Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa
File: A4tlEgjH4_0d5ts_QUCQET9HLmk.roa (raw, json)
Hash identifier: jv8fJ/jFBxSg3APQXJIH0uzUHzvNkYTJKg6HoGhnFQw=
Subject key identifier: 03:8B:65:12:08:C7:E3:FD:1D:E6:DB:3F:41:40:90:11:3F:47:2E:69
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018DAEB126A35714688F4EB3918ED3C09977
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa
Signing time: Thu 15 Feb 2024 21:34:21 +0000
ROA not before: Thu 15 Feb 2024 21:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a09:6:1::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 14:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:b1:26:a3:57:14:68:8f:4e:b3:91:8e:d3:c0:99:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 15 21:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=038b651208c7e3fd1de6db3f414090113f472e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:0a:20:3e:3e:a1:16:17:56:88:9d:0f:27:
de:ea:5c:c1:d8:24:ca:54:a4:2c:af:2b:3b:08:0c:
8c:1c:03:ac:b0:55:84:10:9e:82:9b:a6:f6:81:f2:
c8:83:b0:5d:62:86:d2:b4:d0:d0:e4:e3:5e:91:bd:
90:64:27:b0:11:ef:20:3e:9c:8e:26:83:cf:88:8a:
8d:87:10:09:ce:36:2c:bf:8c:be:ee:aa:b8:3a:a5:
5e:ad:78:47:53:b8:9f:25:0f:ad:cb:69:2d:74:4c:
62:4d:b9:06:35:be:6a:0f:64:85:d3:30:5e:5f:f6:
a4:80:38:27:02:8b:b7:fe:f0:92:8a:e8:0d:32:c0:
2d:b9:9c:37:dc:55:91:79:4b:7d:76:cb:ec:37:b2:
7f:ee:28:ca:ed:53:48:0c:a5:de:5a:3f:a5:78:0a:
82:9f:0a:56:a5:e8:b9:9f:0f:47:a1:17:bc:9a:c4:
ff:eb:0d:46:fa:90:7e:fa:93:fc:12:d5:6a:bb:61:
c9:d1:78:5e:a3:91:8f:92:4a:55:87:c0:7d:17:e2:
79:42:6e:df:e2:1e:67:ae:0f:7f:6d:6c:b4:db:a1:
bd:e5:2c:a8:eb:ec:eb:cd:41:e8:77:0a:73:ab:9d:
20:6b:7a:41:d5:ef:58:af:b1:ad:48:ae:8c:99:46:
86:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8B:65:12:08:C7:E3:FD:1D:E6:DB:3F:41:40:90:11:3F:47:2E:69
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:0:15::/48
2a09:6::/47
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
34:98:0d:54:b0:04:98:e4:ab:8f:a9:62:4e:4c:84:96:f3:eb:
33:e4:65:82:81:92:c2:2d:28:4a:f7:7c:78:11:15:02:61:ff:
9a:b7:e2:ea:7d:4a:76:2f:ad:e8:bb:c8:0a:64:cd:53:c2:f7:
51:44:01:5b:9f:9a:0f:cd:de:75:8c:de:94:8f:7e:19:98:06:
ed:97:59:b1:a8:54:a9:66:38:3b:25:b0:f6:dd:30:04:71:27:
9c:e2:e6:34:a3:84:6e:7f:30:a1:1b:dc:78:fc:e2:f5:95:ff:
08:8a:1b:2c:8e:a1:3a:07:e5:f6:c8:fd:af:20:0b:d3:3c:43:
a0:c8:e0:cc:63:61:a3:62:e0:ec:c5:dc:e4:0d:7f:df:6f:55:
63:c7:c0:75:73:a5:ba:b1:d9:6f:cb:37:3f:ef:8b:f4:ad:e1:
e5:ca:71:bc:66:b2:95:28:b4:eb:c3:61:b2:68:d1:04:b1:ac:
f3:7d:56:cd:1d:24:78:7d:9f:87:8e:6a:9f:0d:0c:7d:97:a0:
24:de:9b:bb:ee:a1:16:3c:f9:d2:c9:53:2d:68:d4:d6:ef:02:
e7:f3:ff:37:e4:88:a9:d7:12:8c:78:a8:0f:94:f0:89:5a:f2:
bc:6d:a2:1b:53:2e:be:64:f7:19:d1:95:4c:bc:63:98:eb:c3:
24:17:c7:11
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAY2usSajVxRoj06zkY7TwJl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMjE1MjEzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhiNjUxMjA4YzdlM2ZkMWRlNmRiM2Y0MTQwOTAxMTNmNDcyZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjukKID4+oRYXVoidDyfe6lzB2CTK
VKQsrys7CAyMHAOssFWEEJ6Cm6b2gfLIg7BdYobStNDQ5ONekb2QZCewEe8gPpyO
JoPPiIqNhxAJzjYsv4y+7qq4OqVerXhHU7ifJQ+ty2ktdExiTbkGNb5qD2SF0zBe
X/akgDgnAou3/vCSiugNMsAtuZw33FWReUt9dsvsN7J/7ijK7VNIDKXeWj+leAqC
nwpWpei5nw9HoRe8msT/6w1G+pB++pP8EtVqu2HJ0Xheo5GPkkpVh8B9F+J5Qm7f
4h5nrg9/bWy026G95Syo6+zrzUHodwpzq50ga3pB1e9Yr7GtSK6MmUaG8QIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFAOLZRIIx+P9HebbP0FAkBE/Ry5pMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQTR0bEVnakg0XzBkNXRzX1FVQ1FFVDlITG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCBkwQCAAEwgYwD
BAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIti8ADBAItj+gDBAJQQsQD
BAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAO53tgDBAC5+FcD
BAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBzBAIA
AjBtAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMHACoJAAAAFQMHASoJAAYA
AAMFAyoM7UADBQMqDR/AAwUDKg02QAMFAyoNQ0ADBQMqDUvAAwUDKg11QAMFAyoN
3oADBQMqDmIAAwUDKhAmADANBgkqhkiG9w0BAQsFAAOCAQEANJgNVLAEmOSrj6li
TkyElvPrM+RlgoGSwi0oSvd8eBEVAmH/mrfi6n1Kdi+t6LvICmTNU8L3UUQBW5+a
D83edYzelI9+GZgG7ZdZsahUqWY4OyWw9t0wBHEnnOLmNKOEbn8woRvcePzi9ZX/
CIobLI6hOgfl9sj9ryAL0zxDoMjgzGNho2Lg7MXc5A1/329VY8fAdXOlurHZb8s3
P++L9K3h5cpxvGaylSi068NhsmjRBLGs831WzR0keH2fh45qnw0MfZegJN6bu+6h
Fjz50slTLWjU1u8C5/P/N+SIqdcSjHioD5TwiVryvG2iG1MuvmT3GdGVTLxjmOvD
JBfHEQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 17:14:36 2024 by rpki-client on console-ams.rpki-client.org