Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ydwYJwvhuYpEsZkoPYl14acFL3o.roa
File: ydwYJwvhuYpEsZkoPYl14acFL3o.roa (raw, json)
Hash identifier: 1shrLZfB+BKgkcbP4k3IWqnmRI7Idh+uTKGusnX1LNs=
Subject key identifier: C9:DC:18:27:0B:E1:B9:8A:44:B1:99:28:3D:89:75:E1:A7:05:2F:7A
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019362120B68FFA58D3D1AADD15D70118435
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ydwYJwvhuYpEsZkoPYl14acFL3o.roa
Signing time: Mon 25 Nov 2024 06:46:10 +0000
ROA not before: Mon 25 Nov 2024 06:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.11.44.0/22 maxlen: 24
45.14.105.0/24 maxlen: 32
45.14.107.0/24 maxlen: 32
45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.135.40.0/22 maxlen: 32
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
92.118.188.0/24 maxlen: 32
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
193.177.220.0/24 maxlen: 32
193.177.221.0/24 maxlen: 32
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a09:6:1::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 07:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:12:0b:68:ff:a5:8d:3d:1a:ad:d1:5d:70:11:84:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 25 06:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9dc18270be1b98a44b199283d8975e1a7052f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:1b:45:83:0e:31:4a:f4:12:26:d9:20:ae:
17:fc:9b:ed:7d:04:27:11:58:71:35:14:28:40:49:
9c:ed:42:4d:87:f3:4a:94:81:0d:bb:1b:60:0d:43:
92:74:d2:9b:89:73:9a:6e:d5:18:08:a0:bb:64:61:
96:be:ab:2f:4a:db:f9:d7:ba:1e:f8:32:d1:1e:1a:
0a:7a:92:ef:d4:29:21:d7:8d:ae:7d:9f:c3:5c:f0:
9d:b9:fe:00:b5:ac:77:94:6b:65:8d:73:1b:a0:db:
5e:07:98:43:e2:b0:61:81:a6:d9:9a:6e:c9:22:d1:
27:ed:92:c4:93:e5:42:42:7b:f4:24:15:b9:a6:c7:
b0:f2:65:85:70:30:51:83:b0:5b:62:fd:a8:7a:e6:
e6:42:65:6b:0e:db:df:58:c2:6c:0e:1b:3b:9a:81:
64:47:3c:82:51:8f:86:31:d6:d6:76:44:44:b0:fb:
85:af:a2:c8:33:3b:e4:37:d4:52:17:49:0e:a1:b3:
ca:36:56:92:43:9d:8b:12:27:5d:9c:a0:3f:47:ba:
49:f4:09:2e:6c:13:93:b5:be:fd:d2:48:98:a5:c5:
ed:e1:7a:b9:df:27:67:d5:39:f7:64:1e:07:41:44:
4d:7b:60:40:b9:72:33:95:7d:97:39:e7:1a:96:32:
ad:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DC:18:27:0B:E1:B9:8A:44:B1:99:28:3D:89:75:E1:A7:05:2F:7A
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ydwYJwvhuYpEsZkoPYl14acFL3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.44.0/22
45.14.105.0/24
45.14.107.0/24
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.135.40.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
92.118.188.0/24
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
193.177.220.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:0:15::/48
