Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0bflmglk2hZjnrBRrSyoLRpBneo.roa
File: 0bflmglk2hZjnrBRrSyoLRpBneo.roa (raw, json)
Hash identifier: a7vB16srFclkq3cENRwB1nVD3Xqarh1viFwcKkEMwzs=
Subject key identifier: D1:B7:E5:9A:09:64:DA:16:63:9E:B0:51:AD:2C:A8:2D:1A:41:9D:EA
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01936212F61B79D09D79339AD77B0B390C3F
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0bflmglk2hZjnrBRrSyoLRpBneo.roa
Signing time: Mon 25 Nov 2024 06:47:10 +0000
ROA not before: Mon 25 Nov 2024 06:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 45.8.112.0/24 maxlen: 24
45.8.113.0/24 maxlen: 24
45.8.114.0/24 maxlen: 24
45.8.222.0/24 maxlen: 32
45.11.44.0/22 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.89.232.0/22 maxlen: 32
45.94.40.0/22 maxlen: 32
45.128.208.0/22 maxlen: 32
45.129.8.0/22 maxlen: 24
45.134.168.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
88.218.192.0/22 maxlen: 32
91.200.240.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/22 maxlen: 24
176.113.68.0/22 maxlen: 32
176.119.148.0/22 maxlen: 24
176.126.114.0/24 maxlen: 24
185.184.223.0/24 maxlen: 24
185.200.64.0/22 maxlen: 24
185.207.152.0/22 maxlen: 32
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.104.152.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:1::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:4::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 07:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:12:f6:1b:79:d0:9d:79:33:9a:d7:7b:0b:39:0c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 25 06:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1b7e59a0964da16639eb051ad2ca82d1a419dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3e:63:92:d5:a7:f0:63:ce:c2:78:bd:87:37:
46:72:f3:eb:60:d7:6a:14:36:42:25:0c:e7:79:af:
74:17:2e:6c:ed:27:16:a8:44:4f:e1:67:96:8c:8e:
0f:74:8e:db:4f:03:67:5b:a4:8d:de:14:7d:8a:12:
c7:d7:54:ac:83:6a:fa:b9:c6:ac:30:2e:5b:c1:86:
62:1c:66:b6:ff:c0:08:7b:b9:6b:15:a3:76:ee:25:
5b:d1:61:e3:42:86:ae:10:c7:e3:19:5c:8a:8a:e7:
4f:2f:3e:4d:fd:c4:fe:08:58:c1:b7:53:93:38:cf:
b3:9b:c5:f8:cc:57:8a:e1:49:ea:5f:b2:61:54:5f:
c6:81:a4:d2:24:13:0f:9a:e8:4c:be:f5:55:4b:f0:
65:42:66:61:e1:48:54:bc:77:31:a8:0c:b3:11:81:
2d:de:41:3c:19:65:e4:b8:9d:59:d7:97:56:61:8b:
d2:42:06:f8:e7:2e:f1:43:dc:a7:41:10:ac:34:36:
2c:c1:e0:36:d6:4b:c5:6e:cf:65:e4:3b:cd:4f:73:
10:67:50:fb:e5:8f:39:c3:93:4e:f2:fe:ec:1e:50:
e1:f5:93:69:32:1b:70:50:d5:f0:a7:07:cb:48:4e:
86:52:35:c8:15:24:96:6d:5e:a6:72:66:56:e9:95:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B7:E5:9A:09:64:DA:16:63:9E:B0:51:AD:2C:A8:2D:1A:41:9D:EA
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0bflmglk2hZjnrBRrSyoLRpBneo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.112.0-45.8.114.255
45.8.222.0/24
45.11.44.0/22
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.89.232.0/22
