Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OvLNoI0dEvpzrBVtu3fY1ox9I64.roa
File: OvLNoI0dEvpzrBVtu3fY1ox9I64.roa (raw, json)
Hash identifier: Vrtw8dT1eiYpCEor+zJYvYq7iK5rM/yHUJKXasDkxw8=
Subject key identifier: 3A:F2:CD:A0:8D:1D:12:FA:73:AC:15:6D:BB:77:D8:D6:8C:7D:23:AE
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018EA7A707ABC43522C8A10B35DD82D5DC44
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OvLNoI0dEvpzrBVtu3fY1ox9I64.roa
Signing time: Thu 04 Apr 2024 05:48:45 +0000
ROA not before: Thu 04 Apr 2024 05:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.89.232.0/22 maxlen: 32
45.94.40.0/22 maxlen: 32
45.128.208.0/22 maxlen: 32
45.129.8.0/22 maxlen: 24
45.134.168.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
88.218.192.0/22 maxlen: 32
91.200.240.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/22 maxlen: 24
176.113.68.0/22 maxlen: 32
176.119.148.0/22 maxlen: 24
176.126.114.0/24 maxlen: 24
185.184.220.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
185.207.152.0/22 maxlen: 32
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.104.152.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:1::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:4::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 07:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:a7:07:ab:c4:35:22:c8:a1:0b:35:dd:82:d5:dc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 4 05:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3af2cda08d1d12fa73ac156dbb77d8d68c7d23ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:c5:ef:cd:dd:40:3f:50:5e:9b:0a:67:ca:
5f:26:81:9f:6e:db:e2:6a:a4:36:d4:86:74:20:d0:
c3:29:79:b0:9d:6c:bb:20:1a:e2:36:f8:29:67:d8:
4c:51:5a:11:b8:4f:ae:b1:af:17:fb:54:11:c4:3a:
93:0f:dd:2f:6d:ea:e7:4f:d8:65:6e:c3:ca:f8:bf:
24:cf:0a:e5:80:6f:3b:07:cb:38:10:28:d2:ff:9e:
84:97:81:2c:c3:02:ad:cd:65:82:12:9a:e0:4f:59:
d0:70:ae:34:17:cb:db:41:9e:c0:ee:98:c8:51:74:
fb:00:1c:b4:c5:c4:f2:23:5d:4c:f2:1e:55:e8:4a:
eb:13:fa:62:d6:30:5d:62:64:3c:98:c6:7b:fc:c7:
fb:60:2c:94:6d:db:fe:28:dc:89:b2:61:28:c1:46:
4d:3b:1c:3c:bf:6a:d3:5b:58:1d:22:92:55:97:7f:
35:62:d4:de:38:b1:d7:89:98:f4:2f:a9:fa:e5:2c:
f1:a9:17:50:41:02:9c:92:87:50:e8:76:a8:19:08:
d3:db:ac:50:38:cf:07:2a:14:86:1d:55:0d:61:61:
aa:54:da:45:d7:f1:12:1f:54:4a:37:e7:f7:2c:e3:
74:b6:9d:48:4d:83:b8:73:a0:6c:42:91:4d:34:5c:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F2:CD:A0:8D:1D:12:FA:73:AC:15:6D:BB:77:D8:D6:8C:7D:23:AE
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OvLNoI0dEvpzrBVtu3fY1ox9I64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.89.232.0/22
45.94.40.0/22
45.128.208.0/22
45.129.8.0/22
45.134.168.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
