Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/0bVkFAVP_jSXoWFlf8HgIFph3Ew.roa
File: 0bVkFAVP_jSXoWFlf8HgIFph3Ew.roa (raw, json)
Hash identifier: 7MmNjVCUsLnMjffLlQ3WENC2mPtIdjI9r9JfUWzbHWE=
Subject key identifier: D1:B5:64:14:05:4F:FE:34:97:A1:61:65:7F:C1:E0:20:5A:61:DC:4C
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018AD0A2D6A63344BF8C9D968096AE16E172
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/0bVkFAVP_jSXoWFlf8HgIFph3Ew.roa
Signing time: Tue 26 Sep 2023 08:37:27 +0000
ROA not before: Tue 26 Sep 2023 08:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a11:206::/32 maxlen: 32
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:e87:6000::/36 maxlen: 36
2a11:af01::/32 maxlen: 32
2a11:205::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a06:d900::/29 maxlen: 29
2a09:3b00::/29 maxlen: 29
2a0d:8b03::/32 maxlen: 32
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a11:200:8000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200:a000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a0d:8b04::/32 maxlen: 32
2a11:e82::/32 maxlen: 32
2a11:780::/29 maxlen: 36
2a10:c0c5::/32 maxlen: 32
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a09:4e01:a000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a11:980::/29 maxlen: 29
2a11:204::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 02 Oct 2023 11:08:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:a2:d6:a6:33:44:bf:8c:9d:96:80:96:ae:16:e1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Sep 26 08:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1b56414054ffe3497a161657fc1e0205a61dc4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:d9:f0:a4:14:a1:cf:63:79:c1:91:af:15:
ea:07:1a:54:f5:f1:bb:7e:0f:6f:83:a5:56:e2:09:
39:0a:69:9d:26:f0:9c:a1:df:8e:a8:fc:f1:ca:e6:
c6:7b:0c:13:98:01:9b:1c:54:e8:05:68:2a:e5:1a:
09:2f:bd:be:22:aa:fa:83:cc:64:13:6f:f6:88:98:
3f:b6:9c:94:3c:3b:ca:ec:c3:ea:9f:d9:cd:b0:8a:
91:ec:a1:60:18:91:44:c0:b8:62:71:47:55:74:c4:
f8:09:74:9c:07:cd:74:eb:2f:b4:10:8c:84:54:78:
60:92:aa:de:07:14:96:d9:cd:75:d8:84:48:76:a4:
52:39:83:12:9f:22:62:8f:05:1b:c7:f1:b4:ba:71:
50:53:fc:1a:70:aa:f5:4e:9f:e4:0c:25:a4:fb:6d:
d2:f1:a8:6e:6f:d8:03:c5:13:5b:23:ca:a9:db:5a:
50:f9:49:e5:f5:ec:e4:c1:b4:90:c2:5f:53:54:a0:
a1:ed:18:8a:4d:51:82:f4:86:b9:25:33:48:81:48:
cb:b0:94:f7:a7:84:e5:2e:54:85:f4:f8:1c:ec:a4:
40:f0:4e:a1:e0:fc:95:04:26:70:63:d4:1c:59:5e:
aa:fa:fd:03:b1:0e:f9:3c:2f:93:eb:95:4d:38:49:
d1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B5:64:14:05:4F:FE:34:97:A1:61:65:7F:C1:E0:20:5A:61:DC:4C
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/0bVkFAVP_jSXoWFlf8HgIFph3Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
2a09:b680::/29