45.94.40.0/22
45.128.208.0/22
45.129.8.0/22
45.134.168.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
88.218.192.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.113.68.0/22
176.119.148.0/22
176.126.114.0/24
185.184.223.0/24
185.200.64.0/22
185.207.152.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
6a:27:28:ca:c6:2b:9f:46:30:10:fb:f2:ec:11:26:15:9d:dd:
34:9d:6d:cf:f5:14:f4:db:8f:3d:5c:8e:69:88:71:e0:b0:86:
ad:3f:60:40:b9:e4:a8:39:b7:c7:23:25:d9:75:79:3b:5e:b7:
a5:68:9b:fe:f5:39:3a:b0:b9:9a:58:25:a5:32:41:e9:72:f0:
f2:27:b1:0a:71:28:49:74:31:45:33:9f:bb:0b:3c:47:44:00:
97:38:67:1a:23:56:f7:4c:56:b2:da:38:7a:47:13:0d:d4:0b:
48:52:2d:a0:c5:3c:61:16:8f:b4:4c:0d:73:5a:ff:da:c5:be:
17:0a:06:95:9e:4c:54:0d:83:6a:85:6e:22:84:be:f1:32:25:
7a:73:fd:95:4f:9b:76:fb:c9:b6:3e:4a:97:a8:42:14:9c:49:
aa:14:4b:d7:64:c6:6b:b5:da:3e:2a:bc:ba:c5:ab:99:ee:81:
59:e3:7b:7d:ce:fa:b8:e9:2c:70:d7:ee:95:70:28:e4:40:94:
e9:98:54:ce:73:05:b4:9c:c2:c5:7d:12:da:22:5f:57:c7:27:
44:d7:c7:63:dd:a0:aa:7f:7a:fe:8f:c2:50:d4:ef:a9:fb:4b:
6c:3a:a8:67:93:df:90:3a:c5:d4:75:d6:74:dd:52:f5:9c:ac:
2e:97:48:16
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZNiEvYbedCdeTOa13sLOQw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMTI1MDY0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI3ZTU5YTA5NjRkYTE2NjM5ZWIwNTFhZDJjYTgyZDFhNDE5ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6j5jktWn8GPOwni9hzdGcvPrYNdq
FDZCJQznea90Fy5s7ScWqERP4WeWjI4PdI7bTwNnW6SN3hR9ihLH11Ssg2r6ucas
MC5bwYZiHGa2/8AIe7lrFaN27iVb0WHjQoauEMfjGVyKiudPLz5N/cT+CFjBt1OT
OM+zm8X4zFeK4UnqX7JhVF/GgaTSJBMPmuhMvvVVS/BlQmZh4UhUvHcxqAyzEYEt
3kE8GWXkuJ1Z15dWYYvSQgb45y7xQ9ynQRCsNDYsweA21kvFbs9l5DvNT3MQZ1D7
5Y85w5NO8v7sHlDh9ZNpMhtwUNXwpwfLSE6GUjXIFSSWbV6mcmZW6ZXTQwIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFNG35ZoJZNoWY56wUa0sqC0aQZ3qMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMGJmbG1nbGsyaFpqbnJCUnJTeW9MUnBCbmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCB+wQCAAEwgfQw
DAMEBC0IcAMEAC0IcgMEAC0I3gMEAi0LLAMEAi0OQAMEAC0ORgMEAC0OaQMEAC0O
awMEAi1CgAMEAi1C2AMEAi1Z6AMEAi1eKAMEAi2A0AMEAi2BCAMEAi2GqAMEAi2O
fAMEAi2P6AMEAi2VnAMEAi2fMAMEAD5qRgMEAljWFAMEAljawAMEAlvI8AMEAlw8
KAMEAG1riQMEAG1rjAMEAo1ixAMEA5NO8AMEApU+LAMEArBxRAMEArB3lAMEALB+
cgMEALm43wMEArnIQAMEArnPmAMEAsEglAMEAcFvHgMEAsJomDAMAwQAw/XxAwQA
w/XyMFIEAgACMEwDBwAqCQABAAADBwAqCQACAAADBwAqCQADAAADBwAqCQAEAAAD
BwAqCQAFAAADBgQqCQAHAAMHACoJAAcgCAMFACoNx8EDBQMqEASAMA0GCSqGSIb3
DQEBCwUAA4IBAQBqJyjKxiufRjAQ+/LsESYVnd00nW3P9RT02489XI5piHHgsIat
P2BAueSoObfHIyXZdXk7XrelaJv+9Tk6sLmaWCWlMkHpcvDyJ7EKcShJdDFFM5+7
CzxHRACXOGcaI1b3TFay2jh6RxMN1AtIUi2gxTxhFo+0TA1zWv/axb4XCgaVnkxU
DYNqhW4ihL7xMiV6c/2VT5t2+8m2PkqXqEIUnEmqFEvXZMZrtdo+Kry6xauZ7oFZ
43t9zvq46Sxw1+6VcCjkQJTpmFTOcwW0nMLFfRLaIl9XxydE18dj3aCqf3r+j8JQ
1O+p+0tsOqhnk9+QOsXUddZ03VL1nKwul0gW
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:39:26 2025 by rpki-client