Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/_Z8tu50ve8yUiL6rAWtNVOYB1bM.roa
File: _Z8tu50ve8yUiL6rAWtNVOYB1bM.roa (raw, json)
Hash identifier: NhEEvSN+YmvL7tM+rd5wzjdfBymqKt36c70tqRslQQU=
Subject key identifier: FD:9F:2D:BB:9D:2F:7B:CC:94:88:BE:AB:01:6B:4D:54:E6:01:D5:B3
Certificate issuer: /CN=48171672d53fdf8b2537764f537e365a5927bdaf
Certificate serial: 018F0B31421A58E2B84126A8401F213FD6BA
Authority key identifier: 48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/_Z8tu50ve8yUiL6rAWtNVOYB1bM.roa
Signing time: Tue 23 Apr 2024 13:42:08 +0000
ROA not before: Tue 23 Apr 2024 13:42:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21056
IP address blocks: 45.84.140.0/22 maxlen: 32
45.143.36.0/22 maxlen: 32
45.151.12.0/22 maxlen: 32
45.151.64.0/22 maxlen: 32
46.44.192.0/18 maxlen: 32
78.152.96.0/19 maxlen: 32
79.135.32.0/19 maxlen: 32
80.93.128.0/20 maxlen: 32
87.247.232.0/21 maxlen: 32
91.143.192.0/20 maxlen: 32
94.138.160.0/19 maxlen: 32
103.26.124.0/22 maxlen: 22
103.43.232.0/22 maxlen: 22
103.61.184.0/22 maxlen: 22
103.248.184.0/22 maxlen: 22
103.248.186.0/24 maxlen: 24
144.48.192.0/22 maxlen: 32
185.125.64.0/22 maxlen: 22
185.158.116.0/22 maxlen: 32
185.170.36.0/22 maxlen: 32
185.224.60.0/22 maxlen: 32
185.224.104.0/22 maxlen: 32
185.230.92.0/22 maxlen: 32
185.230.192.0/22 maxlen: 32
185.230.232.0/22 maxlen: 32
185.231.160.0/22 maxlen: 32
185.234.164.0/22 maxlen: 32
185.241.20.0/22 maxlen: 32
188.240.32.0/22 maxlen: 22
193.124.240.0/22 maxlen: 22
194.58.216.0/22 maxlen: 22
213.182.64.0/19 maxlen: 32
2a00:14f8::/32 maxlen: 64
Validation: Failed, certificate revoked on Thu 30 May 2024 10:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0b:31:42:1a:58:e2:b8:41:26:a8:40:1f:21:3f:d6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48171672d53fdf8b2537764f537e365a5927bdaf
Validity
Not Before: Apr 23 13:42:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd9f2dbb9d2f7bcc9488beab016b4d54e601d5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b3:fc:f6:07:87:09:2c:3c:ef:b4:da:3a:58:
f3:85:fa:6f:a4:ba:43:4f:09:50:42:3b:9e:5c:0f:
c6:39:ae:3e:1e:0c:a7:4b:e5:c6:6e:54:4d:cc:76:
a6:70:d9:5f:9c:81:98:e0:20:ba:c3:dc:f5:52:f8:
0b:15:1a:23:30:58:39:01:53:af:7d:67:11:e8:5b:
26:d3:3c:aa:6c:2b:c4:94:c2:66:fe:c1:ec:56:21:
05:d9:5e:04:13:d0:e1:6c:84:7a:35:8c:65:d8:34:
7d:3a:95:29:d3:5e:0b:f7:e4:22:3a:c8:80:be:9a:
21:57:de:4d:9f:f9:64:06:a2:d6:f6:c4:a5:49:0a:
f0:e5:0e:84:43:da:4d:8a:ea:b8:6c:fc:f5:b5:6e:
68:a1:c5:ef:fe:0d:0c:c0:61:5b:a6:48:64:66:84:
90:84:34:25:4d:31:91:7f:f1:b7:1f:fd:6b:e0:4d:
0e:9a:8e:42:4e:15:96:b1:e0:a9:ab:71:39:22:9a:
83:bc:6a:38:01:e1:04:d1:e0:fd:ee:79:d9:4b:19:
e5:6c:63:54:8a:3d:80:8b:ff:7b:11:28:9a:bb:69:
fd:5c:8e:3f:b7:f1:21:95:bf:fa:c1:f1:43:27:8c:
ff:ed:20:5e:ad:80:5f:f9:fc:d7:29:92:b7:0d:eb:
39:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9F:2D:BB:9D:2F:7B:CC:94:88:BE:AB:01:6B:4D:54:E6:01:D5:B3
X509v3 Authority Key Identifier:
keyid:48:17:16:72:D5:3F:DF:8B:25:37:76:4F:53:7E:36:5A:59:27:BD:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBcWctU_34slN3ZPU342Wlknva8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/_Z8tu50ve8yUiL6rAWtNVOYB1bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/55e138-56da-4492-a1f2-db04f21390a0/1/SBcWctU_34slN3ZPU342Wlknva8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.140.0/22