2a09:6::/47
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
33:69:0e:4a:f1:73:3f:6b:3e:22:92:c9:06:78:1c:9d:e7:e1:
05:63:77:9b:5f:11:53:87:f6:ad:8e:23:d5:73:82:cc:d0:66:
d4:77:8a:a7:ad:73:9b:ed:f1:08:55:d0:c8:ce:af:99:21:e5:
74:e9:05:a9:b7:2a:41:1e:f1:0b:ff:fe:ff:48:6d:11:69:75:
4d:ab:5b:2c:00:24:ee:ca:6f:5b:b4:a0:45:a1:25:8e:48:65:
bf:4a:9c:21:28:36:4a:9f:15:8a:0a:c7:7b:4b:7b:9c:86:78:
d8:0d:cf:f9:a1:13:5e:87:cd:46:11:fa:0e:55:69:5e:01:2f:
8c:9b:6d:aa:88:55:5c:65:a7:00:54:b6:3a:8f:e8:07:cd:d9:
b6:f8:0a:ba:1d:0c:60:15:32:14:c3:d0:d6:82:4f:ba:1e:76:
f6:34:1c:c4:80:d6:ea:d5:f2:41:66:51:8c:96:09:29:f8:2d:
41:64:79:7b:4c:b2:f6:29:ef:be:a4:92:bf:57:04:d5:3c:db:
8f:ea:f4:8b:9b:99:c9:76:a2:89:52:da:ce:a7:66:93:10:42:
4f:bd:b4:c8:c8:5a:cc:77:6c:00:48:1b:cf:55:dd:62:ec:db:
e4:73:3b:81:f2:70:d8:ce:1b:01:9f:70:81:25:5a:e9:ba:f7:
84:bb:ed:1e
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAZNiEgto/6WNPRqt0V1wEYQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMTI1MDY0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRjMTgyNzBiZTFiOThhNDRiMTk5MjgzZDg5NzVlMWE3MDUyZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD8bRYMOMUr0EibZIK4X/JvtfQQn
EVhxNRQoQEmc7UJNh/NKlIENuxtgDUOSdNKbiXOabtUYCKC7ZGGWvqsvStv517oe
+DLRHhoKepLv1Ckh142ufZ/DXPCduf4Atax3lGtljXMboNteB5hD4rBhgabZmm7J
ItEn7ZLEk+VCQnv0JBW5psew8mWFcDBRg7BbYv2oeubmQmVrDtvfWMJsDhs7moFk
RzyCUY+GMdbWdkREsPuFr6LIMzvkN9RSF0kOobPKNlaSQ52LEiddnKA/R7pJ9Aku
bBOTtb790kiYpcXt4Xq53ydn1Tn3ZB4HQURNe2BAuXIzlX2XOecaljKtSQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFMncGCcL4bmKRLGZKD2JdeGnBS96MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEveWR3WUp3dmh1WXBFc1prb1BZbDE0YWNGTDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRAYIKwYBBQUHAQcBAf8EggEzMIIBLzCBtwQCAAEwgbAD
BAItCywDBAAtDmkDBAAtDmsDBAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gD
BAIthygDBAIti8ADBAItj+gDBAJQQsQDBABcdrwDBAJefHQDBAJf1qQDBAKNYsQD
BAKVPiwDBAK5wjQDBAK5yEADBAO53tgDBAC5+FcDBAHBbx4DBAHBsdwDBADCJBgD
BALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBzBAIAAjBtAwUDKgZPwAMF
AyoGV8ADBQMqB+kAAwUDKgf6AAMHACoJAAAAFQMHASoJAAYAAAMFAyoM7UADBQMq
DR/AAwUDKg02QAMFAyoNQ0ADBQMqDUvAAwUDKg11QAMFAyoN3oADBQMqDmIAAwUD
KhAmADANBgkqhkiG9w0BAQsFAAOCAQEAM2kOSvFzP2s+IpLJBngcnefhBWN3m18R
U4f2rY4j1XOCzNBm1HeKp61zm+3xCFXQyM6vmSHldOkFqbcqQR7xC//+/0htEWl1
TatbLAAk7spvW7SgRaEljkhlv0qcISg2Sp8VigrHe0t7nIZ42A3P+aETXofNRhH6
DlVpXgEvjJttqohVXGWnAFS2Oo/oB83ZtvgKuh0MYBUyFMPQ1oJPuh529jQcxIDW
6tXyQWZRjJYJKfgtQWR5e0yy9invvqSSv1cE1Tzbj+r0i5uZyXaiiVLazqdmkxBC
T720yMhazHdsAEgbz1XdYuzb5HM7gfJw2M4bAZ9wgSVa6br3hLvtHg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:39:18 2025 by rpki-client