Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/IK4CY4XTDhhoArKOPkT3L5JLZLs.roa
File: IK4CY4XTDhhoArKOPkT3L5JLZLs.roa (raw, json)
Hash identifier: 9bsNwmWFFRdoHAuoNL3e7x8XcFJIv91wmX6gwhwrWGY=
Subject key identifier: 20:AE:02:63:85:D3:0E:18:68:02:B2:8E:3E:44:F7:2F:92:4B:64:BB
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192D977C1A7F54E6386809ACF092D79017B
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/IK4CY4XTDhhoArKOPkT3L5JLZLs.roa
Signing time: Tue 29 Oct 2024 18:09:17 +0000
ROA not before: Tue 29 Oct 2024 18:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
45.137.212.0/24 maxlen: 24
45.137.213.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
82.117.242.0/23 maxlen: 23
89.187.73.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
185.109.48.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:3::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c1:151::/48 maxlen: 48
2a02:c6c1:152::/48 maxlen: 48
2a02:c6c1:153::/48 maxlen: 48
2a02:c6c1:154::/48 maxlen: 48
2a02:c6c1:155::/48 maxlen: 48
2a02:c6c1:156::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
2a02:c6c7::/32 maxlen: 32
2a0c:6740::/29 maxlen: 29
2a0c:6741::/32 maxlen: 32
2a0e:92c0::/29 maxlen: 29
2a0e:9a40::/29 maxlen: 29
2a0e:a7c0::/29 maxlen: 29
2a0f:4b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 15 Nov 2024 11:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:77:c1:a7:f5:4e:63:86:80:9a:cf:09:2d:79:01:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 29 18:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ae026385d30e186802b28e3e44f72f924b64bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:4e:3e:f3:89:60:e0:6d:74:75:54:c3:4e:
67:6a:21:f3:4e:15:bb:de:89:c3:62:97:40:cc:92:
e3:b8:1a:8a:df:9a:c3:87:09:81:45:38:ff:cc:cf:
68:fb:63:e1:4c:14:ed:6e:09:5e:c4:5c:9c:93:a8:
b2:1d:83:68:8f:fb:1b:1b:82:96:2c:9e:67:35:58:
9f:27:0c:be:4c:bb:c2:ff:ab:31:49:39:2c:fb:e5:
b9:e3:97:b7:32:eb:72:e7:98:37:4b:1c:92:6f:fb:
e4:a8:ed:5b:16:32:50:a3:ba:33:b6:05:dc:e4:b5:
7b:33:7c:f0:5b:0b:99:b8:09:b0:55:0c:a2:05:f7:
43:2b:c4:b5:78:f0:17:28:94:20:07:00:fb:b3:ac:
05:79:19:97:f9:6f:87:eb:77:65:b4:88:4c:7d:d5:
77:89:1d:05:63:5a:a6:a7:03:8c:81:0c:35:63:7b:
42:8a:45:0f:78:96:e7:68:42:e2:2a:ce:dd:0d:36:
ec:3f:6d:b5:04:6f:c9:1d:35:27:b0:f5:ae:d1:9c:
21:4e:cf:86:78:2f:9b:38:0d:f6:45:61:b0:62:3e:
84:b1:12:32:1f:dd:bd:df:12:cf:ed:90:dd:08:c1:
6c:c5:f4:80:f6:19:87:b1:33:23:f3:59:40:96:b8:
92:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AE:02:63:85:D3:0E:18:68:02:B2:8E:3E:44:F7:2F:92:4B:64:BB
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/IK4CY4XTDhhoArKOPkT3L5JLZLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
45.137.212.0/23
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
82.117.242.0/23
89.187.73.0/24
176.97.79.0/24
176.98.40.0/24
