Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-m5Dfkv5g5k9JZScZGotqGGsSYY.roa
File: 1-m5Dfkv5g5k9JZScZGotqGGsSYY.roa (raw, json)
Hash identifier: YU1F90X1GfedkrL9JlLBSia6RcSMnsOKSryar7Va2Y0=
Subject key identifier: FA:6E:43:7E:4B:F9:83:99:3D:25:94:9C:64:6A:2D:A8:61:AC:49:86
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01916FFFD49323C68CD85303FABFF5DB0077
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-m5Dfkv5g5k9JZScZGotqGGsSYY.roa
Signing time: Tue 20 Aug 2024 13:35:22 +0000
ROA not before: Tue 20 Aug 2024 13:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 45.8.222.0/24 maxlen: 32
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.89.232.0/22 maxlen: 32
45.94.40.0/22 maxlen: 32
45.128.208.0/22 maxlen: 32
45.129.8.0/22 maxlen: 24
45.134.168.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
88.218.192.0/22 maxlen: 32
91.200.240.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/22 maxlen: 24
176.113.68.0/22 maxlen: 32
176.119.148.0/22 maxlen: 24
176.126.114.0/24 maxlen: 24
185.184.223.0/24 maxlen: 24
185.200.64.0/22 maxlen: 24
185.207.152.0/22 maxlen: 32
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.104.152.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:1::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:4::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Oct 2024 16:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:ff:d4:93:23:c6:8c:d8:53:03:fa:bf:f5:db:00:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 20 13:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa6e437e4bf983993d25949c646a2da861ac4986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3b:39:2b:e8:ba:d8:ab:b4:c5:6f:ee:c6:8c:
ee:b1:bb:42:fc:b4:d8:2b:32:36:9e:06:42:30:81:
e6:48:14:29:d7:07:c0:c5:27:59:9a:0f:23:02:32:
4b:a2:3b:9a:97:ef:da:0e:11:27:23:5e:cf:c8:42:
6d:95:8c:10:82:4e:b5:2d:d6:73:23:84:25:6b:40:
c0:da:46:ba:8d:68:d2:f5:87:47:cb:e3:c5:f8:38:
ab:04:22:a6:16:0a:af:4a:8f:9c:3c:19:bf:47:76:
ee:8f:b8:c3:ba:f0:88:a8:1a:90:a7:bb:9d:5e:7e:
b4:15:15:d2:4e:c1:be:e1:f2:3a:4e:0c:f0:23:7c:
8d:99:dc:85:8c:da:75:17:88:1d:2d:14:f5:05:2a:
c1:ad:79:30:eb:6e:26:08:a1:78:9d:84:83:c6:5e:
2c:c7:e3:ff:bb:05:45:b6:f3:cb:09:0d:49:bf:4c:
3a:8d:25:44:4f:04:bd:f7:69:0a:3f:0e:73:72:0a:
1a:23:3f:f6:c7:05:ed:8f:6f:63:c2:99:55:9f:f1:
fa:12:40:fc:51:26:35:f3:16:37:11:f5:ae:d8:7a:
20:76:02:c1:e3:0e:b8:29:8a:3b:81:e5:fa:61:7a:
c6:74:f2:28:1e:40:a4:c8:2b:5d:c5:03:71:8b:30:
c2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6E:43:7E:4B:F9:83:99:3D:25:94:9C:64:6A:2D:A8:61:AC:49:86
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-m5Dfkv5g5k9JZScZGotqGGsSYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.222.0/24
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.89.232.0/22
45.94.40.0/22
45.128.208.0/22
45.129.8.0/22
45.134.168.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