88.218.192.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.113.68.0/22
176.119.148.0/22
176.126.114.0/24
185.184.220.0/22
185.200.64.0/22
185.207.152.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
89:78:a4:13:ec:ce:4e:26:ba:ac:e4:14:6a:f8:02:78:9b:34:
81:53:df:b7:e6:1a:9f:c5:5b:5c:6c:39:06:3b:5f:35:69:4b:
49:1b:9b:2c:11:6e:cd:a3:9f:dd:67:06:f2:a9:ba:c6:e4:70:
82:a6:5d:9c:0e:0c:4d:de:31:40:3a:ab:8e:f0:b8:36:ca:2a:
df:a5:65:8d:94:f4:d5:bf:a3:ef:79:ff:7e:a9:af:5f:9a:6a:
b2:9d:36:ff:cf:e2:63:f8:27:f0:e3:8a:ad:0d:59:a5:bb:23:
58:60:99:bb:c1:92:65:f1:4b:24:f9:9d:66:6e:fb:b8:e7:09:
c3:b2:1e:e4:59:ce:23:46:cc:af:d2:e0:b3:7c:4b:2a:71:2a:
44:2c:04:30:37:5d:bd:f2:d9:66:36:ca:b4:f6:c7:dc:84:6e:
21:64:07:a1:87:55:76:80:3b:99:fe:73:86:fa:8a:db:eb:b3:
5e:58:cf:12:0c:d2:19:85:8e:18:32:0c:dc:54:f8:68:e4:f3:
a7:bd:74:7f:cd:8e:4a:be:07:6b:f5:c4:dd:87:04:1c:30:8d:
ac:53:4d:02:65:0c:12:c4:41:fb:dc:6a:af:42:a1:fd:69:3e:
ef:24:57:9d:8d:d4:26:89:19:a1:74:d3:9a:f5:c7:09:48:61:
f8:4d:6e:44
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAY6npwerxDUiyKELNd2C1dxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNDA0MDU0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWYyY2RhMDhkMWQxMmZhNzNhYzE1NmRiYjc3ZDhkNjhjN2QyM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU3F783dQD9QXpsKZ8pfJoGfbtvi
aqQ21IZ0INDDKXmwnWy7IBriNvgpZ9hMUVoRuE+usa8X+1QRxDqTD90vbernT9hl
bsPK+L8kzwrlgG87B8s4ECjS/56El4EswwKtzWWCEprgT1nQcK40F8vbQZ7A7pjI
UXT7ABy0xcTyI11M8h5V6ErrE/pi1jBdYmQ8mMZ7/Mf7YCyUbdv+KNyJsmEowUZN
Oxw8v2rTW1gdIpJVl381YtTeOLHXiZj0L6n65SzxqRdQQQKckodQ6HaoGQjT26xQ
OM8HKhSGHVUNYWGqVNpF1/ESH1RKN+f3LON0tp1ITYO4c6BsQpFNNFzAFwIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFDryzaCNHRL6c6wVbbt32NaMfSOuMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvT3ZMTm9JMGRFdnB6ckJWdHUzZlkxb3g5STY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCB4QQCAAEwgdoD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAItWegDBAItXigD
BAItgNADBAItgQgDBAIthqgDBAItjnwDBAItj+gDBAItlZwDBAItnzADBAA+akYD
BAJY1hQDBAJY2sADBAJbyPADBAJcPCgDBABta4kDBABta4wDBAKNYsQDBAOTTvAD
BAKVPiwDBAKwcUQDBAKwd5QDBACwfnIDBAK5uNwDBAK5yEADBAK5z5gDBALBIJQD
BAHBbx4DBALCaJgwDAMEAMP18QMEAMP18jBSBAIAAjBMAwcAKgkAAQAAAwcAKgkA
AgAAAwcAKgkAAwAAAwcAKgkABAAAAwcAKgkABQAAAwYEKgkABwADBwAqCQAHIAgD
BQAqDcfBAwUDKhAEgDANBgkqhkiG9w0BAQsFAAOCAQEAiXikE+zOTia6rOQUavgC
eJs0gVPft+Yan8VbXGw5BjtfNWlLSRubLBFuzaOf3WcG8qm6xuRwgqZdnA4MTd4x
QDqrjvC4Nsoq36VljZT01b+j73n/fqmvX5pqsp02/8/iY/gn8OOKrQ1ZpbsjWGCZ
u8GSZfFLJPmdZm77uOcJw7Ie5FnOI0bMr9Lgs3xLKnEqRCwEMDddvfLZZjbKtPbH
3IRuIWQHoYdVdoA7mf5zhvqK2+uzXljPEgzSGYWOGDIM3FT4aOTzp710f82OSr4H
a/XE3YcEHDCNrFNNAmUMEsRB+9xqr0Kh/Wk+7yRXnY3UJokZoXTTmvXHCUhh+E1u
RA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:44:44 2024 by rpki-client on console-fra.rpki-client.org