Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/o4v4Ea3ntuGqfuy8Lc5kPAHJzmc.roa
File: o4v4Ea3ntuGqfuy8Lc5kPAHJzmc.roa (raw, json)
Hash identifier: nbvRGl4+PboDCNkLj+B3LhJs5DH2D0JvtNs3JT72rnM=
Subject key identifier: A3:8B:F8:11:AD:E7:B6:E1:AA:7E:EC:BC:2D:CE:64:3C:01:C9:CE:67
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018ED7F737F27BAB25EC71E7228F1D3C5617
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/o4v4Ea3ntuGqfuy8Lc5kPAHJzmc.roa
Signing time: Sat 13 Apr 2024 14:58:06 +0000
ROA not before: Sat 13 Apr 2024 14:58:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.14.107.0/24 maxlen: 32
45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a09:6:1::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 14:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:f7:37:f2:7b:ab:25:ec:71:e7:22:8f:1d:3c:56:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 13 14:58:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a38bf811ade7b6e1aa7eecbc2dce643c01c9ce67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c9:ff:2f:cc:d4:10:08:7c:39:8d:e6:a2:a7:
94:bc:99:32:14:65:f5:00:51:97:35:1a:7c:ea:3d:
e0:f2:c9:97:57:f6:8f:50:b2:fd:46:2c:98:6f:4b:
44:49:f8:23:4d:eb:b4:4a:79:51:23:4e:a8:70:dd:
44:46:55:b8:05:5c:e5:ae:a9:26:37:4b:a3:1d:e0:
61:c3:83:3e:9c:c8:1a:f0:79:93:29:51:62:ea:c2:
43:87:e9:55:50:ad:08:41:29:b7:53:e3:ea:2f:25:
e9:f7:41:92:2a:00:33:97:12:41:d9:76:32:ce:fa:
31:77:2b:c0:11:30:09:2c:ea:48:be:04:2e:1f:d4:
ff:91:4b:9c:1e:c4:18:94:4e:2a:ca:07:2c:07:36:
52:8e:ac:09:60:ad:51:4d:64:4a:c7:a1:23:cb:0c:
e8:ac:82:40:b6:ef:e2:96:ee:89:34:0c:64:11:8e:
b2:eb:fa:77:57:9b:29:f7:e9:d5:86:4d:bc:76:70:
6c:f7:29:81:7f:25:40:26:d7:2d:89:33:e0:ce:f4:
62:cb:71:c7:58:42:67:c4:04:77:59:75:bf:2f:4b:
76:58:ee:96:df:2d:a5:21:fa:3c:b8:62:5f:df:6f:
de:7e:ff:5e:8b:54:87:34:9b:30:66:42:61:ad:b6:
57:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:F8:11:AD:E7:B6:E1:AA:7E:EC:BC:2D:CE:64:3C:01:C9:CE:67
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/o4v4Ea3ntuGqfuy8Lc5kPAHJzmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.107.0/24
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:0:15::/48
2a09:6::/47
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
49:65:cd:9b:bc:7b:72:d7:28:90:7d:0a:72:97:1b:f8:82:b0:
84:1e:6d:f1:95:0a:7d:ac:f2:d0:38:91:e4:85:3b:a0:96:84:
2f:1e:ef:ed:b4:6f:0d:e8:e9:18:a5:05:51:04:bb:a8:f7:05:
bf:7a:15:85:28:20:fe:fd:b7:44:75:52:c5:e2:a0:21:ac:ff:
35:ec:b3:b0:52:a0:85:48:f0:f1:b9:53:1c:89:d4:36:d4:32:
0e:9c:03:ab:43:d7:ec:3b:91:f7:72:17:d3:03:8f:a5:24:5c:
5b:18:a0:82:3e:31:07:be:02:65:cc:9c:fa:94:c3:e4:29:be:
a8:84:ec:bb:53:80:16:b7:28:3c:22:1f:1d:8e:4c:49:43:65:
f6:35:58:33:36:87:61:b7:c1:4a:3f:cb:ae:7d:62:19:85:35:
be:e4:25:2a:20:ae:91:17:12:16:57:34:a2:2b:32:e8:82:d7:
a2:21:94:a1:7c:8a:35:90:05:18:4d:5c:df:62:d7:41:4f:50:
5c:9a:d5:e0:ff:1e:74:4c:7c:00:b6:5c:81:38:1a:74:60:9b:
f3:96:d7:a6:0d:f8:fd:46:ec:b2:d1:25:c6:f8:43:e2:29:54:
65:7d:25:eb:15:51:c0:df:e9:a1:8f:cc:e3:22:7e:56:1c:08:
18:2a:02:5b
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAY7X9zfye6sl7HHnIo8dPFYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNDEzMTQ1ODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhiZjgxMWFkZTdiNmUxYWE3ZWVjYmMyZGNlNjQzYzAxYzljZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcn/L8zUEAh8OY3moqeUvJkyFGX1
AFGXNRp86j3g8smXV/aPULL9RiyYb0tESfgjTeu0SnlRI06ocN1ERlW4BVzlrqkm
N0ujHeBhw4M+nMga8HmTKVFi6sJDh+lVUK0IQSm3U+PqLyXp90GSKgAzlxJB2XYy
zvoxdyvAETAJLOpIvgQuH9T/kUucHsQYlE4qygcsBzZSjqwJYK1RTWRKx6Ejywzo
rIJAtu/ilu6JNAxkEY6y6/p3V5sp9+nVhk28dnBs9ymBfyVAJtctiTPgzvRiy3HH
WEJnxAR3WXW/L0t2WO6W3y2lIfo8uGJf32/efv9ei1SHNJswZkJhrbZXoQIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFKOL+BGt57bhqn7svC3OZDwByc5nMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvbzR2NEVhM250dUdxZnV5OExjNWtQQUhKem1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCBmQQCAAEwgZID
BAAtDmsDBAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIti8ADBAItj+gD
BAJQQsQDBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAO53tgD
BAC5+FcDBAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP1
8jBzBAIAAjBtAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMHACoJAAAAFQMH
ASoJAAYAAAMFAyoM7UADBQMqDR/AAwUDKg02QAMFAyoNQ0ADBQMqDUvAAwUDKg11
QAMFAyoN3oADBQMqDmIAAwUDKhAmADANBgkqhkiG9w0BAQsFAAOCAQEASWXNm7x7
ctcokH0Kcpcb+IKwhB5t8ZUKfazy0DiR5IU7oJaELx7v7bRvDejpGKUFUQS7qPcF
v3oVhSgg/v23RHVSxeKgIaz/NeyzsFKghUjw8blTHInUNtQyDpwDq0PX7DuR93IX
0wOPpSRcWxiggj4xB74CZcyc+pTD5Cm+qITsu1OAFrcoPCIfHY5MSUNl9jVYMzaH
YbfBSj/Lrn1iGYU1vuQlKiCukRcSFlc0oisy6ILXoiGUoXyKNZAFGE1c32LXQU9Q
XJrV4P8edEx8ALZcgTgadGCb85bXpg34/UbsstElxvhD4ilUZX0l6xVRwN/poY/M
4yJ+VhwIGCoCWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org