88.218.192.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.113.68.0/22
176.119.148.0/22
176.126.114.0/24
185.184.223.0/24
185.200.64.0/22
185.207.152.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
89:e5:b5:89:7a:02:83:82:b2:22:e9:e8:9a:f5:96:11:19:24:
88:0f:61:75:8e:93:91:92:45:a9:3d:7e:e8:a8:cd:b3:f9:f0:
be:ef:fe:51:71:5a:4d:90:ad:6d:1e:23:ff:77:e5:dd:6c:04:
10:78:fe:7f:6c:03:1d:b3:a1:b0:41:9d:50:14:2d:ea:a1:e4:
0d:de:a0:37:7b:03:74:a7:36:7d:14:9c:20:08:36:2d:d3:42:
ac:91:10:c9:aa:3d:69:c3:cd:ea:98:e2:41:a9:4f:8b:21:94:
7e:88:9c:a1:20:ef:5a:ed:9b:74:68:69:8f:d8:ac:84:19:d7:
38:a4:be:31:ca:2c:62:d7:1b:13:ef:fd:48:b8:bb:f2:e3:3e:
10:0e:cb:b3:9b:a1:5a:24:8a:91:d7:50:c6:2e:6f:6c:59:18:
64:8b:c3:6d:d9:6e:b2:99:85:05:a5:cf:2e:2a:b2:06:14:0f:
73:20:08:51:85:04:4c:92:5b:fd:ed:d9:4a:0c:aa:e4:18:ad:
cb:aa:e4:c9:c9:42:f3:e6:2e:a5:81:72:28:40:32:53:98:36:
86:86:b7:23:33:c6:cb:4f:01:ec:0f:6b:9d:76:94:0c:3d:c6:
18:5d:81:a3:29:79:e9:64:f9:77:b7:b4:6d:8e:99:9c:1b:74:
13:5a:c6:a2
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgISAZFv/9STI8aM2FMD+r/12wB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODIwMTMzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZlNDM3ZTRiZjk4Mzk5M2QyNTk0OWM2NDZhMmRhODYxYWM0OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjs5K+i62Ku0xW/uxozusbtC/LTY
KzI2ngZCMIHmSBQp1wfAxSdZmg8jAjJLojual+/aDhEnI17PyEJtlYwQgk61LdZz
I4Qla0DA2ka6jWjS9YdHy+PF+DirBCKmFgqvSo+cPBm/R3buj7jDuvCIqBqQp7ud
Xn60FRXSTsG+4fI6TgzwI3yNmdyFjNp1F4gdLRT1BSrBrXkw624mCKF4nYSDxl4s
x+P/uwVFtvPLCQ1Jv0w6jSVETwS992kKPw5zcgoaIz/2xwXtj29jwplVn/H6EkD8
USY18xY3EfWu2HogdgLB4w64KYo7geX6YXrGdPIoHkCkyCtdxQNxizDCpQIDAQAB
o4IDQDCCAzwwHQYDVR0OBBYEFPpuQ35L+YOZPSWUnGRqLahhrEmGMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMS1tNURma3Y1ZzVrOUpaU2NaR290cUdHc1NZWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRl
MS8xL3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAVMGCCsGAQUFBwEHAQH/BIIBQjCCAT4wgecEAgABMIHg
AwQALQjeAwQCLQ5AAwQALQ5GAwQALQ5pAwQALQ5rAwQCLUKAAwQCLULYAwQCLVno
AwQCLV4oAwQCLYDQAwQCLYEIAwQCLYaoAwQCLY58AwQCLY/oAwQCLZWcAwQCLZ8w
AwQAPmpGAwQCWNYUAwQCWNrAAwQCW8jwAwQCXDwoAwQAbWuJAwQAbWuMAwQCjWLE
AwQDk07wAwQClT4sAwQCsHFEAwQCsHeUAwQAsH5yAwQAubjfAwQCuchAAwQCuc+Y
AwQCwSCUAwQBwW8eAwQCwmiYMAwDBADD9fEDBADD9fIwUgQCAAIwTAMHACoJAAEA
AAMHACoJAAIAAAMHACoJAAMAAAMHACoJAAQAAAMHACoJAAUAAAMGBCoJAAcAAwcA
KgkAByAIAwUAKg3HwQMFAyoQBIAwDQYJKoZIhvcNAQELBQADggEBAInltYl6AoOC
siLp6Jr1lhEZJIgPYXWOk5GSRak9fuiozbP58L7v/lFxWk2QrW0eI/935d1sBBB4
/n9sAx2zobBBnVAULeqh5A3eoDd7A3SnNn0UnCAINi3TQqyREMmqPWnDzeqY4kGp
T4shlH6InKEg71rtm3RoaY/YrIQZ1zikvjHKLGLXGxPv/Ui4u/LjPhAOy7OboVok
ipHXUMYub2xZGGSLw23ZbrKZhQWlzy4qsgYUD3MgCFGFBEySW/3t2UoMquQYrcuq
5MnJQvPmLqWBcihAMlOYNoaGtyMzxstPAewPa512lAw9xhhdgaMpeelk+Xe3tG2O
mZwbdBNaxqI=
-----END CERTIFICATE-----
Generated at Mon Oct 14 20:38:01 2024 by rpki-client on console-ams.rpki-client.org