45.143.36.0/22
45.151.12.0/22
45.151.64.0/22
46.44.192.0/18
78.152.96.0/19
79.135.32.0/19
80.93.128.0/20
87.247.232.0/21
91.143.192.0/20
94.138.160.0/19
103.26.124.0/22
103.43.232.0/22
103.61.184.0/22
103.248.184.0/22
144.48.192.0/22
185.125.64.0/22
185.158.116.0/22
185.170.36.0/22
185.224.60.0/22
185.224.104.0/22
185.230.92.0/22
185.230.192.0/22
185.230.232.0/22
185.231.160.0/22
185.234.164.0/22
185.241.20.0/22
188.240.32.0/22
193.124.240.0/22
194.58.216.0/22
213.182.64.0/19
IPv6:
2a00:14f8::/32
Signature Algorithm: sha256WithRSAEncryption
56:bf:22:73:cc:77:4c:95:04:4c:4c:44:15:7c:20:32:ef:30:
4e:c3:6a:07:f5:87:b6:58:7b:4f:11:76:73:ca:a4:5a:26:ed:
85:40:95:f8:b0:b3:06:0b:29:95:77:c0:ff:a6:58:d2:30:17:
19:a8:75:bc:3d:f7:f7:cb:b8:c9:95:9a:c3:c2:86:d0:c5:0c:
6a:d1:fa:c6:8c:74:ca:e2:59:cf:69:8e:b5:cf:05:08:f0:73:
5c:01:e5:7b:75:20:8a:7f:84:da:15:a4:f5:3b:22:82:a4:f3:
bb:15:8e:f8:0c:fb:9b:94:ba:fd:0c:1b:04:3f:eb:3e:8d:e7:
3a:2b:42:8b:2c:64:13:89:c7:e4:d0:2a:03:40:57:02:7b:3d:
d1:b2:1b:e5:13:1a:f3:e5:d7:cb:75:ff:88:8c:9f:81:7f:b7:
17:29:81:13:e4:b3:b2:e9:49:ce:b1:72:71:a6:f3:11:78:d8:
6f:05:fb:d9:59:2d:e3:23:56:98:8a:c0:c3:9f:0c:6d:d5:91:
68:89:15:2b:2f:63:be:5c:29:21:11:a9:70:80:16:8b:4d:1e:
ce:0e:b2:14:48:9f:90:2a:d9:cd:8f:83:66:7b:84:9d:2d:06:
fe:e1:04:bc:37:99:fe:63:57:cd:ba:ab:94:fd:4a:96:4b:0f:
18:a3:5d:7b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAY8LMUIaWOK4QSaoQB8hP9a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTcxNjcyZDUzZmRmOGIyNTM3NzY0ZjUzN2UzNjVhNTky
N2JkYWYwHhcNMjQwNDIzMTM0MjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDlmMmRiYjlkMmY3YmNjOTQ4OGJlYWIwMTZiNGQ1NGU2MDFkNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7P89geHCSw877TaOljzhfpvpLpD
TwlQQjueXA/GOa4+HgynS+XGblRNzHamcNlfnIGY4CC6w9z1UvgLFRojMFg5AVOv
fWcR6Fsm0zyqbCvElMJm/sHsViEF2V4EE9DhbIR6NYxl2DR9OpUp014L9+QiOsiA
vpohV95Nn/lkBqLW9sSlSQrw5Q6EQ9pNiuq4bPz1tW5oocXv/g0MwGFbpkhkZoSQ
hDQlTTGRf/G3H/1r4E0Omo5CThWWseCpq3E5IpqDvGo4AeEE0eD97nnZSxnlbGNU
ij2Ai/97ESiau2n9XI4/t/Ehlb/6wfFDJ4z/7SBerYBf+fzXKZK3Des5LwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFP2fLbudL3vMlIi+qwFrTVTmAdWzMB8GA1UdIwQY
MBaAFEgXFnLVP9+LJTd2T1N+NlpZJ72vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjIt
ZGIwNGYyMTM5MGEwLzEvX1o4dHU1MHZlOHlVaUw2ckFXdE5WT1lCMWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81NWUxMzgtNTZkYS00NDkyLWExZjItZGIwNGYyMTM5MGEw
LzEvU0JjV2N0VV8zNHNsTjNaUFUzNDJXbGtudmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBwQQCAAEwgboDBAIt
VIwDBAItjyQDBAItlwwDBAItl0ADBAYuLMADBAVOmGADBAVPhyADBARQXYADBANX
9+gDBARbj8ADBAVeiqADBAJnGnwDBAJnK+gDBAJnPbgDBAJn+LgDBAKQMMADBAK5
fUADBAK5nnQDBAK5qiQDBAK54DwDBAK54GgDBAK55lwDBAK55sADBAK55ugDBAK5
56ADBAK56qQDBAK58RQDBAK88CADBALBfPADBALCOtgDBAXVtkAwDQQCAAIwBwMF
ACoAFPgwDQYJKoZIhvcNAQELBQADggEBAFa/InPMd0yVBExMRBV8IDLvME7Dagf1
h7ZYe08RdnPKpFom7YVAlfiwswYLKZV3wP+mWNIwFxmodbw99/fLuMmVmsPChtDF
DGrR+saMdMriWc9pjrXPBQjwc1wB5Xt1IIp/hNoVpPU7IoKk87sVjvgM+5uUuv0M
GwQ/6z6N5zorQossZBOJx+TQKgNAVwJ7PdGyG+UTGvPl18t1/4iMn4F/txcpgRPk
s7LpSc6xcnGm8xF42G8F+9lZLeMjVpiKwMOfDG3VkWiJFSsvY75cKSERqXCAFotN
Hs4OshRIn5Aq2c2Pg2Z7hJ0tBv7hBLw3mf5jV826q5T9SpZLDxijXXs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:00:56 2025 by rpki-client