185.109.48.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
IPv6:
2a02:c6c1:2::/47
2a02:c6c1:10::/48
2a02:c6c1:151::-2a02:c6c1:156:ffff:ffff:ffff:ffff:ffff
2a02:c6c2::/31
2a02:c6c7::/32
2a0c:6740::/29
2a0e:92c0::/29
2a0e:9a40::/29
2a0e:a7c0::/29
2a0f:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
28:a0:88:ab:38:61:7b:51:3d:95:b7:bf:0f:28:6b:f1:fc:15:
56:f9:e4:32:8c:93:97:ad:15:3e:bf:f5:18:29:30:93:8e:74:
1f:b9:c3:0a:6f:a4:6c:a3:07:4b:f1:9b:5d:a6:fd:ea:10:6c:
1a:64:6d:04:f6:cc:48:14:42:cf:91:96:57:20:9f:e2:d1:68:
4c:55:56:27:8d:3b:0d:c0:a2:50:b8:87:9f:ce:0f:39:fa:41:
ff:cc:c4:e0:c0:c1:2f:6d:27:1c:0a:18:8e:a2:a4:c2:81:82:
3c:9d:e6:8c:b4:29:dc:37:d6:c0:aa:05:8e:c2:46:47:bd:95:
20:1c:04:ba:ed:f8:39:e3:0e:da:c5:5d:0b:11:d4:78:8a:c2:
b9:20:7c:c8:f2:79:49:89:a4:8f:b4:20:f4:ae:48:a5:20:46:
1c:87:4b:c8:dc:c2:3c:60:1f:f0:13:9e:25:23:8e:c6:13:4f:
64:8a:76:b4:54:08:e7:b6:3f:5e:fe:1a:e1:9c:48:dd:f6:0a:
92:bb:49:d4:3c:50:da:87:21:7c:0b:37:96:54:09:42:ad:11:
21:48:7e:bc:95:bd:ae:4a:cd:f7:21:e9:25:f5:6c:44:50:ee:
1f:e9:9a:66:73:ba:52:67:46:f0:70:01:9b:8a:74:0f:a0:a6:
6f:11:78:b0
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZLZd8Gn9U5jhoCazwkteQF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDI5MTgwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFlMDI2Mzg1ZDMwZTE4NjgwMmIyOGUzZTQ0ZjcyZjkyNGI2NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK9OPvOJYOBtdHVUw05naiHzThW7
3onDYpdAzJLjuBqK35rDhwmBRTj/zM9o+2PhTBTtbglexFyck6iyHYNoj/sbG4KW
LJ5nNVifJwy+TLvC/6sxSTks++W545e3Muty55g3SxySb/vkqO1bFjJQo7oztgXc
5LV7M3zwWwuZuAmwVQyiBfdDK8S1ePAXKJQgBwD7s6wFeRmX+W+H63dltIhMfdV3
iR0FY1qmpwOMgQw1Y3tCikUPeJbnaELiKs7dDTbsP221BG/JHTUnsPWu0ZwhTs+G
eC+bOA32RWGwYj6EsRIyH9293xLP7ZDdCMFsxfSA9hmHsTMj81lAlriSbwIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFCCuAmOF0w4YaAKyjj5E9y+SS2S7MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvSUs0Q1k0WFREaGhvQXJLT1BrVDNMNUpMWkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCBqwQCAAEwgaQD
BAQFLUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQA
JfwDMAwDBAAl/A0DBAQl/AADBAItiDADBAEtidQDBAAuZmoDBAA+xS0DBAE+xTAD
BAFSdfIDBABZu0kDBACwYU8DBACwYigDBAC5bTADBAK57qgDBAC8dBUwDAMEALx0
FwMEArx0GAMEAcM2rgMEAdWOkjBdBAIAAjBXAwcBKgLGwQACAwcAKgLGwQAQMBID
BwAqAsbBAVEDBwAqAsbBAVYDBQEqAsbCAwUAKgLGxwMFAyoMZ0ADBQMqDpLAAwUD
Kg6aQAMFAyoOp8ADBQMqD0tAMA0GCSqGSIb3DQEBCwUAA4IBAQAooIirOGF7UT2V
t78PKGvx/BVW+eQyjJOXrRU+v/UYKTCTjnQfucMKb6RsowdL8Ztdpv3qEGwaZG0E
9sxIFELPkZZXIJ/i0WhMVVYnjTsNwKJQuIefzg85+kH/zMTgwMEvbSccChiOoqTC
gYI8neaMtCncN9bAqgWOwkZHvZUgHAS67fg54w7axV0LEdR4isK5IHzI8nlJiaSP
tCD0rkilIEYch0vI3MI8YB/wE54lI47GE09kina0VAjntj9e/hrhnEjd9gqSu0nU
PFDahyF8CzeWVAlCrREhSH68lb2uSs33Iekl9WxEUO4f6Zpmc7pSZ0bwcAGbinQP
oKZvEXiw
-----END CERTIFICATE-----
Generated at Fri Nov 15 14:43:26 2024 by rpki-client on console-ams.rpki-client.org