxlen: 24
45.43.150.0/24 maxlen: 24
45.43.151.0/24 maxlen: 24
45.43.154.0/24 maxlen: 24
45.43.155.0/24 maxlen: 24
45.43.156.0/24 maxlen: 24
45.43.157.0/24 maxlen: 24
45.43.158.0/24 maxlen: 24
45.43.159.0/24 maxlen: 24
45.43.160.0/24 maxlen: 24
45.43.161.0/24 maxlen: 24
45.43.162.0/24 maxlen: 24
64.137.16.0/24 maxlen: 24
104.222.176.0/24 maxlen: 24
104.222.177.0/24 maxlen: 24
104.222.178.0/24 maxlen: 24
104.222.179.0/24 maxlen: 24
104.222.180.0/24 maxlen: 24
104.222.181.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
104.222.183.0/24 maxlen: 24
104.222.189.0/24 maxlen: 24
104.233.8.0/24 maxlen: 24
104.233.9.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.6.0/24 maxlen: 24
104.238.11.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.8.0/24 maxlen: 24
104.239.12.0/24 maxlen: 24
104.239.14.0/24 maxlen: 24
104.239.29.0/24 maxlen: 24
104.239.54.0/24 maxlen: 24
104.239.55.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.239.57.0/24 maxlen: 24
104.239.58.0/24 maxlen: 24
104.239.59.0/24 maxlen: 24
104.239.60.0/24 maxlen: 24
104.239.61.0/24 maxlen: 24
104.239.62.0/24 maxlen: 24
104.239.63.0/24 maxlen: 24
104.239.64.0/24 maxlen: 24
104.239.65.0/24 maxlen: 24
104.249.8.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.10.0/24 maxlen: 24
104.249.11.0/24 maxlen: 24
104.249.12.0/24 maxlen: 24
104.249.13.0/24 maxlen: 24
104.249.14.0/24 maxlen: 24
104.249.15.0/24 maxlen: 24
104.249.16.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.18.0/24 maxlen: 24
104.249.19.0/24 maxlen: 24
104.249.20.0/24 maxlen: 24
104.249.21.0/24 maxlen: 24
104.249.22.0/24 maxlen: 24
104.249.23.0/24 maxlen: 24
104.249.42.0/24 maxlen: 24
104.249.43.0/24 maxlen: 24
104.249.44.0/24 maxlen: 24
104.249.45.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.90.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
216.173.92.0/24 maxlen: 24
216.173.93.0/24 maxlen: 24
216.173.94.0/24 maxlen: 24
216.173.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 11:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:f1:26:59:44:24:86:6a:14:b7:27:ea:8e:48:cb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Sep 26 15:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e363101af0a08e3e43ce857c8e9750e0fae4b012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9e:de:f8:cf:fe:8d:b1:60:33:33:13:dc:68:
0d:24:fb:64:2a:70:96:31:70:cf:41:2a:90:15:5c:
54:7f:5a:2d:28:a4:77:16:4a:44:3a:cf:59:f5:86:
41:a2:e0:24:6e:ac:c3:7f:cd:07:3c:34:55:89:b6:
f0:f9:7f:29:b6:2d:d1:c4:88:cd:7d:fa:f7:34:a8:
9c:ce:20:1f:08:f9:64:b7:ab:35:23:c8:56:6d:8a:
ca:d2:5c:b8:e7:7c:cf:6b:cc:b7:da:53:51:f6:53:
5d:cf:11:8a:36:7c:c4:a6:97:88:14:e0:26:65:d9:
aa:11:d9:76:e7:60:01:8c:c4:cc:d3:50:e5:07:7b:
92:7f:e3:25:75:44:0c:1d:5b:8b:0f:a6:f1:6e:d0:
9c:46:21:9c:f5:e0:01:d1:1d:af:95:5a:47:61:00:
87:d3:a5:cb:1b:d2:28:89:55:ab:c6:07:ed:f3:f5:
9a:94:b9:b4:c4:0c:cf:2d:0c:39:a8:a9:31:0b:90:
f9:d3:cc:02:4a:07:03:8b:e2:bb:06:80:59:3b:d1:
1a:f0:69:0c:e7:0f:7d:1e:81:c3:55:9d:16:43:67:
9a:c2:4c:3a:6a:dd:ea:ec:3a:bb:a8:39:49:21:7b:
e1:bf:12:da:62:1f:eb:f6:e0:dd:d1:04:cf:db:69:
2d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:63:10:1A:F0:A0:8E:3E:43:CE:85:7C:8E:97:50:E0:FA:E4:B0:12
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/42MQGvCgjj5DzoV8jpdQ4PrksBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.144.0-45.43.146.255
45.43.148.0/22
45.43.154.0-45.43.162.255
64.137.16.0/24
104.222.176.0/21
104.222.189.0/24
104.233.8.0/23
104.233.59.0/24
104.238.6.0/24
104.238.11.0-104.238.13.255
104.239.8.0/24
104.239.12.0/24
104.239.14.0/24
104.239.29.0/24
104.239.54.0-104.239.65.255
104.249.8.0-104.249.23.255
104.249.42.0-104.249.54.255
216.173.90.0-216.173.95.255
Signature Algorithm: sha256WithRSAEncryption
32:15:2b:7b:ab:d8:e8:b0:ff:bc:1a:1e:09:3b:a2:2a:e7:f3:
cf:3b:b1:d9:be:1b:a3:39:34:54:9d:ef:21:5b:30:83:53:31:
ba:2d:e0:5a:ca:ea:c7:29:09:e5:45:78:e0:49:84:16:67:58:
3c:17:6b:dc:75:cc:f6:8d:b0:b0:a8:86:4f:3f:a6:fa:18:4d:
b7:ad:a7:80:3f:c6:40:a9:91:e3:bf:85:2a:c2:77:a6:36:cd:
f8:fd:e2:d3:85:e7:07:87:37:4c:62:0d:52:f4:bd:5b:13:82:
52:76:f6:d6:45:88:85:4e:93:08:42:52:f0:72:e2:75:e9:32:
2b:5a:f5:fe:5c:5d:6e:24:d3:9c:66:d3:38:0f:57:bc:d4:41:
99:1b:83:b0:87:6c:45:c2:71:32:a8:9a:89:eb:bd:81:69:27:
e5:96:fa:30:28:f1:64:35:71:76:19:bc:67:e3:9f:79:1f:56:
6e:31:2d:b9:4d:be:4e:8c:3a:c2:18:4f:37:03:12:d3:55:b1:
7a:61:5d:4d:df:17:98:b6:6e:74:5d:dc:73:d1:53:e7:5f:49:
df:d1:1e:6a:2c:48:11:16:b1:46:7d:61:b5:bc:3f:3b:73:3c:
38:e2:a1:b7:13:b8:d5:70:d8:03:7c:a0:19:8d:af:9a:1a:47:
c4:c4:74:cb
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZIu8SZZRCSGahS3J+qOSMsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwOTI2MTUyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzYzMTAxYWYwYTA4ZTNlNDNjZTg1N2M4ZTk3NTBlMGZhZTRiMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ7e+M/+jbFgMzMT3GgNJPtkKnCW
MXDPQSqQFVxUf1otKKR3FkpEOs9Z9YZBouAkbqzDf80HPDRVibbw+X8pti3RxIjN
ffr3NKicziAfCPlkt6s1I8hWbYrK0ly453zPa8y32lNR9lNdzxGKNnzEppeIFOAm
ZdmqEdl252ABjMTM01DlB3uSf+MldUQMHVuLD6bxbtCcRiGc9eAB0R2vlVpHYQCH
06XLG9IoiVWrxgft8/WalLm0xAzPLQw5qKkxC5D508wCSgcDi+K7BoBZO9Ea8GkM
5w99HoHDVZ0WQ2eawkw6at3q7Dq7qDlJIXvhvxLaYh/r9uDd0QTP22ktCQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFONjEBrwoI4+Q86FfI6XUOD65LASMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNDJNUUd2Q2dqajVEem9WOGpwZFE0UHJrc0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQwDAME
BC0rkAMEAC0rkgMEAi0rlDAMAwQBLSuaAwQALSuiAwQAQIkQAwQDaN6wAwQAaN69
AwQBaOkIAwQAaOk7AwQAaO4GMAwDBABo7gsDBAFo7gwDBABo7wgDBABo7wwDBABo
7w4DBABo7x0wDAMEAWjvNgMEAWjvQDAMAwQDaPkIAwQDaPkQMAwDBAFo+SoDBABo
+TYwDAMEAditWgMEBditQDANBgkqhkiG9w0BAQsFAAOCAQEAMhUre6vY6LD/vBoe
CTuiKufzzzux2b4bozk0VJ3vIVswg1Mxui3gWsrqxykJ5UV44EmEFmdYPBdr3HXM
9o2wsKiGTz+m+hhNt62ngD/GQKmR47+FKsJ3pjbN+P3i04XnB4c3TGINUvS9WxOC
Unb21kWIhU6TCEJS8HLidekyK1r1/lxdbiTTnGbTOA9XvNRBmRuDsIdsRcJxMqia
ieu9gWkn5Zb6MCjxZDVxdhm8Z+OfeR9WbjEtuU2+Tow6whhPNwMS01WxemFdTd8X
mLZudF3cc9FT519J39EeaixIERaxRn1htbw/O3M8OOKhtxO41XDYA3ygGY2vmhpH
xMR0yw==
-----END CERTIFICATE-----
Generated at Wed Oct 2 15:13:49 2024 by rpki-client on console-fra.rpki-client.org