Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_O4FzI7d2YqmX0A84BtD_ZGfnqQ.roa
File: _O4FzI7d2YqmX0A84BtD_ZGfnqQ.roa (raw, json)
Hash identifier: dK5iQXdSez0nSXN0LmcfblhuClZZwSIIV5gyQ1Vr/TU=
Subject key identifier: FC:EE:05:CC:8E:DD:D9:8A:A6:5F:40:3C:E0:1B:43:FD:91:9F:9E:A4
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018D5A0AE47E97B60A1BD27E577FCB45D8AE
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_O4FzI7d2YqmX0A84BtD_ZGfnqQ.roa
Signing time: Tue 30 Jan 2024 11:04:39 +0000
ROA not before: Tue 30 Jan 2024 11:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09::/29 maxlen: 128
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 14:25:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:0a:e4:7e:97:b6:0a:1b:d2:7e:57:7f:cb:45:d8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 30 11:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcee05cc8eddd98aa65f403ce01b43fd919f9ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:f5:4d:5d:13:a1:3c:98:ce:b9:4d:e6:ff:
dc:03:2f:12:10:fe:a0:e9:29:71:07:33:62:ab:06:
01:38:89:d5:62:28:03:3f:00:25:57:af:d9:1c:d4:
0f:af:32:ab:31:ca:46:cf:ab:9a:52:90:c9:de:80:
c1:47:72:bd:9f:5f:79:fc:cf:cf:45:0b:27:42:f3:
d5:ce:78:05:5b:b9:d5:18:ce:37:c2:bd:7b:99:d4:
98:cf:66:18:7e:36:b0:9c:f2:c0:fc:83:c4:36:b3:
44:60:49:42:e6:e0:7f:5c:fd:07:4e:75:a8:94:86:
61:ec:9a:3b:fb:7a:59:a3:20:99:1e:5b:38:cc:5b:
52:e4:d2:2f:8b:4c:ef:36:b6:fa:f8:0c:16:19:98:
56:38:50:a7:d2:53:10:66:b6:8c:84:17:95:4d:35:
e8:97:fd:40:98:78:b9:cd:92:b6:56:c4:f3:06:cb:
6f:32:36:f3:a9:06:8c:db:f7:18:55:36:28:ad:a9:
a9:d2:37:00:de:8f:96:0e:13:18:6d:22:f3:02:20:
f2:33:00:e1:30:93:49:0e:c2:c6:8c:2e:33:26:c3:
48:f1:0a:0d:4b:e5:74:08:14:ca:09:8f:e8:f2:ff:
d8:15:b0:41:68:11:97:d8:41:9c:c5:fa:24:68:26:
5d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EE:05:CC:8E:DD:D9:8A:A6:5F:40:3C:E0:1B:43:FD:91:9F:9E:A4
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/_O4FzI7d2YqmX0A84BtD_ZGfnqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
5b:0b:2a:75:b1:f8:f4:d2:96:fb:dd:5b:4f:c8:6a:9e:84:fb:
2c:25:b9:98:48:5a:2e:ea:9f:bf:08:12:55:57:37:b2:ad:9b:
db:97:9e:64:8d:bb:92:bb:41:fa:21:74:2f:3d:6c:67:44:a9:
07:96:c6:e6:a5:5a:df:ce:6a:7f:a6:80:71:af:e9:ed:c2:7f:
5a:f4:23:37:b8:fa:97:78:a8:53:9e:49:97:1f:1e:28:62:ea:
35:ff:bb:77:fa:3f:e4:d2:7a:42:45:b8:b9:fb:8e:9e:28:29:
49:39:eb:e0:71:88:eb:f9:80:c2:9c:58:99:73:4a:46:41:bc:
9a:e5:64:ff:77:a6:b6:25:9e:cd:e8:62:c2:f6:6a:ef:74:a5:
04:b1:06:33:7b:ad:f6:a0:c6:4f:68:40:c6:1d:ac:83:32:4d:
c6:15:97:f9:5a:19:5c:39:d5:fa:1d:7a:24:9d:19:98:e4:00:
c5:6d:cc:36:ac:e2:81:13:8b:61:2b:b2:3b:03:6a:93:a5:54:
26:18:a4:c5:b2:8b:81:ae:a8:76:ae:c4:1d:b6:73:d1:d3:c1:
d3:92:bc:cd:65:89:41:6b:e6:bc:95:4d:72:a1:0c:37:93:c0:
6b:e6:c0:58:b7:16:07:73:f2:ef:76:ef:a1:c2:13:c1:5f:95:
19:59:00:2b
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAY1aCuR+l7YKG9J+V3/LRdiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTMwMTEwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VlMDVjYzhlZGRkOThhYTY1ZjQwM2NlMDFiNDNmZDkxOWY5ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1b1TV0ToTyYzrlN5v/cAy8SEP6g
6SlxBzNiqwYBOInVYigDPwAlV6/ZHNQPrzKrMcpGz6uaUpDJ3oDBR3K9n195/M/P
RQsnQvPVzngFW7nVGM43wr17mdSYz2YYfjawnPLA/IPENrNEYElC5uB/XP0HTnWo
lIZh7Jo7+3pZoyCZHls4zFtS5NIvi0zvNrb6+AwWGZhWOFCn0lMQZraMhBeVTTXo
l/1AmHi5zZK2VsTzBstvMjbzqQaM2/cYVTYoramp0jcA3o+WDhMYbSLzAiDyMwDh
MJNJDsLGjC4zJsNI8QoNS+V0CBTKCY/o8v/YFbBBaBGX2EGcxfokaCZd3QIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFPzuBcyO3dmKpl9APOAbQ/2Rn56kMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvX080RnpJN2QyWXFtWDBBODRCdERfWkdmbnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgY0EAgABMIGGAwQA
LVrSAwQALVydAwQCLYIUAwQCLYOYAwQCLYvAAwQCLY/oAwQCUELEAwQCXnx0AwQC
X9akAwQCjWLEAwQClT4sAwQCucI0AwQCuchAAwQDud7YAwQAufhXAwQBwW8eAwQA
wiQYAwQCwmiYAwQBwqk2AwQAw/XbMAwDBADD9fEDBADD9fIwaAQCAAIwYgMFAyoG
T8ADBQMqBlfAAwUDKgfpAAMFAyoH+gADBQMqCQAAAwUDKgztQAMFAyoNH8ADBQMq
DTZAAwUDKg1DQAMFAyoNS8ADBQMqDXVAAwUDKg3egAMFAyoOYgADBQMqECYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbCyp1sfj00pb73VtPyGqehPssJbmYSFou6p+/CBJV
VzeyrZvbl55kjbuSu0H6IXQvPWxnRKkHlsbmpVrfzmp/poBxr+ntwn9a9CM3uPqX
eKhTnkmXHx4oYuo1/7t3+j/k0npCRbi5+46eKClJOevgcYjr+YDCnFiZc0pGQbya
5WT/d6a2JZ7N6GLC9mrvdKUEsQYze632oMZPaEDGHayDMk3GFZf5WhlcOdX6HXok
nRmY5ADFbcw2rOKBE4thK7I7A2qTpVQmGKTFsouBrqh2rsQdtnPR08HTkrzNZYlB
a+a8lU1yoQw3k8Br5sBYtxYHc/Lvdu+hwhPBX5UZWQAr
-----END CERTIFICATE-----
Generated at Tue Jan 30 19:34:55 2024 by rpki-client on console-fra.rpki-client.org