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:204::-2a11:206:ffff:ffff:ffff:ffff:ffff:ffff
2a11:780::/29
2a11:980::/29
2a11:b80::/29
2a11:e82::/32
2a11:e87:6000::/36
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
72:ad:87:92:af:3d:7d:13:48:77:e4:bf:a2:c4:b5:c1:e0:3f:
a6:cd:f9:ed:26:9b:32:fe:15:52:13:aa:af:59:91:b1:4d:0e:
3f:3e:c4:4a:3b:ea:8e:91:1f:1c:f8:42:4c:b6:84:39:55:3d:
d2:c1:29:b7:03:3a:f5:b9:31:a0:f0:03:88:00:31:63:d9:c1:
20:78:99:08:86:0e:6b:89:7f:51:ce:f0:b6:d5:21:28:b1:4c:
8a:bc:ec:6c:20:66:c0:28:ff:3e:a8:95:84:af:23:56:b5:13:
4a:5f:7e:83:80:08:05:55:d1:7b:50:59:e9:c0:1b:36:69:d1:
13:55:2c:73:3c:3f:e4:f4:57:7e:b2:09:43:68:3f:86:2d:84:
29:d0:07:e7:f5:d0:e1:61:b0:64:ab:7f:1d:d1:a6:13:14:83:
06:ca:16:e5:b7:16:1f:c8:03:88:49:17:9c:26:a9:7f:fe:ff:
88:e4:c8:ff:f1:8f:ea:fe:f0:4e:46:72:7a:28:e8:1a:5c:af:
fa:60:0f:04:0d:2b:b5:91:08:1e:01:a6:a0:d7:05:b4:9c:0b:
4d:67:76:88:38:c3:59:49:fb:29:0c:94:38:87:18:5a:ea:3c:
77:1b:63:5a:05:70:ed:17:64:c6:81:43:08:36:21:ef:47:b1:
46:53:91:b1
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAYrQotamM0S/jJ2WgJauFuFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwOTI2MDgzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI1NjQxNDA1NGZmZTM0OTdhMTYxNjU3ZmMxZTAyMDVhNjFkYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug3Z8KQUoc9jecGRrxXqBxpU9fG7
fg9vg6VW4gk5CmmdJvCcod+OqPzxyubGewwTmAGbHFToBWgq5RoJL72+Iqr6g8xk
E2/2iJg/tpyUPDvK7MPqn9nNsIqR7KFgGJFEwLhicUdVdMT4CXScB8106y+0EIyE
VHhgkqreBxSW2c112IRIdqRSOYMSnyJijwUbx/G0unFQU/wacKr1Tp/kDCWk+23S
8ahub9gDxRNbI8qp21pQ+Unl9ezkwbSQwl9TVKCh7RiKTVGC9Ia5JTNIgUjLsJT3
p4TlLlSF9Pgc7KRA8E6h4PyVBCZwY9QcWV6q+v0DsQ75PC+T65VNOEnRrQIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFNG1ZBQFT/40l6FhZX/B4CBaYdxMMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvMGJWa0ZBVlBfalNYb1dGbGY4SGdJRnBoM0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITAkBAIAATAeAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIH4BAIAAjCB8QMFAyoG2QADBgQq
CTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQqCU4BkAMG
BCoJTgGgAwUDKgm2gAMFAyoM6MADBQMqDV7AMA4DBQAqDYsDAwUAKg2LBAMGBCoP
zIcAAwUDKhDAwAMFAyoQw0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIAcAMGBCoR
AgCAAwYEKhECAKAwDgMFACoRAgEDBQAqEQICMA4DBQIqEQIEAwUAKhECBgMFAyoR
B4ADBQMqEQmAAwUDKhELgAMFACoRDoIDBgQqEQ6HYAMFACoRrwEwDQYJKoZIhvcN
AQELBQADggEBAHKth5KvPX0TSHfkv6LEtcHgP6bN+e0mmzL+FVITqq9ZkbFNDj8+
xEo76o6RHxz4Qky2hDlVPdLBKbcDOvW5MaDwA4gAMWPZwSB4mQiGDmuJf1HO8LbV
ISixTIq87GwgZsAo/z6olYSvI1a1E0pffoOACAVV0XtQWenAGzZp0RNVLHM8P+T0
V36yCUNoP4YthCnQB+f10OFhsGSrfx3RphMUgwbKFuW3Fh/IA4hJF5wmqX/+/4jk
yP/xj+r+8E5Gcnoo6Bpcr/pgDwQNK7WRCB4BpqDXBbScC01ndog4w1lJ+ykMlDiH
GFrqPHcbY1oFcO0XZMaBQwg2Ie9HsUZTkbE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org