Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQWwA1SA1mF66NUAIxDwCgq9G9s.roa
File: YQWwA1SA1mF66NUAIxDwCgq9G9s.roa (raw, json)
Hash identifier: 5gz9Ai0LeDYoEARugPDNNS7u6cu161JYyI9r91368ds=
Subject key identifier: 61:05:B0:03:54:80:D6:61:7A:E8:D5:00:23:10:F0:0A:0A:BD:1B:DB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018D5AFB623DF1222B29ACF5E3A453625AA7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQWwA1SA1mF66NUAIxDwCgq9G9s.roa
Signing time: Tue 30 Jan 2024 15:27:20 +0000
ROA not before: Tue 30 Jan 2024 15:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09::/29 maxlen: 128
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Feb 2024 21:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:fb:62:3d:f1:22:2b:29:ac:f5:e3:a4:53:62:5a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 30 15:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6105b0035480d6617ae8d5002310f00a0abd1bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:99:b8:5c:59:5d:1d:98:7e:ba:cf:a1:eb:45:
56:da:04:46:00:85:ba:e4:9d:3b:b7:d7:fc:cb:72:
1c:d5:cf:4d:69:3a:37:16:61:c0:86:a1:0d:ec:f8:
49:6d:cd:c2:98:88:ac:e9:e6:eb:a2:6b:af:8e:08:
77:00:f1:80:59:2d:93:b8:66:d9:ba:24:13:e5:b1:
a5:b5:9a:dd:89:1e:3a:5b:de:5b:4c:ce:5c:89:07:
f6:cb:04:5d:a8:8e:55:ce:17:88:40:2b:f2:a5:83:
d3:37:32:67:20:53:db:40:59:2e:a6:d6:8a:8d:e9:
19:52:45:a6:29:c9:a1:7e:00:3a:9a:f3:c9:0d:d9:
a1:59:32:fd:dc:61:90:a7:82:31:44:e0:db:fb:0b:
d7:19:3a:3a:88:b3:20:34:48:a3:87:01:c9:48:e8:
a5:54:59:fc:96:c8:69:3e:c9:3d:35:b8:19:01:ca:
24:2f:b8:c2:05:44:b5:73:0b:84:bf:ac:6f:d4:cf:
51:8b:2a:b4:fb:3d:9f:3a:b0:58:3d:0b:dc:28:ff:
68:3c:dc:72:a9:1b:88:0b:ea:29:3b:c8:69:69:97:
49:cb:50:9d:f1:60:2b:88:d0:d8:92:dc:08:51:63:
2c:86:51:c7:24:3f:f0:b5:07:f0:5a:f3:ca:7f:5f:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:05:B0:03:54:80:D6:61:7A:E8:D5:00:23:10:F0:0A:0A:BD:1B:DB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQWwA1SA1mF66NUAIxDwCgq9G9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
3d:c2:aa:9c:fb:85:9e:c8:40:86:82:22:af:d7:6c:69:64:b0:
9e:26:fa:61:de:b5:3e:e1:f6:b7:f0:86:b7:03:21:10:aa:58:
4b:f0:50:2b:03:9d:b2:e6:30:ef:e2:97:bd:bd:65:18:44:e8:
31:02:cd:5b:87:d4:a2:79:a5:5d:1d:2a:2b:34:49:e9:7c:57:
60:26:a1:de:65:0e:32:da:a8:d1:bc:c9:67:34:bd:90:7f:c7:
23:51:ab:b3:04:67:8f:7f:35:ce:6d:c6:67:0e:2f:fe:ae:98:
20:18:3b:66:63:0b:6c:16:e1:86:21:f7:21:50:22:19:1b:67:
ca:1f:9e:fb:7a:05:4f:4d:f9:f2:cb:af:8b:32:06:63:20:75:
57:42:0b:4d:e2:b3:42:7a:57:44:39:1b:9b:6b:1c:4d:de:ae:
0a:19:fd:f7:b0:7e:f0:65:71:da:34:aa:35:4a:6d:50:18:17:
8a:5d:a5:98:c2:d8:68:14:6b:ca:11:67:af:42:8f:b9:a2:17:
c9:00:4d:00:d0:17:10:ac:f0:48:30:17:62:49:96:e4:ca:5e:
30:7d:e7:74:5b:fb:0a:bb:88:66:31:3b:65:6a:69:48:49:0b:
7d:f5:3e:d2:a4:f1:ff:c9:aa:eb:54:87:9e:94:67:89:dd:96:
75:95:3f:00
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAY1a+2I98SIrKaz146RTYlqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTMwMTUyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA1YjAwMzU0ODBkNjYxN2FlOGQ1MDAyMzEwZjAwYTBhYmQxYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpm4XFldHZh+us+h60VW2gRGAIW6
5J07t9f8y3Ic1c9NaTo3FmHAhqEN7PhJbc3CmIis6ebromuvjgh3APGAWS2TuGbZ
uiQT5bGltZrdiR46W95bTM5ciQf2ywRdqI5VzheIQCvypYPTNzJnIFPbQFkuptaK
jekZUkWmKcmhfgA6mvPJDdmhWTL93GGQp4IxRODb+wvXGTo6iLMgNEijhwHJSOil
VFn8lshpPsk9NbgZAcokL7jCBUS1cwuEv6xv1M9Riyq0+z2fOrBYPQvcKP9oPNxy
qRuIC+opO8hpaZdJy1Cd8WAriNDYktwIUWMshlHHJD/wtQfwWvPKf1/crwIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFGEFsANUgNZheujVACMQ8AoKvRvbMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvWVFXd0ExU0ExbUY2Nk5VQUl4RHdDZ3E5RzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCBkwQCAAEwgYwD
BAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIti8ADBAItj+gDBAJQQsQD
BAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAO53tgDBAC5+FcD
BAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBoBAIA
AjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMFAyoJAAADBQMqDO1AAwUD
Kg0fwAMFAyoNNkADBQMqDUNAAwUDKg1LwAMFAyoNdUADBQMqDd6AAwUDKg5iAAMF
AyoQJgAwDQYJKoZIhvcNAQELBQADggEBAD3Cqpz7hZ7IQIaCIq/XbGlksJ4m+mHe
tT7h9rfwhrcDIRCqWEvwUCsDnbLmMO/il729ZRhE6DECzVuH1KJ5pV0dKis0Sel8
V2Amod5lDjLaqNG8yWc0vZB/xyNRq7MEZ49/Nc5txmcOL/6umCAYO2ZjC2wW4YYh
9yFQIhkbZ8ofnvt6BU9N+fLLr4syBmMgdVdCC03is0J6V0Q5G5trHE3ergoZ/few
fvBlcdo0qjVKbVAYF4pdpZjC2GgUa8oRZ69Cj7miF8kATQDQFxCs8EgwF2JJluTK
XjB953Rb+wq7iGYxO2VqaUhJC331PtKk8f/JqutUh56UZ4ndlnWVPwA=
-----END CERTIFICATE-----
Generated at Fri Feb 16 02:55:56 2024 by rpki-client on console-fra.rpki-client.org